diff --git a/.github/pr-title-checker-config.json b/.github/pr-title-checker-config.json deleted file mode 100644 index c3437def33834..0000000000000 --- a/.github/pr-title-checker-config.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "LABEL": { - "name": "title needs formatting", - "color": "EEEEEE" - }, - "CHECKS": { - "prefixes": ["[Bot] docs: "], - "regexp": "^(feat|fix|docs|test|ci|chore)!?(\\(.*\\))?!?:.*" - }, - "MESSAGES": { - "success": "PR title is valid", - "failure": "PR title is invalid", - "notice": "PR Title needs to pass regex '^(feat|fix|docs|test|ci|chore)!?(\\(.*\\))?!?:.*" - } - } diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 406306bbeca2e..0ef3522b87c87 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,14 +1,11 @@ - Checklist: * [ ] Either (a) I've created an [enhancement proposal](https://github.com/argoproj/argo-cd/issues/new/choose) and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes. * [ ] The title of the PR states what changed and the related issues number (used for the release note). -* [ ] The title of the PR conforms to the [Toolchain Guide](https://argo-cd.readthedocs.io/en/latest/developer-guide/toolchain-guide/#title-of-the-pr) * [ ] I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue. * [ ] I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them. * [ ] Does this PR require documentation updates? @@ -16,8 +13,8 @@ Checklist: * [ ] Optional. My organization is added to USERS.md. * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/blob/master/community/CONTRIBUTING.md#legal) * [ ] I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged. -* [ ] My build is green ([troubleshooting builds](https://argo-cd.readthedocs.io/en/latest/developer-guide/ci/)). +* [ ] My build is green ([troubleshooting builds](https://argo-cd.readthedocs.io/en/latest/developer-guide/ci/)). * [ ] My new feature complies with the [feature status](https://github.com/argoproj/argoproj/blob/master/community/feature-status.md) guidelines. * [ ] I have added a brief description of why this PR is necessary and/or what this PR solves. - +Please see [Contribution FAQs](https://argo-cd.readthedocs.io/en/latest/developer-guide/faq/) if you have questions about your pull-request. diff --git a/.github/workflows/README.md b/.github/workflows/README.md index 6d4302d2b540c..cea27d9b8560a 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -16,7 +16,7 @@ ## image-reuse.yaml - The resuable workflow can be used to publish or build images with multiple container registries(Quay,GHCR, dockerhub), and then sign them with cosign when an image is published. -- A GO version `must` be specified e.g. 1.21 +- A GO version `must` be specified e.g. 1.19 - The image name for each registry *must* contain the tag. Note: multiple tags are allowed for each registry using a CSV type. - Multiple platforms can be specified e.g. linux/amd64,linux/arm64 - Images are not published by default. A boolean value must be set to `true` to push images. diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml index aac287b1ce0fd..90c3d4e18ae78 100644 --- a/.github/workflows/ci-build.yaml +++ b/.github/workflows/ci-build.yaml @@ -13,7 +13,7 @@ on: env: # Golang version to use across CI steps - GOLANG_VERSION: '1.21' + GOLANG_VERSION: '1.19' concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -28,9 +28,9 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.0.0 + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 with: go-version: ${{ env.GOLANG_VERSION }} - name: Download all Go modules @@ -46,9 +46,9 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.0.0 + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 with: go-version: ${{ env.GOLANG_VERSION }} - name: Restore go build cache @@ -70,16 +70,16 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.0.0 + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 with: go-version: ${{ env.GOLANG_VERSION }} - name: Run golangci-lint - uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 + uses: golangci/golangci-lint-action@0ad9a0988b3973e851ab0a07adf248ec2e100376 # v3.3.1 with: - version: v1.54.0 - args: --enable gofmt --timeout 10m --exclude SA5011 --verbose --max-issues-per-linter 0 --max-same-issues 0 + version: v1.51.0 + args: --timeout 10m --exclude SA5011 --verbose test-go: name: Run unit tests for Go packages @@ -93,11 +93,11 @@ jobs: - name: Create checkout directory run: mkdir -p ~/go/src/github.com/argoproj - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Create symlink in GOPATH run: ln -s $(pwd) ~/go/src/github.com/argoproj/argo-cd - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.0.0 + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 with: go-version: ${{ env.GOLANG_VERSION }} - name: Install required packages @@ -149,7 +149,7 @@ jobs: path: test-results/ test-go-race: - name: Run unit tests with -race for Go packages + name: Run unit tests with -race, for Go packages runs-on: ubuntu-22.04 needs: - build-go @@ -160,11 +160,11 @@ jobs: - name: Create checkout directory run: mkdir -p ~/go/src/github.com/argoproj - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Create symlink in GOPATH run: ln -s $(pwd) ~/go/src/github.com/argoproj/argo-cd - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.0.0 + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 with: go-version: ${{ env.GOLANG_VERSION }} - name: Install required packages @@ -215,9 +215,9 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.0.0 + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 with: go-version: ${{ env.GOLANG_VERSION }} - name: Create symlink in GOPATH @@ -263,11 +263,11 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Setup NodeJS - uses: actions/setup-node@bea5baf987ba7aa777a8a0b4ace377a21c45c381 # v3.8.0 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: - node-version: '20.4.0' + node-version: '18.15.0' - name: Restore node dependency cache id: cache-dependencies uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 @@ -300,7 +300,7 @@ jobs: sonar_secret: ${{ secrets.SONAR_TOKEN }} steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 with: fetch-depth: 0 - name: Restore node dependency cache @@ -325,7 +325,7 @@ jobs: name: test-results path: test-results - name: Upload code coverage information to codecov.io - uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 + uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70 # v3.1.1 with: file: coverage.out - name: Perform static code analysis using SonarCloud @@ -361,7 +361,7 @@ jobs: runs-on: ubuntu-22.04 strategy: matrix: - k3s-version: [v1.27.2, v1.26.0, v1.25.4, v1.24.3] + k3s-version: [v1.26.0, v1.25.4, v1.24.3, v1.23.3] needs: - build-go env: @@ -379,9 +379,9 @@ jobs: GITLAB_TOKEN: ${{ secrets.E2E_TEST_GITLAB_TOKEN }} steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.0.0 + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 with: go-version: ${{ env.GOLANG_VERSION }} - name: GH actions workaround - Kill XSP4 process @@ -397,7 +397,6 @@ jobs: sudo mkdir -p $HOME/.kube && sudo chown -R runner $HOME/.kube sudo k3s kubectl config view --raw > $HOME/.kube/config sudo chown runner $HOME/.kube/config - sudo chmod go-r $HOME/.kube/config kubectl version - name: Restore go build cache uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 284484e36d695..b4841d337871d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/image-reuse.yaml b/.github/workflows/image-reuse.yaml index a0a62669fc5b1..16af101306d86 100644 --- a/.github/workflows/image-reuse.yaml +++ b/.github/workflows/image-reuse.yaml @@ -58,28 +58,28 @@ jobs: image-digest: ${{ steps.image.outputs.digest }} steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.3.0 + uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.3.0 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} if: ${{ github.ref_type == 'tag'}} - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.3.0 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 if: ${{ github.ref_type != 'tag'}} - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: go-version: ${{ inputs.go-version }} - name: Install cosign - uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 # v3.1.1 + uses: sigstore/cosign-installer@c3667d99424e7e6047999fb6246c0da843953c65 # v3.0.1 with: cosign-release: 'v2.0.0' - - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - - uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 + - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0 + - uses: docker/setup-buildx-action@4b4e9c3e2d4531116a6f8ba8e71fc6e2cb6e6c8c # v2.5.0 - name: Setup tags for container image as a CSV type run: | @@ -106,7 +106,7 @@ jobs: echo 'EOF' >> $GITHUB_ENV - name: Login to Quay.io - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 with: registry: quay.io username: ${{ secrets.quay_username }} @@ -114,7 +114,7 @@ jobs: if: ${{ inputs.quay_image_name && inputs.push }} - name: Login to GitHub Container Registry - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 with: registry: ghcr.io username: ${{ secrets.ghcr_username }} @@ -122,22 +122,15 @@ jobs: if: ${{ inputs.ghcr_image_name && inputs.push }} - name: Login to dockerhub Container Registry - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 with: username: ${{ secrets.docker_username }} password: ${{ secrets.docker_password }} if: ${{ inputs.docker_image_name && inputs.push }} - - name: Set up build args for container image - run: | - echo "GIT_TAG=$(if [ -z "`git status --porcelain`" ]; then git describe --exact-match --tags HEAD 2>/dev/null; fi)" >> $GITHUB_ENV - echo "GIT_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_ENV - echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_ENV - echo "GIT_TREE_STATE=$(if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi)" >> $GITHUB_ENV - - name: Build and push container image id: image - uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 #v4.1.1 + uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 #v4.0.0 with: context: . platforms: ${{ inputs.platforms }} @@ -146,12 +139,7 @@ jobs: target: ${{ inputs.target }} provenance: false sbom: false - build-args: | - GIT_TAG=${{env.GIT_TAG}} - GIT_COMMIT=${{env.GIT_COMMIT}} - BUILD_DATE=${{env.BUILD_DATE}} - GIT_TREE_STATE=${{env.GIT_TREE_STATE}} - + - name: Sign container images run: | for signing_tag in $SIGNING_TAGS; do diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml index 56ec503c1c35d..e76d78f04501e 100644 --- a/.github/workflows/image.yaml +++ b/.github/workflows/image.yaml @@ -25,7 +25,7 @@ jobs: image-tag: ${{ steps.image.outputs.tag}} platforms: ${{ steps.platforms.outputs.platforms }} steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - name: Set image tag for ghcr run: echo "tag=$(cat ./VERSION)-${GITHUB_SHA::8}" >> $GITHUB_OUTPUT @@ -52,7 +52,7 @@ jobs: uses: ./.github/workflows/image-reuse.yaml with: # Note: cannot use env variables to set go-version (https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations) - go-version: 1.21 + go-version: 1.19 platforms: ${{ needs.set-vars.outputs.platforms }} push: false @@ -68,7 +68,7 @@ jobs: quay_image_name: quay.io/argoproj/argocd:latest ghcr_image_name: ghcr.io/argoproj/argo-cd/argocd:${{ needs.set-vars.outputs.image-tag }} # Note: cannot use env variables to set go-version (https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations) - go-version: 1.21 + go-version: 1.19 platforms: ${{ needs.set-vars.outputs.platforms }} push: true secrets: @@ -77,22 +77,21 @@ jobs: ghcr_username: ${{ github.actor }} ghcr_password: ${{ secrets.GITHUB_TOKEN }} - build-and-publish-provenance: # Push attestations to GHCR, latest image is polluting quay.io - needs: - - build-and-publish + build-and-publish-provenance: + needs: [build-and-publish] permissions: actions: read # for detecting the Github Actions environment. id-token: write # for creating OIDC tokens for signing. packages: write # for uploading attestations. (https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#known-issues) if: ${{ github.repository == 'argoproj/argo-cd' && github.event_name == 'push' }} # Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.7.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.8.0 with: - image: ghcr.io/argoproj/argo-cd/argocd + image: quay.io/argoproj/argocd digest: ${{ needs.build-and-publish.outputs.image-digest }} - registry-username: ${{ github.actor }} secrets: - registry-password: ${{ secrets.GITHUB_TOKEN }} + registry-username: ${{ secrets.RELEASE_QUAY_USERNAME }} + registry-password: ${{ secrets.RELEASE_QUAY_TOKEN }} Deploy: needs: @@ -104,7 +103,7 @@ jobs: if: ${{ github.repository == 'argoproj/argo-cd' && github.event_name == 'push' }} runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.3.0 + - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - run: git clone "https://$TOKEN@github.com/argoproj/argoproj-deployments" env: TOKEN: ${{ secrets.TOKEN }} diff --git a/.github/workflows/init-release.yaml b/.github/workflows/init-release.yaml index 39a3808b4a56e..bd032f1037200 100644 --- a/.github/workflows/init-release.yaml +++ b/.github/workflows/init-release.yaml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.2.0 + uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} @@ -56,15 +56,8 @@ jobs: make manifests-local VERSION=${{ inputs.TARGET_VERSION }} git diff - - name: Generate version compatibility table - run: | - git stash - bash hack/update-supported-versions.sh - git add -u . - git stash pop - - name: Create pull request - uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2 + uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54 # v4.2.4 with: commit-message: "Bump version to ${{ inputs.TARGET_VERSION }}" title: "Bump version to ${{ inputs.TARGET_VERSION }} on ${{ inputs.TARGET_BRANCH }} branch" diff --git a/.github/workflows/pr-title-check.yml b/.github/workflows/pr-title-check.yml index 020535d7b8afa..f81dea4696199 100644 --- a/.github/workflows/pr-title-check.yml +++ b/.github/workflows/pr-title-check.yml @@ -2,11 +2,15 @@ name: "Lint PR" on: pull_request_target: - types: [opened, edited, reopened, synchronize] + types: + - opened + - edited + - synchronize # IMPORTANT: No checkout actions, scripts, or builds should be added to this workflow. Permissions should always be used -# with extreme caution. https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target -permissions: {} +# with extreme caution. +permissions: + contents: read # PR updates can happen in quick succession leading to this # workflow being trigger a number of times. This limits it @@ -14,16 +18,24 @@ permissions: {} concurrency: group: ${{ github.workflow }}-${{ github.ref }} - jobs: - validate: + main: permissions: - contents: read - pull-requests: read - name: Validate PR Title + pull-requests: read # for amannn/action-semantic-pull-request to analyze PRs + statuses: write # for amannn/action-semantic-pull-request to mark status of analyzed PR + name: Validate PR title runs-on: ubuntu-latest steps: - - uses: thehanimo/pr-title-checker@0cf5902181e78341bb97bb06646396e5bd354b3f # v1.4.0 + # IMPORTANT: Carefully review changes when updating this action. Using the pull_request_target event requires caution. + - uses: amannn/action-semantic-pull-request@b6bca70dcd3e56e896605356ce09b76f7e1e0d39 # v5.1.0 with: + types: | + feat + fix + docs + test + ci + chore + [Bot] docs + env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - configuration_path: ".github/pr-title-checker-config.json" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 24618a8d8f596..c2412b7463cba 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -10,7 +10,7 @@ on: permissions: {} env: - GOLANG_VERSION: '1.21' # Note: go-version must also be set in job argocd-image.with.go-version + GOLANG_VERSION: '1.19' # Note: go-version must also be set in job argocd-image.with.go-version jobs: argocd-image: @@ -23,7 +23,7 @@ jobs: with: quay_image_name: quay.io/argoproj/argocd:${{ github.ref_name }} # Note: cannot use env variables to set go-version (https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations) - go-version: 1.21 + go-version: 1.19 platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le push: true secrets: @@ -38,7 +38,7 @@ jobs: packages: write # for uploading attestations. (https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#known-issues) # Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator if: github.repository == 'argoproj/argo-cd' - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.7.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.8.0 with: image: quay.io/argoproj/argocd digest: ${{ needs.argocd-image.outputs.image-digest }} @@ -59,7 +59,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} @@ -77,7 +77,7 @@ jobs: fi - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.0.0 + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 with: go-version: ${{ env.GOLANG_VERSION }} @@ -88,7 +88,7 @@ jobs: echo "GIT_TREE_STATE=$(if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi)" >> $GITHUB_ENV - name: Run GoReleaser - uses: goreleaser/goreleaser-action@3fa32b8bb5620a2c1afe798654bbad59f9da4906 # v4.4.0 + uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b # v4.2.0 id: run-goreleaser with: version: latest @@ -120,35 +120,39 @@ jobs: contents: write # Needed for release uploads if: github.repository == 'argoproj/argo-cd' # Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.7.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.8.0 with: base64-subjects: "${{ needs.goreleaser.outputs.hashes }}" provenance-name: "argocd-cli.intoto.jsonl" upload-assets: true generate-sbom: - name: Create SBOM and generate hash + name: Create Sbom and sign assets needs: - argocd-image - goreleaser permissions: contents: write # Needed for release uploads - outputs: - hashes: ${{ steps.sbom-hash.outputs.hashes}} + id-token: write # Needed for signing Sbom if: github.repository == 'argoproj/argo-cd' runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.2.0 + uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Golang - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: go-version: ${{ env.GOLANG_VERSION }} + - name: Install cosign + uses: sigstore/cosign-installer@c3667d99424e7e6047999fb6246c0da843953c65 # v3.0.1 + with: + cosign-release: 'v2.0.0' + - name: Generate SBOM (spdx) id: spdx-builder env: @@ -178,38 +182,23 @@ jobs: fi cd /tmp && tar -zcf sbom.tar.gz *.spdx - - - name: Generate SBOM hash - shell: bash - id: sbom-hash + + - name: Sign SBOM run: | - # sha256sum generates sha256 hash for sbom. - # base64 -w0 encodes to base64 and outputs on a single line. - # sha256sum /tmp/sbom.tar.gz ... | base64 -w0 - echo "hashes=$(sha256sum /tmp/sbom.tar.gz | base64 -w0)" >> "$GITHUB_OUTPUT" - - - name: Upload SBOM + cosign sign-blob \ + --output-certificate=/tmp/sbom.tar.gz.pem \ + --output-signature=/tmp/sbom.tar.gz.sig \ + -y \ + /tmp/sbom.tar.gz + + - name: Upload SBOM and signature assets uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: files: | - /tmp/sbom.tar.gz - - sbom-provenance: - needs: [generate-sbom] - permissions: - actions: read # for detecting the Github Actions environment - id-token: write # Needed for provenance signing and ID - contents: write # Needed for release uploads - if: github.repository == 'argoproj/argo-cd' - # Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.7.0 - with: - base64-subjects: "${{ needs.generate-sbom.outputs.hashes }}" - provenance-name: "argocd-sbom.intoto.jsonl" - upload-assets: true - + /tmp/sbom.tar.* + post-release: needs: - argocd-image @@ -222,7 +211,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.2.0 + uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} @@ -265,8 +254,8 @@ jobs: set -xue SOURCE_TAG=${{ github.ref_name }} VERSION_REF="${SOURCE_TAG#*v}" - if echo "$VERSION_REF" | grep -E -- '^[0-9]+\.[0-9]+\.0-rc1';then - VERSION=$(awk 'BEGIN {FS=OFS="."} {$2++; print}' <<< "${VERSION_REF%-rc1}") + if echo "$VERSION_REF" | grep -E -- '^[0-9]+\.[0-9]+\.0$';then + VERSION=$(awk 'BEGIN {FS=OFS="."} {$2++; print}' <<< "${VERSION_REF}") echo "Updating VERSION to: $VERSION" echo "UPDATE_VERSION=true" >> $GITHUB_ENV echo "NEW_VERSION=$VERSION" >> $GITHUB_ENV @@ -281,7 +270,7 @@ jobs: if: ${{ env.UPDATE_VERSION == 'true' }} - name: Create PR to update VERSION on master branch - uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2 + uses: peter-evans/create-pull-request@38e0b6e68b4c852a5500a94740f0e535e0d7ba54 # v4.2.4 with: commit-message: Bump version in master title: "chore: Bump version in master" diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 224a550616dcb..4441a5ef3638f 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -30,12 +30,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 + uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 with: results_file: results.sarif results_format: sarif diff --git a/.github/workflows/update-snyk.yaml b/.github/workflows/update-snyk.yaml index ca004f398df60..1d43987204e15 100644 --- a/.github/workflows/update-snyk.yaml +++ b/.github/workflows/update-snyk.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Build reports diff --git a/.gitignore b/.gitignore index ab17deb0db139..869bb876f8110 100644 --- a/.gitignore +++ b/.gitignore @@ -18,7 +18,6 @@ node_modules/ .kube/ ./test/cmp/*.sock .envrc.remote -.*.swp # ignore built binaries cmd/argocd/argocd diff --git a/.gitpod.Dockerfile b/.gitpod.Dockerfile index 981c5625f678e..42b5cfea72e0e 100644 --- a/.gitpod.Dockerfile +++ b/.gitpod.Dockerfile @@ -13,8 +13,6 @@ ENV GOCACHE=/go-build-cache RUN apt-get install redis-server -y RUN go install github.com/mattn/goreman@latest -RUN chown -R gitpod:gitpod /go-build-cache - USER gitpod ENV ARGOCD_REDIS_LOCAL=true diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 26341aa1d80c1..eb06e4436043b 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -114,7 +114,6 @@ changelog: exclude: - '^test:' - '^.*?Bump(\([[:word:]]+\))?.+$' - - '^.*?[Bot](\([[:word:]]+\))?.+$' # yaml-language-server: $schema=https://goreleaser.com/static/schema.json diff --git a/Dockerfile b/Dockerfile index 1822816f64a83..cf09f39ac20eb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ ARG BASE_IMAGE=docker.io/library/ubuntu:22.04@sha256:0bced47fffa3361afa981854fca # Initial stage which pulls prepares build dependencies and CLI tooling we need for our final image # Also used as the image in CI jobs so needs all dependencies #################################################################################################### -FROM docker.io/library/golang:1.21.0@sha256:ec457a2fcd235259273428a24e09900c496d0c52207266f96a330062a01e3622 AS builder +FROM docker.io/library/golang:1.19.10@sha256:83f9f840072d05ad4d90ce4ac7cb2427632d6b89d5ffc558f18f9577ec8188c0 AS builder RUN echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list @@ -83,7 +83,7 @@ WORKDIR /home/argocd #################################################################################################### # Argo CD UI stage #################################################################################################### -FROM --platform=$BUILDPLATFORM docker.io/library/node:20.5.0@sha256:32ec50b65ac9572eda92baa6004a04dbbfc8021ea806fa62d37336183cad04e6 AS argocd-ui +FROM --platform=$BUILDPLATFORM docker.io/library/node:18.15.0@sha256:8d9a875ee427897ef245302e31e2319385b092f1c3368b497e89790f240368f5 AS argocd-ui WORKDIR /src COPY ["ui/package.json", "ui/yarn.lock", "./"] @@ -101,7 +101,7 @@ RUN HOST_ARCH=$TARGETARCH NODE_ENV='production' NODE_ONLINE_ENV='online' NODE_OP #################################################################################################### # Argo CD Build stage which performs the actual build of Argo CD binaries #################################################################################################### -FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.21.0@sha256:ec457a2fcd235259273428a24e09900c496d0c52207266f96a330062a01e3622 AS argocd-build +FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.19.10@sha256:83f9f840072d05ad4d90ce4ac7cb2427632d6b89d5ffc558f18f9577ec8188c0 AS argocd-build WORKDIR /go/src/github.com/argoproj/argo-cd @@ -113,18 +113,7 @@ COPY . . COPY --from=argocd-ui /src/dist/app /go/src/github.com/argoproj/argo-cd/ui/dist/app ARG TARGETOS ARG TARGETARCH -# These build args are optional; if not specified the defaults will be taken from the Makefile -ARG GIT_TAG -ARG BUILD_DATE -ARG GIT_TREE_STATE -ARG GIT_COMMIT -RUN GIT_COMMIT=$GIT_COMMIT \ - GIT_TREE_STATE=$GIT_TREE_STATE \ - GIT_TAG=$GIT_TAG \ - BUILD_DATE=$BUILD_DATE \ - GOOS=$TARGETOS \ - GOARCH=$TARGETARCH \ - make argocd-all +RUN GOOS=$TARGETOS GOARCH=$TARGETARCH make argocd-all #################################################################################################### # Final image diff --git a/Makefile b/Makefile index 4c119188105b9..6d1a2569950a7 100644 --- a/Makefile +++ b/Makefile @@ -9,13 +9,11 @@ GEN_RESOURCES_CLI_NAME=argocd-resources-gen HOST_OS:=$(shell go env GOOS) HOST_ARCH:=$(shell go env GOARCH) -TARGET_ARCH?=linux/amd64 - VERSION=$(shell cat ${CURRENT_DIR}/VERSION) -BUILD_DATE:=$(if $(BUILD_DATE),$(BUILD_DATE),$(shell date -u +'%Y-%m-%dT%H:%M:%SZ')) -GIT_COMMIT:=$(if $(GIT_COMMIT),$(GIT_COMMIT),$(shell git rev-parse HEAD)) -GIT_TAG:=$(if $(GIT_TAG),$(GIT_TAG),$(shell if [ -z "`git status --porcelain`" ]; then git describe --exact-match --tags HEAD 2>/dev/null; fi)) -GIT_TREE_STATE:=$(if $(GIT_TREE_STATE),$(GIT_TREE_STATE),$(shell if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi)) +BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ') +GIT_COMMIT=$(shell git rev-parse HEAD) +GIT_TAG=$(shell if [ -z "`git status --porcelain`" ]; then git describe --exact-match --tags HEAD 2>/dev/null; fi) +GIT_TREE_STATE=$(shell if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi) VOLUME_MOUNT=$(shell if test "$(go env GOOS)" = "darwin"; then echo ":delegated"; elif test selinuxenabled; then echo ":delegated"; else echo ""; fi) KUBECTL_VERSION=$(shell go list -m k8s.io/client-go | head -n 1 | rev | cut -d' ' -f1 | rev) @@ -148,8 +146,7 @@ override LDFLAGS += \ -X ${PACKAGE}.buildDate=${BUILD_DATE} \ -X ${PACKAGE}.gitCommit=${GIT_COMMIT} \ -X ${PACKAGE}.gitTreeState=${GIT_TREE_STATE}\ - -X ${PACKAGE}.kubectlVersion=${KUBECTL_VERSION}\ - -X "${PACKAGE}.extraBuildInfo=${EXTRA_BUILD_INFO}" + -X ${PACKAGE}.kubectlVersion=${KUBECTL_VERSION} ifeq (${STATIC_BUILD}, true) override LDFLAGS += -extldflags "-static" @@ -285,7 +282,7 @@ controller: .PHONY: build-ui build-ui: - DOCKER_BUILDKIT=1 docker build -t argocd-ui --platform=$(TARGET_ARCH) --target argocd-ui . + DOCKER_BUILDKIT=1 docker build -t argocd-ui --target argocd-ui . find ./ui/dist -type f -not -name gitkeep -delete docker run -v ${CURRENT_DIR}/ui/dist/app:/tmp/app --rm -t argocd-ui sh -c 'cp -r ./dist/app/* /tmp/app/' @@ -296,7 +293,7 @@ ifeq ($(DEV_IMAGE), true) # the dist directory is under .dockerignore. IMAGE_TAG="dev-$(shell git describe --always --dirty)" image: build-ui - DOCKER_BUILDKIT=1 docker build --platform=$(TARGET_ARCH) -t argocd-base --target argocd-base . + DOCKER_BUILDKIT=1 docker build --platform=linux/amd64 -t argocd-base --target argocd-base . CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GODEBUG="tarinsecurepath=0,zipinsecurepath=0" go build -v -ldflags '${LDFLAGS}' -o ${DIST_DIR}/argocd ./cmd ln -sfn ${DIST_DIR}/argocd ${DIST_DIR}/argocd-server ln -sfn ${DIST_DIR}/argocd ${DIST_DIR}/argocd-application-controller @@ -304,10 +301,10 @@ image: build-ui ln -sfn ${DIST_DIR}/argocd ${DIST_DIR}/argocd-cmp-server ln -sfn ${DIST_DIR}/argocd ${DIST_DIR}/argocd-dex cp Dockerfile.dev dist - DOCKER_BUILDKIT=1 docker build --platform=$(TARGET_ARCH) -t $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) -f dist/Dockerfile.dev dist + DOCKER_BUILDKIT=1 docker build --platform=linux/amd64 -t $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) -f dist/Dockerfile.dev dist else image: - DOCKER_BUILDKIT=1 docker build -t $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) --platform=$(TARGET_ARCH) . + DOCKER_BUILDKIT=1 docker build -t $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) . endif @if [ "$(DOCKER_PUSH)" = "true" ] ; then docker push $(IMAGE_PREFIX)argocd:$(IMAGE_TAG) ; fi @@ -352,7 +349,7 @@ lint-local: golangci-lint --version # NOTE: If you get a "Killed" OOM message, try reducing the value of GOGC # See https://github.com/golangci/golangci-lint#memory-usage-of-golangci-lint - GOGC=$(ARGOCD_LINT_GOGC) GOMAXPROCS=2 golangci-lint run --enable gofmt --fix --verbose --timeout 3000s --max-issues-per-linter 0 --max-same-issues 0 + GOGC=$(ARGOCD_LINT_GOGC) GOMAXPROCS=2 golangci-lint run --fix --verbose --timeout 3000s .PHONY: lint-ui lint-ui: test-tools-image @@ -459,8 +456,6 @@ start-e2e-local: mod-vendor-local dep-ui-local cli-local ARGOCD_IN_CI=$(ARGOCD_IN_CI) \ BIN_MODE=$(ARGOCD_BIN_MODE) \ ARGOCD_APPLICATION_NAMESPACES=argocd-e2e-external \ - ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES=argocd-e2e-external \ - ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS=http://127.0.0.1:8341,http://127.0.0.1:8342,http://127.0.0.1:8343,http://127.0.0.1:8344 \ ARGOCD_E2E_TEST=true \ goreman -f $(ARGOCD_PROCFILE) start ${ARGOCD_START} @@ -652,4 +647,4 @@ help: @echo 'codegen:' @echo ' codegen(-local) -- if using -local, run the following targets first' @echo ' install-codegen-tools-local -- run this to install the codegen tools' - @echo ' install-go-tools-local -- run this to install go libraries for codegen' + @echo ' install-go-tools-local -- run this to install go libraries for codegen' \ No newline at end of file diff --git a/Procfile b/Procfile index 2bb26a086fb1d..d8557c81ea19a 100644 --- a/Procfile +++ b/Procfile @@ -1,12 +1,12 @@ controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-application-controller $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --otlp-address=${ARGOCD_OTLP_ADDRESS} --application-namespaces=${ARGOCD_APPLICATION_NAMESPACES:-''}" api-server: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-server $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --disable-auth=${ARGOCD_E2E_DISABLE_AUTH:-'true'} --insecure --dex-server http://localhost:${ARGOCD_E2E_DEX_PORT:-5556} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --port ${ARGOCD_E2E_APISERVER_PORT:-8080} --otlp-address=${ARGOCD_OTLP_ADDRESS} --application-namespaces=${ARGOCD_APPLICATION_NAMESPACES:-''}" -dex: sh -c "ARGOCD_BINARY_NAME=argocd-dex go run github.com/argoproj/argo-cd/v2/cmd gendexcfg -o `pwd`/dist/dex.yaml && (test -f dist/dex.yaml || { echo 'Failed to generate dex configuration'; exit 1; }) && docker run --rm -p ${ARGOCD_E2E_DEX_PORT:-5556}:${ARGOCD_E2E_DEX_PORT:-5556} -v `pwd`/dist/dex.yaml:/dex.yaml ghcr.io/dexidp/dex:$(grep "image: ghcr.io/dexidp/dex" manifests/base/dex/argocd-dex-server-deployment.yaml | cut -d':' -f3) dex serve /dex.yaml" -redis: bash -c "if [ \"$ARGOCD_REDIS_LOCAL\" = 'true' ]; then redis-server --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; else docker run --rm --name argocd-redis -i -p ${ARGOCD_E2E_REDIS_PORT:-6379}:${ARGOCD_E2E_REDIS_PORT:-6379} docker.io/library/redis:$(grep "image: redis" manifests/base/redis/argocd-redis-deployment.yaml | cut -d':' -f3) --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; fi" +dex: sh -c "ARGOCD_BINARY_NAME=argocd-dex go run github.com/argoproj/argo-cd/v2/cmd gendexcfg -o `pwd`/dist/dex.yaml && docker run --rm -p ${ARGOCD_E2E_DEX_PORT:-5556}:${ARGOCD_E2E_DEX_PORT:-5556} -v `pwd`/dist/dex.yaml:/dex.yaml ghcr.io/dexidp/dex:$(grep "image: ghcr.io/dexidp/dex" manifests/base/dex/argocd-dex-server-deployment.yaml | cut -d':' -f3) dex serve /dex.yaml" +redis: bash -c "if [ \"$ARGOCD_REDIS_LOCAL\" = 'true' ]; then redis-server --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; else docker run --rm --name argocd-redis -i -p ${ARGOCD_E2E_REDIS_PORT:-6379}:${ARGOCD_E2E_REDIS_PORT:-6379} redis:$(grep "image: redis" manifests/base/redis/argocd-redis-deployment.yaml | cut -d':' -f3) --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; fi" repo-server: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_GNUPGHOME=${ARGOCD_GNUPGHOME:-/tmp/argocd-local/gpg/keys} ARGOCD_PLUGINSOCKFILEPATH=${ARGOCD_PLUGINSOCKFILEPATH:-./test/cmp} ARGOCD_GPG_DATA_PATH=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source} ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-repo-server ARGOCD_GPG_ENABLED=${ARGOCD_GPG_ENABLED:-false} $COMMAND --loglevel debug --port ${ARGOCD_E2E_REPOSERVER_PORT:-8081} --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --otlp-address=${ARGOCD_OTLP_ADDRESS}" cmp-server: [ "$ARGOCD_E2E_TEST" = 'true' ] && exit 0 || [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_BINARY_NAME=argocd-cmp-server ARGOCD_PLUGINSOCKFILEPATH=${ARGOCD_PLUGINSOCKFILEPATH:-./test/cmp} $COMMAND --config-dir-path ./test/cmp --loglevel debug --otlp-address=${ARGOCD_OTLP_ADDRESS}" ui: sh -c 'cd ui && ${ARGOCD_E2E_YARN_CMD:-yarn} start' git-server: test/fixture/testrepos/start-git.sh helm-registry: test/fixture/testrepos/start-helm-registry.sh dev-mounter: [[ "$ARGOCD_E2E_TEST" != "true" ]] && go run hack/dev-mounter/main.go --configmap argocd-ssh-known-hosts-cm=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} --configmap argocd-tls-certs-cm=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} --configmap argocd-gpg-keys-cm=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source} -applicationset-controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-applicationset-controller $COMMAND --loglevel debug --metrics-addr localhost:12345 --probe-addr localhost:12346 --argocd-repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081}" +applicationset-controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_ASK_PASS_SOCK=/tmp/applicationset-ask-pass.sock ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-applicationset-controller $COMMAND --loglevel debug --metrics-addr localhost:12345 --probe-addr localhost:12346 --argocd-repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081}" notification: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_BINARY_NAME=argocd-notifications $COMMAND --loglevel debug" diff --git a/README.md b/README.md index ef5664de5b5b7..9dcf47c1d1bed 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ **Releases:** [![Release Version](https://img.shields.io/github/v/release/argoproj/argo-cd?label=argo-cd)](https://github.com/argoproj/argo-cd/releases/latest) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo-cd)](https://artifacthub.io/packages/helm/argo/argo-cd) -[![SLSA 3](https://slsa.dev/images/gh-badge-level3.svg)](https://slsa.dev) **Code:** [![Integration tests](https://github.com/argoproj/argo-cd/workflows/Integration%20tests/badge.svg?branch=master)](https://github.com/argoproj/argo-cd/actions?query=workflow%3A%22Integration+tests%22) @@ -56,7 +55,7 @@ Participation in the Argo CD project is governed by the [CNCF Code of Conduct](h ### Blogs and Presentations 1. [Awesome-Argo: A Curated List of Awesome Projects and Resources Related to Argo](https://github.com/terrytangyuan/awesome-argo) -1. [Unveil the Secret Ingredients of Continuous Delivery at Enterprise Scale with Argo CD](https://akuity.io/blog/unveil-the-secret-ingredients-of-continuous-delivery-at-enterprise-scale-with-argocd-kubecon-china-2021/) +1. [Unveil the Secret Ingredients of Continuous Delivery at Enterprise Scale with Argo CD](https://blog.akuity.io/unveil-the-secret-ingredients-of-continuous-delivery-at-enterprise-scale-with-argo-cd-7c5b4057ee49) 1. [GitOps Without Pipelines With ArgoCD Image Updater](https://youtu.be/avPUQin9kzU) 1. [Combining Argo CD (GitOps), Crossplane (Control Plane), And KubeVela (OAM)](https://youtu.be/eEcgn_gU3SM) 1. [How to Apply GitOps to Everything - Combining Argo CD and Crossplane](https://youtu.be/yrj4lmScKHQ) diff --git a/SECURITY.md b/SECURITY.md index 479cd5ef29c97..0495f134ab737 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -50,7 +50,7 @@ of releasing it within a patch branch for the currently supported releases. ## Reporting a Vulnerability -If you find a security related bug in Argo CD, we kindly ask you for responsible +If you find a security related bug in ArgoCD, we kindly ask you for responsible disclosure and for giving us appropriate time to react, analyze and develop a fix to mitigate the found security vulnerability. @@ -63,10 +63,9 @@ We will publish security advisories using the feature to keep our community well-informed, and will credit you for your findings (unless you prefer to stay anonymous, of course). -There are two ways to report a vulnerability to the Argo CD team: +Please report vulnerabilities by e-mail to the following address: -* By opening a draft GitHub security advisory: https://github.com/argoproj/argo-cd/security/advisories/new -* By e-mail to the following address: cncf-argo-security@lists.cncf.io +* cncf-argo-security@lists.cncf.io ## Internet Bug Bounty collaboration diff --git a/USERS.md b/USERS.md index e4737c062bbe2..3cace33265d03 100644 --- a/USERS.md +++ b/USERS.md @@ -14,7 +14,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Adyen](https://www.adyen.com) 1. [AirQo](https://airqo.net/) 1. [Akuity](https://akuity.io/) -1. [Albert Heijn](https://ah.nl/) 1. [Alibaba Group](https://www.alibabagroup.com/) 1. [Allianz Direct](https://www.allianzdirect.de/) 1. [Amadeus IT Group](https://amadeus.com/) @@ -24,7 +23,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [AppDirect](https://www.appdirect.com) 1. [Arctiq Inc.](https://www.arctiq.ca) 1. [ARZ Allgemeines Rechenzentrum GmbH](https://www.arz.at/) -2. [Autodesk](https://www.autodesk.com) 1. [Axual B.V.](https://axual.com) 1. [Back Market](https://www.backmarket.com) 1. [Baloise](https://www.baloise.com) @@ -35,37 +33,33 @@ Currently, the following organizations are **officially** using Argo CD: 1. [BigPanda](https://bigpanda.io) 1. [BioBox Analytics](https://biobox.io) 1. [BMW Group](https://www.bmwgroup.com/) +1. [PT Boer Technology (Btech)](https://btech.id/) 1. [Boozt](https://www.booztgroup.com/) 1. [Boticario](https://www.boticario.com.br/) 1. [Bulder Bank](https://bulderbank.no) 1. [Camptocamp](https://camptocamp.com) -1. [Candis](https://www.candis.io) 1. [Capital One](https://www.capitalone.com) 1. [CARFAX](https://www.carfax.com) 1. [CARFAX Europe](https://www.carfax.eu) -1. [Carrefour Group](https://www.carrefour.com) 1. [Casavo](https://casavo.com) 1. [Celonis](https://www.celonis.com/) 1. [CERN](https://home.cern/) 1. [Chargetrip](https://chargetrip.com) -1. [Chainnodes](https://chainnodes.org) 1. [Chime](https://www.chime.com) 1. [Cisco ET&I](https://eti.cisco.com/) 1. [Cloud Posse](https://www.cloudposse.com/) 1. [Cloud Scale](https://cloudscaleinc.com/) 1. [Cloudmate](https://cloudmt.co.kr/) -1. [Cloudogu](https://cloudogu.com/) 1. [Cobalt](https://www.cobalt.io/) 1. [Codefresh](https://www.codefresh.io/) 1. [Codility](https://www.codility.com/) 1. [Commonbond](https://commonbond.co/) 1. [Coralogix](https://coralogix.com/) -1. [Crédit Agricole CIB](https://www.ca-cib.com) 1. [CROZ d.o.o.](https://croz.net/) +1. [Crédit Agricole CIB](https://www.ca-cib.com) 1. [CyberAgent](https://www.cyberagent.co.jp/en/) 1. [Cybozu](https://cybozu-global.com) 1. [D2iQ](https://www.d2iq.com) -1. [DaoCloud](https://daocloud.io/) 1. [Datarisk](https://www.datarisk.io/) 1. [Deloitte](https://www.deloitte.com/) 1. [Deutsche Telekom AG](https://telekom.com) @@ -87,7 +81,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Farfetch](https://www.farfetch.com) 1. [Faro](https://www.faro.com/) 1. [Fave](https://myfave.com) -1. [Flexport](https://www.flexport.com/) 1. [Flip](https://flip.id) 1. [Fonoa](https://www.fonoa.com/) 1. [freee](https://corp.freee.co.jp/en/company/) @@ -106,8 +99,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [GlueOps](https://glueops.dev) 1. [GMETRI](https://gmetri.com/) 1. [Gojek](https://www.gojek.io/) -1. [GoTo](https://www.goto.com/) -1. [GoTo Financial](https://gotofinancial.com/) 1. [Greenpass](https://www.greenpass.com.br/) 1. [Gridfuse](https://gridfuse.com/) 1. [Groww](https://groww.in) @@ -119,7 +110,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [hipages](https://hipages.com.au/) 1. [Hiya](https://hiya.com) 1. [Honestbank](https://honestbank.com) -1. [Hostinger](https://www.hostinger.com) 1. [IBM](https://www.ibm.com/) 1. [Ibotta](https://home.ibotta.com) 1. [IITS-Consulting](https://iits-consulting.de) @@ -129,16 +119,14 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Info Support](https://www.infosupport.com/) 1. [InsideBoard](https://www.insideboard.com) 1. [Intuit](https://www.intuit.com/) -1. [Jellysmack](https://www.jellysmack.com) 1. [Joblift](https://joblift.com/) 1. [JovianX](https://www.jovianx.com/) 1. [Kaltura](https://corp.kaltura.com/) 1. [Kandji](https://www.kandji.io/) -1. [Karrot](https://www.daangn.com/) 1. [KarrotPay](https://www.daangnpay.com/) +1. [Karrot](https://www.daangn.com/) 1. [Kasa](https://kasa.co.kr/) 1. [Keeeb](https://www.keeeb.com/) -1. [KelkooGroup](https://www.kelkoogroup.com) 1. [Keptn](https://keptn.sh) 1. [Kinguin](https://www.kinguin.net/) 1. [KintoHub](https://www.kintohub.com/) @@ -151,7 +139,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Lightricks](https://www.lightricks.com/) 1. [LINE](https://linecorp.com/en/) 1. [Loom](https://www.loom.com/) -1. [Lucid Motors](https://www.lucidmotors.com/) 1. [Lytt](https://www.lytt.co/) 1. [Magic Leap](https://www.magicleap.com/) 1. [Majid Al Futtaim](https://www.majidalfuttaim.com/) @@ -162,12 +149,10 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Max Kelsen](https://www.maxkelsen.com/) 1. [MeDirect](https://medirect.com.mt/) 1. [Meican](https://meican.com/) -1. [Meilleurs Agents](https://www.meilleursagents.com/) 1. [Mercedes-Benz Tech Innovation](https://www.mercedes-benz-techinnovation.com/) 1. [Metanet](http://www.metanet.co.kr/en/) 1. [MindSpore](https://mindspore.cn) 1. [Mirantis](https://mirantis.com/) -1. [Mission Lane](https://missionlane.com) 1. [mixi Group](https://mixi.co.jp/) 1. [Moengage](https://www.moengage.com/) 1. [Money Forward](https://corp.moneyforward.com/en/) @@ -183,7 +168,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Objective](https://www.objective.com.br/) 1. [OCCMundial](https://occ.com.mx) 1. [Octadesk](https://octadesk.com) -1. [Olfeo](https://www.olfeo.com/) 1. [omegaUp](https://omegaUp.com) 1. [Omni](https://omni.se/) 1. [openEuler](https://openeuler.org) @@ -196,11 +180,10 @@ Currently, the following organizations are **officially** using Argo CD: 1. [OpsVerse](https://opsverse.io) 1. [Optoro](https://www.optoro.com/) 1. [Orbital Insight](https://orbitalinsight.com/) -1. [Oscar Health Insurance](https://hioscar.com/) 1. [p3r](https://www.p3r.one/) 1. [Packlink](https://www.packlink.com/) -1. [PagerDuty](https://www.pagerduty.com/) 1. [Pandosearch](https://www.pandosearch.com/en/home) +1. [PagerDuty](https://www.pagerduty.com/) 1. [Patreon](https://www.patreon.com/) 1. [PayPay](https://paypay.ne.jp/) 1. [Peloton Interactive](https://www.onepeloton.com/) @@ -211,13 +194,9 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Polarpoint.io](https://polarpoint.io) 1. [PostFinance](https://github.com/postfinance) 1. [Preferred Networks](https://preferred.jp/en/) -1. [Previder BV](https://previder.nl) -1. [Procore](https://www.procore.com) 1. [Productboard](https://www.productboard.com/) 1. [Prudential](https://prudential.com.sg) -1. [PT Boer Technology (Btech)](https://btech.id/) 1. [PUBG](https://www.pubg.com) -1. [Puzzle ITC](https://www.puzzle.ch/) 1. [Qonto](https://qonto.com) 1. [QuintoAndar](https://quintoandar.com.br) 1. [Quipper](https://www.quipper.com/) @@ -237,7 +216,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Sap Labs](http://sap.com) 1. [Sauce Labs](https://saucelabs.com/) 1. [Schwarz IT](https://jobs.schwarz/it-mission) -1. [SEEK](https://seek.com.au) 1. [SI Analytics](https://si-analytics.ai) 1. [Skit](https://skit.ai/) 1. [Skyscanner](https://www.skyscanner.net/) @@ -252,7 +230,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Spendesk](https://spendesk.com/) 1. [Splunk](https://splunk.com/) 1. [Spores Labs](https://spores.app) -1. [StreamNative](https://streamnative.io) 1. [Stuart](https://stuart.com/) 1. [Sumo Logic](https://sumologic.com/) 1. [Sutpc](http://www.sutpc.com/) @@ -266,7 +243,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Techcombank](https://www.techcombank.com.vn/trang-chu) 1. [Technacy](https://www.technacy.it/) 1. [Tesla](https://tesla.com/) -1. [The Scale Factory](https://www.scalefactory.com/) 1. [ThousandEyes](https://www.thousandeyes.com/) 1. [Ticketmaster](https://ticketmaster.com) 1. [Tiger Analytics](https://www.tigeranalytics.com/) @@ -277,7 +253,6 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Trusting Social](https://trustingsocial.com/) 1. [Twilio SendGrid](https://sendgrid.com) 1. [tZERO](https://www.tzero.com/) -1. [U.S. Veterans Affairs Department](https://www.va.gov/) 1. [UBIO](https://ub.io/) 1. [UFirstGroup](https://www.ufirstgroup.com/en/) 1. [ungleich.ch](https://ungleich.ch/) @@ -285,9 +260,7 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Universidad Mesoamericana](https://www.umes.edu.gt/) 1. [Urbantz](https://urbantz.com/) 1. [Vectra](https://www.vectra.ai) -1. [Veepee](https://www.veepee.com) 1. [Viaduct](https://www.viaduct.ai/) -1. [VietMoney](https://vietmoney.vn/) 1. [Vinted](https://vinted.com/) 1. [Virtuo](https://www.govirtuo.com/) 1. [VISITS Technologies](https://visits.world/en) @@ -308,6 +281,5 @@ Currently, the following organizations are **officially** using Argo CD: 1. [Yieldlab](https://www.yieldlab.de/) 1. [Youverify](https://youverify.co/) 1. [Yubo](https://www.yubo.live/) -1. [ZDF](https://www.zdf.de/) 1. [Zimpler](https://www.zimpler.com/) 1. [ZOZO](https://corp.zozo.com/) diff --git a/VERSION b/VERSION index c8e38b614057b..4712731cc044d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.9.0 +2.7.12 diff --git a/applicationset/controllers/applicationset_controller.go b/applicationset/controllers/applicationset_controller.go index 815e808287b21..109f0649452ff 100644 --- a/applicationset/controllers/applicationset_controller.go +++ b/applicationset/controllers/applicationset_controller.go @@ -32,7 +32,6 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/event" "sigs.k8s.io/controller-runtime/pkg/handler" @@ -43,7 +42,6 @@ import ( "github.com/argoproj/argo-cd/v2/applicationset/utils" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/util/db" - "github.com/argoproj/argo-cd/v2/util/glob" argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned" @@ -58,10 +56,6 @@ const ( // https://github.com/argoproj-labs/argocd-notifications/blob/33d345fa838829bb50fca5c08523aba380d2c12b/pkg/controller/state.go#L17 NotifiedAnnotationKey = "notified.notifications.argoproj.io" ReconcileRequeueOnValidationError = time.Minute * 3 - - // LabelKeyAppSetInstance is the label key to use to uniquely identify the apps of an applicationset - // The ArgoCD applicationset name is used as the instance name - LabelKeyAppSetInstance = "argocd.argoproj.io/application-set-name" ) var ( @@ -74,19 +68,16 @@ var ( // ApplicationSetReconciler reconciles a ApplicationSet object type ApplicationSetReconciler struct { client.Client - Scheme *runtime.Scheme - Recorder record.EventRecorder - Generators map[string]generators.Generator - ArgoDB db.ArgoDB - ArgoAppClientset appclientset.Interface - KubeClientset kubernetes.Interface - Policy argov1alpha1.ApplicationsSyncPolicy - EnablePolicyOverride bool + Scheme *runtime.Scheme + Recorder record.EventRecorder + Generators map[string]generators.Generator + ArgoDB db.ArgoDB + ArgoAppClientset appclientset.Interface + KubeClientset kubernetes.Interface + utils.Policy utils.Renderer - ArgoCDNamespace string - ApplicationSetNamespaces []string - EnableProgressiveSyncs bool - SCMRootCAPath string + + EnableProgressiveSyncs bool } // +kubebuilder:rbac:groups=argoproj.io,resources=applicationsets,verbs=get;list;watch;create;update;patch;delete @@ -129,7 +120,7 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque parametersGenerated = true - validateErrors, err := r.validateGeneratedApplications(ctx, desiredApplications, applicationSetInfo) + validateErrors, err := r.validateGeneratedApplications(ctx, desiredApplications, applicationSetInfo, req.Namespace) if err != nil { // While some generators may return an error that requires user intervention, // other generators reference external resources that may change to cause @@ -230,7 +221,7 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque } } - if utils.DefaultPolicy(applicationSetInfo.Spec.SyncPolicy, r.Policy, r.EnablePolicyOverride).AllowUpdate() { + if r.Policy.Update() { err = r.createOrUpdateInCluster(ctx, applicationSetInfo, validApps) if err != nil { _ = r.setApplicationSetStatusCondition(ctx, @@ -260,7 +251,7 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque } } - if utils.DefaultPolicy(applicationSetInfo.Spec.SyncPolicy, r.Policy, r.EnablePolicyOverride).AllowDelete() { + if r.Policy.Delete() { err = r.deleteInCluster(ctx, applicationSetInfo, desiredApplications) if err != nil { _ = r.setApplicationSetStatusCondition(ctx, @@ -295,6 +286,7 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque } requeueAfter := r.getMinRequeueAfter(&applicationSetInfo) + logCtx.WithField("requeueAfter", requeueAfter).Info("end reconcile") if len(validateErrors) == 0 { if err := r.setApplicationSetStatusCondition(ctx, @@ -308,13 +300,8 @@ func (r *ApplicationSetReconciler) Reconcile(ctx context.Context, req ctrl.Reque ); err != nil { return ctrl.Result{}, err } - } else if requeueAfter == time.Duration(0) { - // Ensure that the request is requeued if there are validation errors. - requeueAfter = ReconcileRequeueOnValidationError } - logCtx.WithField("requeueAfter", requeueAfter).Info("end reconcile") - return ctrl.Result{ RequeueAfter: requeueAfter, }, nil @@ -424,7 +411,7 @@ func (r *ApplicationSetReconciler) setApplicationSetStatusCondition(ctx context. // validateGeneratedApplications uses the Argo CD validation functions to verify the correctness of the // generated applications. -func (r *ApplicationSetReconciler) validateGeneratedApplications(ctx context.Context, desiredApplications []argov1alpha1.Application, applicationSetInfo argov1alpha1.ApplicationSet) (map[int]error, error) { +func (r *ApplicationSetReconciler) validateGeneratedApplications(ctx context.Context, desiredApplications []argov1alpha1.Application, applicationSetInfo argov1alpha1.ApplicationSet, namespace string) (map[int]error, error) { errorsByIndex := map[int]error{} namesSet := map[string]bool{} for i, app := range desiredApplications { @@ -436,7 +423,7 @@ func (r *ApplicationSetReconciler) validateGeneratedApplications(ctx context.Con continue } - proj, err := r.ArgoAppClientset.ArgoprojV1alpha1().AppProjects(r.ArgoCDNamespace).Get(ctx, app.Spec.GetProject(), metav1.GetOptions{}) + proj, err := r.ArgoAppClientset.ArgoprojV1alpha1().AppProjects(namespace).Get(ctx, app.Spec.GetProject(), metav1.GetOptions{}) if err != nil { if apierr.IsNotFound(err) { errorsByIndex[i] = fmt.Errorf("application references project %s which does not exist", app.Spec.Project) @@ -445,14 +432,14 @@ func (r *ApplicationSetReconciler) validateGeneratedApplications(ctx context.Con return nil, err } - if err := utils.ValidateDestination(ctx, &app.Spec.Destination, r.KubeClientset, r.ArgoCDNamespace); err != nil { + if err := utils.ValidateDestination(ctx, &app.Spec.Destination, r.KubeClientset, namespace); err != nil { errorsByIndex[i] = fmt.Errorf("application destination spec is invalid: %s", err.Error()) continue } conditions, err := argoutil.ValidatePermissions(ctx, &app.Spec, proj, r.ArgoDB) if err != nil { - return nil, fmt.Errorf("error validating permissions: %s", err) + return nil, err } if len(conditions) > 0 { errorsByIndex[i] = fmt.Errorf("application spec is invalid: %s", argoutil.FormatAppConditions(conditions)) @@ -516,13 +503,9 @@ func (r *ApplicationSetReconciler) generateApplications(applicationSetInfo argov for _, a := range t { tmplApplication := getTempApplication(a.Template) - if tmplApplication.Labels == nil { - tmplApplication.Labels = make(map[string]string) - } - tmplApplication.Labels[LabelKeyAppSetInstance] = applicationSetInfo.Name for _, p := range a.Params { - app, err := r.Renderer.RenderTemplateParams(tmplApplication, applicationSetInfo.Spec.SyncPolicy, p, applicationSetInfo.Spec.GoTemplate, applicationSetInfo.Spec.GoTemplateOptions) + app, err := r.Renderer.RenderTemplateParams(tmplApplication, applicationSetInfo.Spec.SyncPolicy, p, applicationSetInfo.Spec.GoTemplate) if err != nil { log.WithError(err).WithField("params", a.Params).WithField("generator", requestedGenerator). Error("error generating application from params") @@ -544,15 +527,7 @@ func (r *ApplicationSetReconciler) generateApplications(applicationSetInfo argov return res, applicationSetReason, firstError } -func ignoreNotAllowedNamespaces(namespaces []string) predicate.Predicate { - return predicate.Funcs{ - CreateFunc: func(e event.CreateEvent) bool { - return glob.MatchStringInList(namespaces, e.Object.GetNamespace(), false) - }, - } -} - -func (r *ApplicationSetReconciler) SetupWithManager(mgr ctrl.Manager, enableProgressiveSyncs bool, maxConcurrentReconciliations int) error { +func (r *ApplicationSetReconciler) SetupWithManager(mgr ctrl.Manager, enableProgressiveSyncs bool) error { if err := mgr.GetFieldIndexer().IndexField(context.TODO(), &argov1alpha1.Application{}, ".metadata.controller", func(rawObj client.Object) []string { // grab the job object, extract the owner... app := rawObj.(*argov1alpha1.Application) @@ -573,11 +548,9 @@ func (r *ApplicationSetReconciler) SetupWithManager(mgr ctrl.Manager, enableProg ownsHandler := getOwnsHandlerPredicates(enableProgressiveSyncs) - return ctrl.NewControllerManagedBy(mgr).WithOptions(controller.Options{ - MaxConcurrentReconciles: maxConcurrentReconciliations, - }).For(&argov1alpha1.ApplicationSet{}). + return ctrl.NewControllerManagedBy(mgr). + For(&argov1alpha1.ApplicationSet{}). Owns(&argov1alpha1.Application{}, builder.WithPredicates(ownsHandler)). - WithEventFilter(ignoreNotAllowedNamespaces(r.ApplicationSetNamespaces)). Watches( &source.Kind{Type: &corev1.Secret{}}, &clusterSecretEventHandler{ @@ -696,7 +669,7 @@ func (r *ApplicationSetReconciler) getCurrentApplications(_ context.Context, app err := r.Client.List(context.Background(), ¤t, client.MatchingFields{".metadata.controller": applicationSet.Name}) if err != nil { - return nil, fmt.Errorf("error retrieving applications: %w", err) + return nil, err } return current.Items, nil @@ -708,7 +681,7 @@ func (r *ApplicationSetReconciler) deleteInCluster(ctx context.Context, applicat // settingsMgr := settings.NewSettingsManager(context.TODO(), r.KubeClientset, applicationSet.Namespace) // argoDB := db.NewDB(applicationSet.Namespace, settingsMgr, r.KubeClientset) // clusterList, err := argoDB.ListClusters(ctx) - clusterList, err := utils.ListClusters(ctx, r.KubeClientset, r.ArgoCDNamespace) + clusterList, err := utils.ListClusters(ctx, r.KubeClientset, applicationSet.Namespace) if err != nil { return fmt.Errorf("error listing clusters: %w", err) } @@ -769,7 +742,7 @@ func (r *ApplicationSetReconciler) removeFinalizerOnInvalidDestination(ctx conte var validDestination bool // Detect if the destination is invalid (name doesn't correspond to a matching cluster) - if err := utils.ValidateDestination(ctx, &app.Spec.Destination, r.KubeClientset, r.ArgoCDNamespace); err != nil { + if err := utils.ValidateDestination(ctx, &app.Spec.Destination, r.KubeClientset, applicationSet.Namespace); err != nil { appLog.Warnf("The destination cluster for %s couldn't be found: %v", app.Name, err) validDestination = false } else { diff --git a/applicationset/controllers/applicationset_controller_test.go b/applicationset/controllers/applicationset_controller_test.go index 3c3ce3ef57747..6d09ae9616bf0 100644 --- a/applicationset/controllers/applicationset_controller_test.go +++ b/applicationset/controllers/applicationset_controller_test.go @@ -26,11 +26,10 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/event" - "github.com/argoproj/gitops-engine/pkg/health" - "github.com/argoproj/gitops-engine/pkg/sync/common" - "github.com/argoproj/argo-cd/v2/applicationset/generators" "github.com/argoproj/argo-cd/v2/applicationset/utils" + "github.com/argoproj/gitops-engine/pkg/health" + "github.com/argoproj/gitops-engine/pkg/sync/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake" @@ -66,8 +65,8 @@ func (g *generatorMock) GetRequeueAfter(appSetGenerator *v1alpha1.ApplicationSet return args.Get(0).(time.Duration) } -func (r *rendererMock) RenderTemplateParams(tmpl *v1alpha1.Application, syncPolicy *v1alpha1.ApplicationSetSyncPolicy, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (*v1alpha1.Application, error) { - args := r.Called(tmpl, params, useGoTemplate, goTemplateOptions) +func (r *rendererMock) RenderTemplateParams(tmpl *v1alpha1.Application, syncPolicy *v1alpha1.ApplicationSetSyncPolicy, params map[string]interface{}, useGoTemplate bool) (*v1alpha1.Application, error) { + args := r.Called(tmpl, params, useGoTemplate) if args.Error(1) != nil { return nil, args.Error(1) @@ -165,14 +164,11 @@ func TestExtractApplications(t *testing.T) { if cc.generateParamsError == nil { for _, p := range cc.params { - tmpApplication := getTempApplication(cc.template) - tmpApplication.Labels[LabelKeyAppSetInstance] = appSet.Name - if cc.rendererError != nil { - rendererMock.On("RenderTemplateParams", getTempApplication(cc.template), p, false, []string(nil)). + rendererMock.On("RenderTemplateParams", getTempApplication(cc.template), p, false). Return(nil, cc.rendererError) } else { - rendererMock.On("RenderTemplateParams", getTempApplication(cc.template), p, false, []string(nil)). + rendererMock.On("RenderTemplateParams", getTempApplication(cc.template), p, false). Return(&app, nil) expectedApps = append(expectedApps, app) } @@ -289,21 +285,7 @@ func TestMergeTemplateApplications(t *testing.T) { rendererMock := rendererMock{} - appSet := &v1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: "name", - Namespace: "namespace", - }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{generator}, - Template: cc.template, - }, - } - - tmpApplication := getTempApplication(cc.expectedMerged) - tmpApplication.Labels[LabelKeyAppSetInstance] = appSet.Name - - rendererMock.On("RenderTemplateParams", tmpApplication, cc.params[0], false, []string(nil)). + rendererMock.On("RenderTemplateParams", getTempApplication(cc.expectedMerged), cc.params[0], false). Return(&cc.expectedApps[0], nil) r := ApplicationSetReconciler{ @@ -317,7 +299,17 @@ func TestMergeTemplateApplications(t *testing.T) { KubeClientset: kubefake.NewSimpleClientset(), } - got, _, _ := r.generateApplications(*appSet) + got, _, _ := r.generateApplications(v1alpha1.ApplicationSet{ + ObjectMeta: metav1.ObjectMeta{ + Name: "name", + Namespace: "namespace", + }, + Spec: v1alpha1.ApplicationSetSpec{ + Generators: []v1alpha1.ApplicationSetGenerator{generator}, + Template: cc.template, + }, + }, + ) assert.Equal(t, cc.expectedApps, got) }) @@ -1881,14 +1873,13 @@ func TestValidateGeneratedApplications(t *testing.T) { Recorder: record.NewFakeRecorder(1), Generators: map[string]generators.Generator{}, ArgoDB: &argoDBMock, - ArgoCDNamespace: "namespace", ArgoAppClientset: appclientset.NewSimpleClientset(argoObjs...), KubeClientset: kubeclientset, } appSetInfo := v1alpha1.ApplicationSet{} - validationErrors, _ := r.validateGeneratedApplications(context.TODO(), cc.apps, appSetInfo) + validationErrors, _ := r.validateGeneratedApplications(context.TODO(), cc.apps, appSetInfo, "namespace") var errorMessages []string for _, v := range validationErrors { errorMessages = append(errorMessages, v.Error()) @@ -1989,8 +1980,7 @@ func TestReconcilerValidationErrorBehaviour(t *testing.T) { ArgoDB: &argoDBMock, ArgoAppClientset: appclientset.NewSimpleClientset(argoObjs...), KubeClientset: kubeclientset, - Policy: v1alpha1.ApplicationsSyncPolicySync, - ArgoCDNamespace: "argocd", + Policy: &utils.SyncPolicy{}, } req := ctrl.Request{ @@ -2003,7 +1993,7 @@ func TestReconcilerValidationErrorBehaviour(t *testing.T) { // Verify that on validation error, no error is returned, but the object is requeued res, err := r.Reconcile(context.Background(), req) assert.Nil(t, err) - assert.True(t, res.RequeueAfter == ReconcileRequeueOnValidationError) + assert.True(t, res.RequeueAfter == 0) var app v1alpha1.Application @@ -2073,339 +2063,6 @@ func TestSetApplicationSetStatusCondition(t *testing.T) { assert.Len(t, appSet.Status.Conditions, 3) } -func applicationsUpdateSyncPolicyTest(t *testing.T, applicationsSyncPolicy v1alpha1.ApplicationsSyncPolicy, recordBuffer int, allowPolicyOverride bool) v1alpha1.Application { - - scheme := runtime.NewScheme() - err := v1alpha1.AddToScheme(scheme) - assert.Nil(t, err) - err = v1alpha1.AddToScheme(scheme) - assert.Nil(t, err) - - defaultProject := v1alpha1.AppProject{ - ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: "argocd"}, - Spec: v1alpha1.AppProjectSpec{SourceRepos: []string{"*"}, Destinations: []v1alpha1.ApplicationDestination{{Namespace: "*", Server: "https://good-cluster"}}}, - } - appSet := v1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: "name", - Namespace: "argocd", - }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{{ - Raw: []byte(`{"cluster": "good-cluster","url": "https://good-cluster"}`), - }}, - }, - }, - }, - SyncPolicy: &v1alpha1.ApplicationSetSyncPolicy{ - ApplicationsSync: &applicationsSyncPolicy, - }, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{ - Name: "{{cluster}}", - Namespace: "argocd", - }, - Spec: v1alpha1.ApplicationSpec{ - Source: &v1alpha1.ApplicationSource{RepoURL: "https://github.com/argoproj/argocd-example-apps", Path: "guestbook"}, - Project: "default", - Destination: v1alpha1.ApplicationDestination{Server: "{{url}}"}, - }, - }, - }, - } - - kubeclientset := kubefake.NewSimpleClientset() - argoDBMock := dbmocks.ArgoDB{} - argoObjs := []runtime.Object{&defaultProject} - - client := fake.NewClientBuilder().WithScheme(scheme).WithObjects(&appSet).Build() - goodCluster := v1alpha1.Cluster{Server: "https://good-cluster", Name: "good-cluster"} - argoDBMock.On("GetCluster", mock.Anything, "https://good-cluster").Return(&goodCluster, nil) - argoDBMock.On("ListClusters", mock.Anything).Return(&v1alpha1.ClusterList{Items: []v1alpha1.Cluster{ - goodCluster, - }}, nil) - - r := ApplicationSetReconciler{ - Client: client, - Scheme: scheme, - Renderer: &utils.Render{}, - Recorder: record.NewFakeRecorder(recordBuffer), - Generators: map[string]generators.Generator{ - "List": generators.NewListGenerator(), - }, - ArgoDB: &argoDBMock, - ArgoCDNamespace: "argocd", - ArgoAppClientset: appclientset.NewSimpleClientset(argoObjs...), - KubeClientset: kubeclientset, - Policy: v1alpha1.ApplicationsSyncPolicySync, - EnablePolicyOverride: allowPolicyOverride, - } - - req := ctrl.Request{ - NamespacedName: types.NamespacedName{ - Namespace: "argocd", - Name: "name", - }, - } - - // Verify that on validation error, no error is returned, but the object is requeued - resCreate, err := r.Reconcile(context.Background(), req) - assert.Nil(t, err) - assert.True(t, resCreate.RequeueAfter == 0) - - var app v1alpha1.Application - - // make sure good app got created - err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "good-cluster"}, &app) - assert.Nil(t, err) - assert.Equal(t, app.Name, "good-cluster") - - // Update resource - var retrievedApplicationSet v1alpha1.ApplicationSet - err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "name"}, &retrievedApplicationSet) - assert.Nil(t, err) - - retrievedApplicationSet.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} - retrievedApplicationSet.Spec.Template.Labels = map[string]string{"argocd.argoproj.io/application-set-name": "name", "label-key": "label-value"} - - retrievedApplicationSet.Spec.Template.Spec.Source.Helm = &v1alpha1.ApplicationSourceHelm{ - Values: "global.test: test", - } - - err = r.Client.Update(context.TODO(), &retrievedApplicationSet) - assert.Nil(t, err) - - resUpdate, err := r.Reconcile(context.Background(), req) - assert.Nil(t, err) - - err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "good-cluster"}, &app) - assert.Nil(t, err) - assert.True(t, resUpdate.RequeueAfter == 0) - assert.Equal(t, app.Name, "good-cluster") - - return app -} - -func TestUpdateNotPerformedWithSyncPolicyCreateOnly(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateOnly - - app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 1, true) - - assert.Nil(t, app.Spec.Source.Helm) - assert.Nil(t, app.ObjectMeta.Annotations) - assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name"}, app.ObjectMeta.Labels) -} - -func TestUpdateNotPerformedWithSyncPolicyCreateDelete(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateDelete - - app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 1, true) - - assert.Nil(t, app.Spec.Source.Helm) - assert.Nil(t, app.ObjectMeta.Annotations) - assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name"}, app.ObjectMeta.Labels) -} - -func TestUpdatePerformedWithSyncPolicyCreateUpdate(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateUpdate - - app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 2, true) - - assert.Equal(t, "global.test: test", app.Spec.Source.Helm.Values) - assert.Equal(t, map[string]string{"annotation-key": "annotation-value"}, app.ObjectMeta.Annotations) - assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name", "label-key": "label-value"}, app.ObjectMeta.Labels) -} - -func TestUpdatePerformedWithSyncPolicySync(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicySync - - app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 2, true) - - assert.Equal(t, "global.test: test", app.Spec.Source.Helm.Values) - assert.Equal(t, map[string]string{"annotation-key": "annotation-value"}, app.ObjectMeta.Annotations) - assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name", "label-key": "label-value"}, app.ObjectMeta.Labels) -} - -func TestUpdatePerformedWithSyncPolicyCreateOnlyAndAllowPolicyOverrideFalse(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateOnly - - app := applicationsUpdateSyncPolicyTest(t, applicationsSyncPolicy, 2, false) - - assert.Equal(t, "global.test: test", app.Spec.Source.Helm.Values) - assert.Equal(t, map[string]string{"annotation-key": "annotation-value"}, app.ObjectMeta.Annotations) - assert.Equal(t, map[string]string{"argocd.argoproj.io/application-set-name": "name", "label-key": "label-value"}, app.ObjectMeta.Labels) -} - -func applicationsDeleteSyncPolicyTest(t *testing.T, applicationsSyncPolicy v1alpha1.ApplicationsSyncPolicy, recordBuffer int, allowPolicyOverride bool) v1alpha1.ApplicationList { - - scheme := runtime.NewScheme() - err := v1alpha1.AddToScheme(scheme) - assert.Nil(t, err) - err = v1alpha1.AddToScheme(scheme) - assert.Nil(t, err) - - defaultProject := v1alpha1.AppProject{ - ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: "argocd"}, - Spec: v1alpha1.AppProjectSpec{SourceRepos: []string{"*"}, Destinations: []v1alpha1.ApplicationDestination{{Namespace: "*", Server: "https://good-cluster"}}}, - } - appSet := v1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: "name", - Namespace: "argocd", - }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{{ - Raw: []byte(`{"cluster": "good-cluster","url": "https://good-cluster"}`), - }}, - }, - }, - }, - SyncPolicy: &v1alpha1.ApplicationSetSyncPolicy{ - ApplicationsSync: &applicationsSyncPolicy, - }, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{ - Name: "{{cluster}}", - Namespace: "argocd", - }, - Spec: v1alpha1.ApplicationSpec{ - Source: &v1alpha1.ApplicationSource{RepoURL: "https://github.com/argoproj/argocd-example-apps", Path: "guestbook"}, - Project: "default", - Destination: v1alpha1.ApplicationDestination{Server: "{{url}}"}, - }, - }, - }, - } - - kubeclientset := kubefake.NewSimpleClientset() - argoDBMock := dbmocks.ArgoDB{} - argoObjs := []runtime.Object{&defaultProject} - - client := fake.NewClientBuilder().WithScheme(scheme).WithObjects(&appSet).Build() - goodCluster := v1alpha1.Cluster{Server: "https://good-cluster", Name: "good-cluster"} - argoDBMock.On("GetCluster", mock.Anything, "https://good-cluster").Return(&goodCluster, nil) - argoDBMock.On("ListClusters", mock.Anything).Return(&v1alpha1.ClusterList{Items: []v1alpha1.Cluster{ - goodCluster, - }}, nil) - - r := ApplicationSetReconciler{ - Client: client, - Scheme: scheme, - Renderer: &utils.Render{}, - Recorder: record.NewFakeRecorder(recordBuffer), - Generators: map[string]generators.Generator{ - "List": generators.NewListGenerator(), - }, - ArgoDB: &argoDBMock, - ArgoCDNamespace: "argocd", - ArgoAppClientset: appclientset.NewSimpleClientset(argoObjs...), - KubeClientset: kubeclientset, - Policy: v1alpha1.ApplicationsSyncPolicySync, - EnablePolicyOverride: allowPolicyOverride, - } - - req := ctrl.Request{ - NamespacedName: types.NamespacedName{ - Namespace: "argocd", - Name: "name", - }, - } - - // Verify that on validation error, no error is returned, but the object is requeued - resCreate, err := r.Reconcile(context.Background(), req) - assert.Nil(t, err) - assert.True(t, resCreate.RequeueAfter == 0) - - var app v1alpha1.Application - - // make sure good app got created - err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "good-cluster"}, &app) - assert.Nil(t, err) - assert.Equal(t, app.Name, "good-cluster") - - // Update resource - var retrievedApplicationSet v1alpha1.ApplicationSet - err = r.Client.Get(context.TODO(), crtclient.ObjectKey{Namespace: "argocd", Name: "name"}, &retrievedApplicationSet) - assert.Nil(t, err) - retrievedApplicationSet.Spec.Generators = []v1alpha1.ApplicationSetGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{}, - }, - }, - } - - err = r.Client.Update(context.TODO(), &retrievedApplicationSet) - assert.Nil(t, err) - - resUpdate, err := r.Reconcile(context.Background(), req) - assert.Nil(t, err) - - var apps v1alpha1.ApplicationList - - err = r.Client.List(context.TODO(), &apps) - assert.Nil(t, err) - assert.True(t, resUpdate.RequeueAfter == 0) - - return apps -} - -func TestDeleteNotPerformedWithSyncPolicyCreateOnly(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateOnly - - apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 1, true) - - assert.Equal(t, "good-cluster", apps.Items[0].Name) -} - -func TestDeleteNotPerformedWithSyncPolicyCreateUpdate(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateUpdate - - apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 2, true) - - assert.Equal(t, "good-cluster", apps.Items[0].Name) -} - -func TestDeletePerformedWithSyncPolicyCreateDelete(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateDelete - - apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 3, true) - - assert.Equal(t, 0, len(apps.Items)) -} - -func TestDeletePerformedWithSyncPolicySync(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicySync - - apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 3, true) - - assert.Equal(t, 0, len(apps.Items)) -} - -func TestDeletePerformedWithSyncPolicyCreateOnlyAndAllowPolicyOverrideFalse(t *testing.T) { - - applicationsSyncPolicy := v1alpha1.ApplicationsSyncPolicyCreateOnly - - apps := applicationsDeleteSyncPolicyTest(t, applicationsSyncPolicy, 3, false) - - assert.Equal(t, 0, len(apps.Items)) -} - // Test app generation from a go template application set using a pull request generator func TestGenerateAppsUsingPullRequestGenerator(t *testing.T) { scheme := runtime.NewScheme() @@ -2449,8 +2106,7 @@ func TestGenerateAppsUsingPullRequestGenerator(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "AppSet-branch1-1", Labels: map[string]string{ - "app1": "label1", - LabelKeyAppSetInstance: "", + "app1": "label1", }, }, Spec: v1alpha1.ApplicationSpec{ @@ -2613,7 +2269,6 @@ func TestPolicies(t *testing.T) { "List": generators.NewListGenerator(), }, ArgoDB: &argoDBMock, - ArgoCDNamespace: "argocd", ArgoAppClientset: appclientset.NewSimpleClientset(argoObjs...), KubeClientset: kubeclientset, Policy: policy, diff --git a/applicationset/controllers/clustereventhandler.go b/applicationset/controllers/clustereventhandler.go index 951da0cb6bc44..c2a466a5c38cf 100644 --- a/applicationset/controllers/clustereventhandler.go +++ b/applicationset/controllers/clustereventhandler.go @@ -139,11 +139,7 @@ func nestedGeneratorHasClusterGenerator(nested argoprojiov1alpha1.ApplicationSet return false, fmt.Errorf("unable to get nested matrix generator: %w", err) } if nestedMatrix != nil { - hasClusterGenerator, err := nestedGeneratorsHaveClusterGenerator(nestedMatrix.ToMatrixGenerator().Generators) - if err != nil { - return false, fmt.Errorf("error evaluating nested matrix generator: %w", err) - } - return hasClusterGenerator, nil + return nestedGeneratorsHaveClusterGenerator(nestedMatrix.ToMatrixGenerator().Generators) } } @@ -153,11 +149,7 @@ func nestedGeneratorHasClusterGenerator(nested argoprojiov1alpha1.ApplicationSet return false, fmt.Errorf("unable to get nested merge generator: %w", err) } if nestedMerge != nil { - hasClusterGenerator, err := nestedGeneratorsHaveClusterGenerator(nestedMerge.ToMergeGenerator().Generators) - if err != nil { - return false, fmt.Errorf("error evaluating nested merge generator: %w", err) - } - return hasClusterGenerator, nil + return nestedGeneratorsHaveClusterGenerator(nestedMerge.ToMergeGenerator().Generators) } } diff --git a/applicationset/controllers/clustereventhandler_test.go b/applicationset/controllers/clustereventhandler_test.go index 7e850fc44c66d..05cf93ae7dbdd 100644 --- a/applicationset/controllers/clustereventhandler_test.go +++ b/applicationset/controllers/clustereventhandler_test.go @@ -573,68 +573,3 @@ type mockAddRateLimitingInterface struct { errorOccurred bool addedItems []ctrl.Request } - -func TestNestedGeneratorHasClusterGenerator_NestedClusterGenerator(t *testing.T) { - nested := argov1alpha1.ApplicationSetNestedGenerator{ - Clusters: &argov1alpha1.ClusterGenerator{}, - } - - hasClusterGenerator, err := nestedGeneratorHasClusterGenerator(nested) - - assert.Nil(t, err) - assert.True(t, hasClusterGenerator) -} - -func TestNestedGeneratorHasClusterGenerator_NestedMergeGenerator(t *testing.T) { - nested := argov1alpha1.ApplicationSetNestedGenerator{ - Merge: &apiextensionsv1.JSON{ - Raw: []byte( - `{ - "generators": [ - { - "clusters": { - "selector": { - "matchLabels": { - "argocd.argoproj.io/secret-type": "cluster" - } - } - } - } - ] - }`, - ), - }, - } - - hasClusterGenerator, err := nestedGeneratorHasClusterGenerator(nested) - - assert.Nil(t, err) - assert.True(t, hasClusterGenerator) -} - -func TestNestedGeneratorHasClusterGenerator_NestedMergeGeneratorWithInvalidJSON(t *testing.T) { - nested := argov1alpha1.ApplicationSetNestedGenerator{ - Merge: &apiextensionsv1.JSON{ - Raw: []byte( - `{ - "generators": [ - { - "clusters": { - "selector": { - "matchLabels": { - "argocd.argoproj.io/secret-type": "cluster" - } - } - } - } - ] - `, - ), - }, - } - - hasClusterGenerator, err := nestedGeneratorHasClusterGenerator(nested) - - assert.NotNil(t, err) - assert.False(t, hasClusterGenerator) -} diff --git a/applicationset/controllers/requeue_after_test.go b/applicationset/controllers/requeue_after_test.go index da6b0b10b47df..16983a8340fbb 100644 --- a/applicationset/controllers/requeue_after_test.go +++ b/applicationset/controllers/requeue_after_test.go @@ -5,7 +5,10 @@ import ( "testing" "time" + "github.com/argoproj/argo-cd/v2/applicationset/generators" + argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" @@ -14,14 +17,10 @@ import ( kubefake "k8s.io/client-go/kubernetes/fake" "k8s.io/client-go/tools/record" "sigs.k8s.io/controller-runtime/pkg/client/fake" - - "github.com/argoproj/argo-cd/v2/applicationset/generators" - "github.com/argoproj/argo-cd/v2/applicationset/services/mocks" - argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) func TestRequeueAfter(t *testing.T) { - mockServer := &mocks.Repos{} + mockServer := argoCDServiceMock{} ctx := context.Background() scheme := runtime.NewScheme() err := argov1alpha1.AddToScheme(scheme) @@ -60,9 +59,9 @@ func TestRequeueAfter(t *testing.T) { "List": generators.NewListGenerator(), "Clusters": generators.NewClusterGenerator(k8sClient, ctx, appClientset, "argocd"), "Git": generators.NewGitGenerator(mockServer), - "SCMProvider": generators.NewSCMProviderGenerator(fake.NewClientBuilder().WithObjects(&corev1.Secret{}).Build(), generators.SCMAuthProviders{}, "", []string{""}), + "SCMProvider": generators.NewSCMProviderGenerator(fake.NewClientBuilder().WithObjects(&corev1.Secret{}).Build(), generators.SCMAuthProviders{}), "ClusterDecisionResource": generators.NewDuckTypeGenerator(ctx, fakeDynClient, appClientset, "argocd"), - "PullRequest": generators.NewPullRequestGenerator(k8sClient, generators.SCMAuthProviders{}, "", []string{""}), + "PullRequest": generators.NewPullRequestGenerator(k8sClient, generators.SCMAuthProviders{}), } nestedGenerators := map[string]generators.Generator{ @@ -151,3 +150,30 @@ func TestRequeueAfter(t *testing.T) { }) } } + +type argoCDServiceMock struct { + mock *mock.Mock +} + +func (a argoCDServiceMock) GetApps(ctx context.Context, repoURL string, revision string) ([]string, error) { + args := a.mock.Called(ctx, repoURL, revision) + + return args.Get(0).([]string), args.Error(1) +} + +func (a argoCDServiceMock) GetFiles(ctx context.Context, repoURL string, revision string, pattern string) (map[string][]byte, error) { + args := a.mock.Called(ctx, repoURL, revision, pattern) + + return args.Get(0).(map[string][]byte), args.Error(1) +} + +func (a argoCDServiceMock) GetFileContent(ctx context.Context, repoURL string, revision string, path string) ([]byte, error) { + args := a.mock.Called(ctx, repoURL, revision, path) + + return args.Get(0).([]byte), args.Error(1) +} + +func (a argoCDServiceMock) GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error) { + args := a.mock.Called(ctx, repoURL, revision) + return args.Get(0).([]string), args.Error(1) +} diff --git a/applicationset/examples/applications-sync-policies/create-only.yaml b/applicationset/examples/applications-sync-policies/create-only.yaml deleted file mode 100644 index 7758a70b45765..0000000000000 --- a/applicationset/examples/applications-sync-policies/create-only.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: guestbook -spec: - goTemplate: true - generators: - - list: - elements: - - cluster: engineering-dev - url: https://kubernetes.default.svc - foo: bar - # Update foo value with foo: bar - # Application engineering-prod-guestbook labels will still be baz - # Delete this element - # Application engineering-prod-guestbook will be kept - - cluster: engineering-prod - url: https://kubernetes.default.svc - foo: baz - template: - metadata: - name: '{{.cluster}}-guestbook' - labels: - foo: '{{.foo}}' - spec: - project: default - source: - repoURL: https://github.com/argoproj/argo-cd.git - targetRevision: HEAD - path: applicationset/examples/list-generator/guestbook/{{.cluster}} - destination: - server: '{{.url}}' - namespace: guestbook - syncPolicy: - applicationsSync: create-only diff --git a/applicationset/examples/applications-sync-policies/create-update.yaml b/applicationset/examples/applications-sync-policies/create-update.yaml deleted file mode 100644 index 277e8d6e18884..0000000000000 --- a/applicationset/examples/applications-sync-policies/create-update.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: guestbook -spec: - goTemplate: true - generators: - - list: - elements: - - cluster: engineering-dev - url: https://kubernetes.default.svc - foo: bar - # Update foo value with foo: bar - # Application engineering-prod-guestbook labels will change to foo: bar - # Delete this element - # Application engineering-prod-guestbook will be kept - - cluster: engineering-prod - url: https://kubernetes.default.svc - foo: baz - template: - metadata: - name: '{{.cluster}}-guestbook' - labels: - foo: '{{.foo}}' - spec: - project: default - source: - repoURL: https://github.com/argoproj/argo-cd.git - targetRevision: HEAD - path: applicationset/examples/list-generator/guestbook/{{.cluster}} - destination: - server: '{{.url}}' - namespace: guestbook - syncPolicy: - applicationsSync: create-update diff --git a/applicationset/examples/applications-sync-policies/guestbook/engineering-dev/guestbook-ui-deployment.yaml b/applicationset/examples/applications-sync-policies/guestbook/engineering-dev/guestbook-ui-deployment.yaml deleted file mode 100644 index 8a0975e363539..0000000000000 --- a/applicationset/examples/applications-sync-policies/guestbook/engineering-dev/guestbook-ui-deployment.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: guestbook-ui -spec: - replicas: 1 - revisionHistoryLimit: 3 - selector: - matchLabels: - app: guestbook-ui - template: - metadata: - labels: - app: guestbook-ui - spec: - containers: - - image: gcr.io/heptio-images/ks-guestbook-demo:0.2 - name: guestbook-ui - ports: - - containerPort: 80 diff --git a/applicationset/examples/applications-sync-policies/guestbook/engineering-dev/guestbook-ui-svc.yaml b/applicationset/examples/applications-sync-policies/guestbook/engineering-dev/guestbook-ui-svc.yaml deleted file mode 100644 index e8a4a27fbae40..0000000000000 --- a/applicationset/examples/applications-sync-policies/guestbook/engineering-dev/guestbook-ui-svc.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: guestbook-ui -spec: - ports: - - port: 80 - targetPort: 80 - selector: - app: guestbook-ui diff --git a/applicationset/examples/applications-sync-policies/guestbook/engineering-prod/guestbook-ui-deployment.yaml b/applicationset/examples/applications-sync-policies/guestbook/engineering-prod/guestbook-ui-deployment.yaml deleted file mode 100644 index 8a0975e363539..0000000000000 --- a/applicationset/examples/applications-sync-policies/guestbook/engineering-prod/guestbook-ui-deployment.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: guestbook-ui -spec: - replicas: 1 - revisionHistoryLimit: 3 - selector: - matchLabels: - app: guestbook-ui - template: - metadata: - labels: - app: guestbook-ui - spec: - containers: - - image: gcr.io/heptio-images/ks-guestbook-demo:0.2 - name: guestbook-ui - ports: - - containerPort: 80 diff --git a/applicationset/examples/applications-sync-policies/guestbook/engineering-prod/guestbook-ui-svc.yaml b/applicationset/examples/applications-sync-policies/guestbook/engineering-prod/guestbook-ui-svc.yaml deleted file mode 100644 index e8a4a27fbae40..0000000000000 --- a/applicationset/examples/applications-sync-policies/guestbook/engineering-prod/guestbook-ui-svc.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: guestbook-ui -spec: - ports: - - port: 80 - targetPort: 80 - selector: - app: guestbook-ui diff --git a/applicationset/examples/cluster/cluster-example.yaml b/applicationset/examples/cluster/cluster-example.yaml index a8e54212595e8..9714ce1952e9c 100644 --- a/applicationset/examples/cluster/cluster-example.yaml +++ b/applicationset/examples/cluster/cluster-example.yaml @@ -4,7 +4,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - clusters: {} template: diff --git a/applicationset/examples/clusterDecisionResource/ducktype-example.yaml b/applicationset/examples/clusterDecisionResource/ducktype-example.yaml index cf633483a8f68..c6058e870bbf6 100644 --- a/applicationset/examples/clusterDecisionResource/ducktype-example.yaml +++ b/applicationset/examples/clusterDecisionResource/ducktype-example.yaml @@ -4,7 +4,6 @@ metadata: name: book-import spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - clusterDecisionResource: configMapRef: ocm-placement diff --git a/applicationset/examples/design-doc/applicationset.yaml b/applicationset/examples/design-doc/applicationset.yaml index 7ab4e824596a3..b1e49bd814d15 100644 --- a/applicationset/examples/design-doc/applicationset.yaml +++ b/applicationset/examples/design-doc/applicationset.yaml @@ -8,7 +8,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - clusters: {} template: diff --git a/applicationset/examples/design-doc/git-directory-discovery.yaml b/applicationset/examples/design-doc/git-directory-discovery.yaml index a158d034d9043..2f62e33cd6ca6 100644 --- a/applicationset/examples/design-doc/git-directory-discovery.yaml +++ b/applicationset/examples/design-doc/git-directory-discovery.yaml @@ -27,7 +27,6 @@ metadata: name: cluster-addons spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/infra-team/cluster-deployments.git diff --git a/applicationset/examples/design-doc/git-files-discovery.yaml b/applicationset/examples/design-doc/git-files-discovery.yaml index 367e318ac2d5a..3a4167886de69 100644 --- a/applicationset/examples/design-doc/git-files-discovery.yaml +++ b/applicationset/examples/design-doc/git-files-discovery.yaml @@ -38,7 +38,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/infra-team/cluster-deployments.git diff --git a/applicationset/examples/design-doc/git-files-literal.yaml b/applicationset/examples/design-doc/git-files-literal.yaml index 9dbace36e4c56..5cb9bd9553446 100644 --- a/applicationset/examples/design-doc/git-files-literal.yaml +++ b/applicationset/examples/design-doc/git-files-literal.yaml @@ -51,7 +51,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/infra-team/cluster-deployments.git diff --git a/applicationset/examples/design-doc/list.yaml b/applicationset/examples/design-doc/list.yaml index b1bcd593eac7f..3f76526b17df5 100644 --- a/applicationset/examples/design-doc/list.yaml +++ b/applicationset/examples/design-doc/list.yaml @@ -5,7 +5,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - list: elements: diff --git a/applicationset/examples/design-doc/template-override.yaml b/applicationset/examples/design-doc/template-override.yaml index 970c7c395a820..be55e739e15a2 100644 --- a/applicationset/examples/design-doc/template-override.yaml +++ b/applicationset/examples/design-doc/template-override.yaml @@ -8,7 +8,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - list: elements: diff --git a/applicationset/examples/git-generator-directory/excludes/git-directories-exclude-example.yaml b/applicationset/examples/git-generator-directory/excludes/git-directories-exclude-example.yaml index a021a3d0c66d3..786d30a536419 100644 --- a/applicationset/examples/git-generator-directory/excludes/git-directories-exclude-example.yaml +++ b/applicationset/examples/git-generator-directory/excludes/git-directories-exclude-example.yaml @@ -5,7 +5,6 @@ metadata: namespace: argocd spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/argoproj/argo-cd.git diff --git a/applicationset/examples/git-generator-directory/git-directories-example.yaml b/applicationset/examples/git-generator-directory/git-directories-example.yaml index 6fc16b4d39384..4ac79a34dd43c 100644 --- a/applicationset/examples/git-generator-directory/git-directories-example.yaml +++ b/applicationset/examples/git-generator-directory/git-directories-example.yaml @@ -5,7 +5,6 @@ metadata: namespace: argocd spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/argoproj/argo-cd.git diff --git a/applicationset/examples/git-generator-files-discovery/git-generator-files.yaml b/applicationset/examples/git-generator-files-discovery/git-generator-files.yaml index 78a0136655498..7ccd68f6c6b88 100644 --- a/applicationset/examples/git-generator-files-discovery/git-generator-files.yaml +++ b/applicationset/examples/git-generator-files-discovery/git-generator-files.yaml @@ -4,7 +4,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/argoproj/argo-cd.git diff --git a/applicationset/examples/list-generator/list-example.yaml b/applicationset/examples/list-generator/list-example.yaml index 03e33130bad84..a54fa0cfd92e1 100644 --- a/applicationset/examples/list-generator/list-example.yaml +++ b/applicationset/examples/list-generator/list-example.yaml @@ -4,7 +4,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - list: elements: diff --git a/applicationset/examples/matrix/cluster-and-git.yaml b/applicationset/examples/matrix/cluster-and-git.yaml index d58d2fa5f83f6..a42568db821f3 100644 --- a/applicationset/examples/matrix/cluster-and-git.yaml +++ b/applicationset/examples/matrix/cluster-and-git.yaml @@ -8,7 +8,6 @@ metadata: name: cluster-git spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - matrix: generators: diff --git a/applicationset/examples/matrix/list-and-git.yaml b/applicationset/examples/matrix/list-and-git.yaml index 9ba04345476b4..d1a2979daedfe 100644 --- a/applicationset/examples/matrix/list-and-git.yaml +++ b/applicationset/examples/matrix/list-and-git.yaml @@ -8,7 +8,6 @@ metadata: name: list-git spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - matrix: generators: diff --git a/applicationset/examples/matrix/list-and-list.yaml b/applicationset/examples/matrix/list-and-list.yaml index f88189ba5ec01..fe5606a4b4b53 100644 --- a/applicationset/examples/matrix/list-and-list.yaml +++ b/applicationset/examples/matrix/list-and-list.yaml @@ -5,7 +5,6 @@ metadata: namespace: argocd spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - matrix: generators: diff --git a/applicationset/examples/matrix/matrix-and-union-in-matrix.yaml b/applicationset/examples/matrix/matrix-and-union-in-matrix.yaml index e4fed589764a8..783b4c94b5c3a 100644 --- a/applicationset/examples/matrix/matrix-and-union-in-matrix.yaml +++ b/applicationset/examples/matrix/matrix-and-union-in-matrix.yaml @@ -13,7 +13,6 @@ metadata: name: matrix-and-union-in-matrix spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - matrix: generators: diff --git a/applicationset/examples/merge/merge-clusters-and-list.yaml b/applicationset/examples/merge/merge-clusters-and-list.yaml index c91f4fea47d7b..48b35b0251ed4 100644 --- a/applicationset/examples/merge/merge-clusters-and-list.yaml +++ b/applicationset/examples/merge/merge-clusters-and-list.yaml @@ -4,7 +4,6 @@ metadata: name: merge-clusters-and-list spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - merge: mergeKeys: diff --git a/applicationset/examples/merge/merge-two-matrixes.yaml b/applicationset/examples/merge/merge-two-matrixes.yaml index f864ac6948b2d..f7590fb685d9f 100644 --- a/applicationset/examples/merge/merge-two-matrixes.yaml +++ b/applicationset/examples/merge/merge-two-matrixes.yaml @@ -4,7 +4,6 @@ metadata: name: merge-two-matrixes spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - merge: mergeKeys: diff --git a/applicationset/examples/pull-request-generator/pull-request-example.yaml b/applicationset/examples/pull-request-generator/pull-request-example.yaml index d8ad8502b9b13..98f66ae095e6d 100644 --- a/applicationset/examples/pull-request-generator/pull-request-example.yaml +++ b/applicationset/examples/pull-request-generator/pull-request-example.yaml @@ -4,7 +4,6 @@ metadata: name: myapp spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - pullRequest: github: diff --git a/applicationset/examples/scm-provider-generator/scm-provider-example-fasttemplate-gitlab.yaml b/applicationset/examples/scm-provider-generator/scm-provider-example-fasttemplate-gitlab.yaml deleted file mode 100644 index c62c151122d1f..0000000000000 --- a/applicationset/examples/scm-provider-generator/scm-provider-example-fasttemplate-gitlab.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: guestbook -spec: - generators: - - scmProvider: - gitlab: - api: https://gitlab.com - group: test-argocd-proton - includeSubgroups: true - cloneProtocol: https - filters: - - repositoryMatch: test-app - template: - metadata: - name: '{{ repository }}-guestbook' - spec: - project: "default" - source: - repoURL: '{{ url }}' - targetRevision: '{{ branch }}' - path: guestbook - destination: - server: https://kubernetes.default.svc - namespace: guestbook diff --git a/applicationset/examples/scm-provider-generator/scm-provider-example.yaml b/applicationset/examples/scm-provider-generator/scm-provider-example.yaml index c3ca2e5b3e5a9..8e310d45ccda5 100644 --- a/applicationset/examples/scm-provider-generator/scm-provider-example.yaml +++ b/applicationset/examples/scm-provider-generator/scm-provider-example.yaml @@ -4,7 +4,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - scmProvider: github: diff --git a/applicationset/examples/template-override/template-overrides-example.yaml b/applicationset/examples/template-override/template-overrides-example.yaml index 48cbf703fcd70..dbc19418b4716 100644 --- a/applicationset/examples/template-override/template-overrides-example.yaml +++ b/applicationset/examples/template-override/template-overrides-example.yaml @@ -8,7 +8,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - list: elements: diff --git a/applicationset/generators/cluster.go b/applicationset/generators/cluster.go index d8647d78d3a5c..6e40391901e7a 100644 --- a/applicationset/generators/cluster.go +++ b/applicationset/generators/cluster.go @@ -61,7 +61,8 @@ func (g *ClusterGenerator) GetTemplate(appSetGenerator *argoappsetv1alpha1.Appli return &appSetGenerator.Clusters.Template } -func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.ApplicationSetGenerator, appSet *argoappsetv1alpha1.ApplicationSet) ([]map[string]interface{}, error) { +func (g *ClusterGenerator) GenerateParams( + appSetGenerator *argoappsetv1alpha1.ApplicationSetGenerator, appSet *argoappsetv1alpha1.ApplicationSet) ([]map[string]interface{}, error) { if appSetGenerator == nil { return nil, EmptyAppSetGeneratorError @@ -78,7 +79,7 @@ func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.Ap // ListCluster from Argo CD's util/db package will include the local cluster in the list of clusters clustersFromArgoCD, err := utils.ListClusters(g.ctx, g.clientset, g.namespace) if err != nil { - return nil, fmt.Errorf("error listing clusters: %w", err) + return nil, err } if clustersFromArgoCD == nil { @@ -108,7 +109,7 @@ func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.Ap params["nameNormalized"] = cluster.Name params["server"] = cluster.Server - err = appendTemplatedValues(appSetGenerator.Clusters.Values, params, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions) + err = appendTemplatedValues(appSetGenerator.Clusters.Values, params, appSet) if err != nil { return nil, err } @@ -148,7 +149,7 @@ func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.Ap } } - err = appendTemplatedValues(appSetGenerator.Clusters.Values, params, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions) + err = appendTemplatedValues(appSetGenerator.Clusters.Values, params, appSet) if err != nil { return nil, err } @@ -161,6 +162,44 @@ func (g *ClusterGenerator) GenerateParams(appSetGenerator *argoappsetv1alpha1.Ap return res, nil } +func appendTemplatedValues(clusterValues map[string]string, params map[string]interface{}, appSet *argoappsetv1alpha1.ApplicationSet) error { + // We create a local map to ensure that we do not fall victim to a billion-laughs attack. We iterate through the + // cluster values map and only replace values in said map if it has already been whitelisted in the params map. + // Once we iterate through all the cluster values we can then safely merge the `tmp` map into the main params map. + tmp := map[string]interface{}{} + + for key, value := range clusterValues { + result, err := replaceTemplatedString(value, params, appSet) + + if err != nil { + return fmt.Errorf("error replacing templated String: %w", err) + } + + if appSet.Spec.GoTemplate { + if tmp["values"] == nil { + tmp["values"] = map[string]string{} + } + tmp["values"].(map[string]string)[key] = result + } else { + tmp[fmt.Sprintf("values.%s", key)] = result + } + } + + for key, value := range tmp { + params[key] = value + } + + return nil +} + +func replaceTemplatedString(value string, params map[string]interface{}, appSet *argoappsetv1alpha1.ApplicationSet) (string, error) { + replacedTmplStr, err := render.Replace(value, params, appSet.Spec.GoTemplate) + if err != nil { + return "", err + } + return replacedTmplStr, nil +} + func (g *ClusterGenerator) getSecretsByClusterName(appSetGenerator *argoappsetv1alpha1.ApplicationSetGenerator) (map[string]corev1.Secret, error) { // List all Clusters: clusterSecretList := &corev1.SecretList{} diff --git a/applicationset/generators/duck_type.go b/applicationset/generators/duck_type.go index f98afd0e01381..cdd13e8aeaf7a 100644 --- a/applicationset/generators/duck_type.go +++ b/applicationset/generators/duck_type.go @@ -74,7 +74,7 @@ func (g *DuckTypeGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.A // ListCluster from Argo CD's util/db package will include the local cluster in the list of clusters clustersFromArgoCD, err := utils.ListClusters(g.ctx, g.clientset, g.namespace) if err != nil { - return nil, fmt.Errorf("error listing clusters: %w", err) + return nil, err } if clustersFromArgoCD == nil { @@ -85,7 +85,7 @@ func (g *DuckTypeGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.A cm, err := g.clientset.CoreV1().ConfigMaps(g.namespace).Get(g.ctx, appSetGenerator.ClusterDecisionResource.ConfigMapRef, metav1.GetOptions{}) if err != nil { - return nil, fmt.Errorf("error reading configMapRef: %w", err) + return nil, err } // Extract GVK data for the dynamic client to use diff --git a/applicationset/generators/duck_type_test.go b/applicationset/generators/duck_type_test.go index 788457b27559c..21882e86575ed 100644 --- a/applicationset/generators/duck_type_test.go +++ b/applicationset/generators/duck_type_test.go @@ -3,7 +3,6 @@ package generators import ( "context" "fmt" - "testing" "github.com/stretchr/testify/assert" corev1 "k8s.io/api/core/v1" @@ -16,6 +15,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + + "testing" ) const resourceApiVersion = "mallard.io/v1" diff --git a/applicationset/generators/generator_spec_processor.go b/applicationset/generators/generator_spec_processor.go index 447e99d83ab37..990fb0f8eb81e 100644 --- a/applicationset/generators/generator_spec_processor.go +++ b/applicationset/generators/generator_spec_processor.go @@ -4,9 +4,8 @@ import ( "fmt" "reflect" - "github.com/jeremywohl/flatten" - "github.com/argoproj/argo-cd/v2/applicationset/utils" + "github.com/jeremywohl/flatten" "k8s.io/apimachinery/pkg/labels" @@ -53,7 +52,7 @@ func Transform(requestedGenerator argoprojiov1alpha1.ApplicationSetGenerator, al } var params []map[string]interface{} if len(genParams) != 0 { - tempInterpolatedGenerator, err := InterpolateGenerator(&requestedGenerator, genParams, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions) + tempInterpolatedGenerator, err := InterpolateGenerator(&requestedGenerator, genParams, appSet.Spec.GoTemplate) interpolatedGenerator = &tempInterpolatedGenerator if err != nil { log.WithError(err).WithField("genParams", genParams). @@ -125,7 +124,7 @@ func GetRelevantGenerators(requestedGenerator *argoprojiov1alpha1.ApplicationSet func flattenParameters(in map[string]interface{}) (map[string]string, error) { flat, err := flatten.Flatten(in, "", flatten.DotStyle) if err != nil { - return nil, fmt.Errorf("error flatenning parameters: %w", err) + return nil, err } out := make(map[string]string, len(flat)) @@ -148,9 +147,9 @@ func mergeGeneratorTemplate(g Generator, requestedGenerator *argoprojiov1alpha1. // InterpolateGenerator allows interpolating the matrix's 2nd child generator with values from the 1st child generator // "params" parameter is an array, where each index corresponds to a generator. Each index contains a map w/ that generator's parameters. -func InterpolateGenerator(requestedGenerator *argoprojiov1alpha1.ApplicationSetGenerator, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (argoprojiov1alpha1.ApplicationSetGenerator, error) { +func InterpolateGenerator(requestedGenerator *argoprojiov1alpha1.ApplicationSetGenerator, params map[string]interface{}, useGoTemplate bool) (argoprojiov1alpha1.ApplicationSetGenerator, error) { render := utils.Render{} - interpolatedGenerator, err := render.RenderGeneratorParams(requestedGenerator, params, useGoTemplate, goTemplateOptions) + interpolatedGenerator, err := render.RenderGeneratorParams(requestedGenerator, params, useGoTemplate) if err != nil { log.WithError(err).WithField("interpolatedGenerator", interpolatedGenerator).Error("error interpolating generator with other generator's parameter") return *interpolatedGenerator, err @@ -158,16 +157,3 @@ func InterpolateGenerator(requestedGenerator *argoprojiov1alpha1.ApplicationSetG return *interpolatedGenerator, nil } - -// Fixes https://github.com/argoproj/argo-cd/issues/11982 while ensuring backwards compatibility. -// This is only a short-term solution and should be removed in a future major version. -func dropDisabledNestedSelectors(generators []argoprojiov1alpha1.ApplicationSetNestedGenerator) bool { - var foundSelector bool - for i := range generators { - if generators[i].Selector != nil { - foundSelector = true - generators[i].Selector = nil - } - } - return foundSelector -} diff --git a/applicationset/generators/generator_spec_processor_test.go b/applicationset/generators/generator_spec_processor_test.go index 6ca1061a1c9de..22320821d0f16 100644 --- a/applicationset/generators/generator_spec_processor_test.go +++ b/applicationset/generators/generator_spec_processor_test.go @@ -10,8 +10,7 @@ import ( apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/argoproj/argo-cd/v2/applicationset/services/mocks" - + testutils "github.com/argoproj/argo-cd/v2/applicationset/utils/test" argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/stretchr/testify/mock" @@ -20,6 +19,8 @@ import ( kubefake "k8s.io/client-go/kubernetes/fake" crtclient "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/fake" + + argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) func TestMatchValues(t *testing.T) { @@ -70,18 +71,18 @@ func TestMatchValues(t *testing.T) { "List": listGenerator, } - applicationSetInfo := argov1alpha1.ApplicationSet{ + applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "set", }, - Spec: argov1alpha1.ApplicationSetSpec{ + Spec: argoprojiov1alpha1.ApplicationSetSpec{ GoTemplate: false, }, } - results, err := Transform(argov1alpha1.ApplicationSetGenerator{ + results, err := Transform(argoprojiov1alpha1.ApplicationSetGenerator{ Selector: testCase.selector, - List: &argov1alpha1.ListGenerator{ + List: &argoprojiov1alpha1.ListGenerator{ Elements: testCase.elements, Template: emptyTemplate(), }}, @@ -171,7 +172,6 @@ func TestMatchValuesGoTemplate(t *testing.T) { data, emptyTemplate(), &applicationSetInfo, nil) - assert.NoError(t, err) assert.ElementsMatch(t, testCase.expected, results[0].Params) }) @@ -341,9 +341,9 @@ func getMockClusterGenerator() Generator { } func getMockGitGenerator() Generator { - argoCDServiceMock := mocks.Repos{} - argoCDServiceMock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return([]string{"app1", "app2", "app_3", "p1/app4"}, nil) - var gitGenerator = NewGitGenerator(&argoCDServiceMock) + argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}} + argoCDServiceMock.Mock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return([]string{"app1", "app2", "app_3", "p1/app4"}, nil) + var gitGenerator = NewGitGenerator(argoCDServiceMock) return gitGenerator } @@ -358,8 +358,8 @@ func TestGetRelevantGenerators(t *testing.T) { testGenerators["Merge"] = NewMergeGenerator(testGenerators) testGenerators["List"] = NewListGenerator() - requestedGenerator := &argov1alpha1.ApplicationSetGenerator{ - List: &argov1alpha1.ListGenerator{ + requestedGenerator := &argoprojiov1alpha1.ApplicationSetGenerator{ + List: &argoprojiov1alpha1.ListGenerator{ Elements: []apiextensionsv1.JSON{{Raw: []byte(`{"cluster": "cluster","url": "url","values":{"foo":"bar"}}`)}}, }} @@ -367,10 +367,10 @@ func TestGetRelevantGenerators(t *testing.T) { assert.Len(t, relevantGenerators, 1) assert.IsType(t, &ListGenerator{}, relevantGenerators[0]) - requestedGenerator = &argov1alpha1.ApplicationSetGenerator{ - Clusters: &argov1alpha1.ClusterGenerator{ + requestedGenerator = &argoprojiov1alpha1.ApplicationSetGenerator{ + Clusters: &argoprojiov1alpha1.ClusterGenerator{ Selector: metav1.LabelSelector{}, - Template: argov1alpha1.ApplicationSetTemplate{}, + Template: argoprojiov1alpha1.ApplicationSetTemplate{}, Values: nil, }, } @@ -379,14 +379,14 @@ func TestGetRelevantGenerators(t *testing.T) { assert.Len(t, relevantGenerators, 1) assert.IsType(t, &ClusterGenerator{}, relevantGenerators[0]) - requestedGenerator = &argov1alpha1.ApplicationSetGenerator{ - Git: &argov1alpha1.GitGenerator{ + requestedGenerator = &argoprojiov1alpha1.ApplicationSetGenerator{ + Git: &argoprojiov1alpha1.GitGenerator{ RepoURL: "", Directories: nil, Files: nil, Revision: "", RequeueAfterSeconds: nil, - Template: argov1alpha1.ApplicationSetTemplate{}, + Template: argoprojiov1alpha1.ApplicationSetTemplate{}, }, } @@ -396,8 +396,8 @@ func TestGetRelevantGenerators(t *testing.T) { } func TestInterpolateGenerator(t *testing.T) { - requestedGenerator := &argov1alpha1.ApplicationSetGenerator{ - Clusters: &argov1alpha1.ClusterGenerator{ + requestedGenerator := &argoprojiov1alpha1.ApplicationSetGenerator{ + Clusters: &argoprojiov1alpha1.ClusterGenerator{ Selector: metav1.LabelSelector{ MatchLabels: map[string]string{ "argocd.argoproj.io/secret-type": "cluster", @@ -414,7 +414,7 @@ func TestInterpolateGenerator(t *testing.T) { "path[1]": "p2", "path.basenameNormalized": "app3", } - interpolatedGenerator, err := InterpolateGenerator(requestedGenerator, gitGeneratorParams, false, nil) + interpolatedGenerator, err := InterpolateGenerator(requestedGenerator, gitGeneratorParams, false) if err != nil { log.WithError(err).WithField("requestedGenerator", requestedGenerator).Error("error interpolating Generator") return @@ -423,23 +423,23 @@ func TestInterpolateGenerator(t *testing.T) { assert.Equal(t, "p1", interpolatedGenerator.Clusters.Selector.MatchLabels["path-zero"]) assert.Equal(t, "p1/p2/app3", interpolatedGenerator.Clusters.Selector.MatchLabels["path-full"]) - fileNamePath := argov1alpha1.GitFileGeneratorItem{ + fileNamePath := argoprojiov1alpha1.GitFileGeneratorItem{ Path: "{{name}}", } - fileServerPath := argov1alpha1.GitFileGeneratorItem{ + fileServerPath := argoprojiov1alpha1.GitFileGeneratorItem{ Path: "{{server}}", } - requestedGenerator = &argov1alpha1.ApplicationSetGenerator{ - Git: &argov1alpha1.GitGenerator{ - Files: append([]argov1alpha1.GitFileGeneratorItem{}, fileNamePath, fileServerPath), - Template: argov1alpha1.ApplicationSetTemplate{}, + requestedGenerator = &argoprojiov1alpha1.ApplicationSetGenerator{ + Git: &argoprojiov1alpha1.GitGenerator{ + Files: append([]argoprojiov1alpha1.GitFileGeneratorItem{}, fileNamePath, fileServerPath), + Template: argoprojiov1alpha1.ApplicationSetTemplate{}, }, } clusterGeneratorParams := map[string]interface{}{ "name": "production_01/west", "server": "https://production-01.example.com", } - interpolatedGenerator, err = InterpolateGenerator(requestedGenerator, clusterGeneratorParams, false, nil) + interpolatedGenerator, err = InterpolateGenerator(requestedGenerator, clusterGeneratorParams, false) if err != nil { log.WithError(err).WithField("requestedGenerator", requestedGenerator).Error("error interpolating Generator") return @@ -449,8 +449,8 @@ func TestInterpolateGenerator(t *testing.T) { } func TestInterpolateGenerator_go(t *testing.T) { - requestedGenerator := &argov1alpha1.ApplicationSetGenerator{ - Clusters: &argov1alpha1.ClusterGenerator{ + requestedGenerator := &argoprojiov1alpha1.ApplicationSetGenerator{ + Clusters: &argoprojiov1alpha1.ClusterGenerator{ Selector: metav1.LabelSelector{ MatchLabels: map[string]string{ "argocd.argoproj.io/secret-type": "cluster", @@ -467,7 +467,7 @@ func TestInterpolateGenerator_go(t *testing.T) { "segments": []string{"p1", "p2", "app3"}, }, } - interpolatedGenerator, err := InterpolateGenerator(requestedGenerator, gitGeneratorParams, true, nil) + interpolatedGenerator, err := InterpolateGenerator(requestedGenerator, gitGeneratorParams, true) require.NoError(t, err) if err != nil { log.WithError(err).WithField("requestedGenerator", requestedGenerator).Error("error interpolating Generator") @@ -477,23 +477,23 @@ func TestInterpolateGenerator_go(t *testing.T) { assert.Equal(t, "p1", interpolatedGenerator.Clusters.Selector.MatchLabels["path-zero"]) assert.Equal(t, "p1/p2/app3", interpolatedGenerator.Clusters.Selector.MatchLabels["path-full"]) - fileNamePath := argov1alpha1.GitFileGeneratorItem{ + fileNamePath := argoprojiov1alpha1.GitFileGeneratorItem{ Path: "{{.name}}", } - fileServerPath := argov1alpha1.GitFileGeneratorItem{ + fileServerPath := argoprojiov1alpha1.GitFileGeneratorItem{ Path: "{{.server}}", } - requestedGenerator = &argov1alpha1.ApplicationSetGenerator{ - Git: &argov1alpha1.GitGenerator{ - Files: append([]argov1alpha1.GitFileGeneratorItem{}, fileNamePath, fileServerPath), - Template: argov1alpha1.ApplicationSetTemplate{}, + requestedGenerator = &argoprojiov1alpha1.ApplicationSetGenerator{ + Git: &argoprojiov1alpha1.GitGenerator{ + Files: append([]argoprojiov1alpha1.GitFileGeneratorItem{}, fileNamePath, fileServerPath), + Template: argoprojiov1alpha1.ApplicationSetTemplate{}, }, } clusterGeneratorParams := map[string]interface{}{ "name": "production_01/west", "server": "https://production-01.example.com", } - interpolatedGenerator, err = InterpolateGenerator(requestedGenerator, clusterGeneratorParams, true, nil) + interpolatedGenerator, err = InterpolateGenerator(requestedGenerator, clusterGeneratorParams, true) if err != nil { log.WithError(err).WithField("requestedGenerator", requestedGenerator).Error("error interpolating Generator") return diff --git a/applicationset/generators/git.go b/applicationset/generators/git.go index d3d46f51c4575..911dc49391f18 100644 --- a/applicationset/generators/git.go +++ b/applicationset/generators/git.go @@ -59,25 +59,25 @@ func (g *GitGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.Applic var err error var res []map[string]interface{} if len(appSetGenerator.Git.Directories) != 0 { - res, err = g.generateParamsForGitDirectories(appSetGenerator, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions) + res, err = g.generateParamsForGitDirectories(appSetGenerator, appSet.Spec.GoTemplate) } else if len(appSetGenerator.Git.Files) != 0 { - res, err = g.generateParamsForGitFiles(appSetGenerator, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions) + res, err = g.generateParamsForGitFiles(appSetGenerator, appSet.Spec.GoTemplate) } else { return nil, EmptyAppSetGeneratorError } if err != nil { - return nil, fmt.Errorf("error generating params from git: %w", err) + return nil, err } return res, nil } -func (g *GitGenerator) generateParamsForGitDirectories(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool, goTemplateOptions []string) ([]map[string]interface{}, error) { +func (g *GitGenerator) generateParamsForGitDirectories(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool) ([]map[string]interface{}, error) { // Directories, not files allPaths, err := g.repos.GetDirectories(context.TODO(), appSetGenerator.Git.RepoURL, appSetGenerator.Git.Revision) if err != nil { - return nil, fmt.Errorf("error getting directories from repo: %w", err) + return nil, err } log.WithFields(log.Fields{ @@ -90,15 +90,12 @@ func (g *GitGenerator) generateParamsForGitDirectories(appSetGenerator *argoproj requestedApps := g.filterApps(appSetGenerator.Git.Directories, allPaths) - res, err := g.generateParamsFromApps(requestedApps, appSetGenerator, useGoTemplate, goTemplateOptions) - if err != nil { - return nil, fmt.Errorf("error generating params from apps: %w", err) - } + res := g.generateParamsFromApps(requestedApps, appSetGenerator, useGoTemplate) return res, nil } -func (g *GitGenerator) generateParamsForGitFiles(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool, goTemplateOptions []string) ([]map[string]interface{}, error) { +func (g *GitGenerator) generateParamsForGitFiles(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool) ([]map[string]interface{}, error) { // Get all files that match the requested path string, removing duplicates allFiles := make(map[string][]byte) @@ -125,7 +122,7 @@ func (g *GitGenerator) generateParamsForGitFiles(appSetGenerator *argoprojiov1al for _, path := range allPaths { // A JSON / YAML file path can contain multiple sets of parameters (ie it is an array) - paramsArray, err := g.generateParamsFromGitFile(path, allFiles[path], appSetGenerator.Git.Values, useGoTemplate, goTemplateOptions, appSetGenerator.Git.PathParamPrefix) + paramsArray, err := g.generateParamsFromGitFile(path, allFiles[path], useGoTemplate, appSetGenerator.Git.PathParamPrefix) if err != nil { return nil, fmt.Errorf("unable to process file '%s': %v", path, err) } @@ -135,7 +132,7 @@ func (g *GitGenerator) generateParamsForGitFiles(appSetGenerator *argoprojiov1al return res, nil } -func (g *GitGenerator) generateParamsFromGitFile(filePath string, fileContent []byte, values map[string]string, useGoTemplate bool, goTemplateOptions []string, pathParamPrefix string) ([]map[string]interface{}, error) { +func (g *GitGenerator) generateParamsFromGitFile(filePath string, fileContent []byte, useGoTemplate bool, pathParamPrefix string) ([]map[string]interface{}, error) { objectsFound := []map[string]interface{}{} // First, we attempt to parse as an array @@ -177,7 +174,7 @@ func (g *GitGenerator) generateParamsFromGitFile(filePath string, fileContent [] } else { flat, err := flatten.Flatten(objectFound, "", flatten.DotStyle) if err != nil { - return nil, fmt.Errorf("error flattening object: %w", err) + return nil, err } for k, v := range flat { params[k] = fmt.Sprintf("%v", v) @@ -198,11 +195,6 @@ func (g *GitGenerator) generateParamsFromGitFile(filePath string, fileContent [] } } - err := appendTemplatedValues(values, params, useGoTemplate, goTemplateOptions) - if err != nil { - return nil, fmt.Errorf("failed to append templated values: %w", err) - } - res = append(res, params) } @@ -237,7 +229,7 @@ func (g *GitGenerator) filterApps(Directories []argoprojiov1alpha1.GitDirectoryG return res } -func (g *GitGenerator) generateParamsFromApps(requestedApps []string, appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool, goTemplateOptions []string) ([]map[string]interface{}, error) { +func (g *GitGenerator) generateParamsFromApps(requestedApps []string, appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, useGoTemplate bool) []map[string]interface{} { res := make([]map[string]interface{}, len(requestedApps)) for i, a := range requestedApps { @@ -269,13 +261,8 @@ func (g *GitGenerator) generateParamsFromApps(requestedApps []string, appSetGene } } - err := appendTemplatedValues(appSetGenerator.Git.Values, params, useGoTemplate, goTemplateOptions) - if err != nil { - return nil, fmt.Errorf("failed to append templated values: %w", err) - } - res[i] = params } - return res, nil + return res } diff --git a/applicationset/generators/git_test.go b/applicationset/generators/git_test.go index 479987e8e763e..e428cfd3141e3 100644 --- a/applicationset/generators/git_test.go +++ b/applicationset/generators/git_test.go @@ -8,17 +8,23 @@ import ( "github.com/stretchr/testify/mock" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/argoproj/argo-cd/v2/applicationset/services/mocks" - + testutils "github.com/argoproj/argo-cd/v2/applicationset/utils/test" argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) +// type clientSet struct { +// RepoServerServiceClient apiclient.RepoServerServiceClient +// } + +// func (c *clientSet) NewRepoServerClient() (io.Closer, apiclient.RepoServerServiceClient, error) { +// return io.NewCloser(func() error { return nil }), c.RepoServerServiceClient, nil +// } + func Test_generateParamsFromGitFile(t *testing.T) { - values := map[string]string{} params, err := (*GitGenerator)(nil).generateParamsFromGitFile("path/dir/file_name.yaml", []byte(` foo: bar: baz -`), values, false, nil, "") +`), false, "") if err != nil { t.Fatal(err) } @@ -37,11 +43,10 @@ foo: } func Test_generatePrefixedParamsFromGitFile(t *testing.T) { - values := map[string]string{} params, err := (*GitGenerator)(nil).generateParamsFromGitFile("path/dir/file_name.yaml", []byte(` foo: bar: baz -`), values, false, nil, "myRepo") +`), false, "myRepo") if err != nil { t.Fatal(err) } @@ -60,11 +65,10 @@ foo: } func Test_generateParamsFromGitFileGoTemplate(t *testing.T) { - values := map[string]string{} params, err := (*GitGenerator)(nil).generateParamsFromGitFile("path/dir/file_name.yaml", []byte(` foo: bar: baz -`), values, true, nil, "") +`), true, "") if err != nil { t.Fatal(err) } @@ -89,11 +93,10 @@ foo: } func Test_generatePrefixedParamsFromGitFileGoTemplate(t *testing.T) { - values := map[string]string{} params, err := (*GitGenerator)(nil).generateParamsFromGitFile("path/dir/file_name.yaml", []byte(` foo: bar: baz -`), values, true, nil, "myRepo") +`), true, "myRepo") if err != nil { t.Fatal(err) } @@ -127,7 +130,6 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) { pathParamPrefix string repoApps []string repoError error - values map[string]string expected []map[string]interface{} expectedError error }{ @@ -218,25 +220,6 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) { }, expectedError: nil, }, - { - name: "Value variable interpolation", - directories: []argoprojiov1alpha1.GitDirectoryGeneratorItem{{Path: "*"}, {Path: "*/*"}}, - repoApps: []string{ - "app1", - "p1/app2", - }, - repoError: nil, - values: map[string]string{ - "foo": "bar", - "aaa": "{{ path[0] }}", - "no-op": "{{ this-does-not-exist }}", - }, - expected: []map[string]interface{}{ - {"values.foo": "bar", "values.no-op": "{{ this-does-not-exist }}", "values.aaa": "app1", "path": "app1", "path.basename": "app1", "path[0]": "app1", "path.basenameNormalized": "app1"}, - {"values.foo": "bar", "values.no-op": "{{ this-does-not-exist }}", "values.aaa": "p1", "path": "p1/app2", "path.basename": "app2", "path[0]": "p1", "path[1]": "app2", "path.basenameNormalized": "app2"}, - }, - expectedError: nil, - }, { name: "handles empty response from repo server", directories: []argoprojiov1alpha1.GitDirectoryGeneratorItem{{Path: "*"}}, @@ -251,7 +234,7 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) { repoApps: []string{}, repoError: fmt.Errorf("error"), expected: []map[string]interface{}{}, - expectedError: fmt.Errorf("error generating params from git: error getting directories from repo: error"), + expectedError: fmt.Errorf("error"), }, } @@ -261,11 +244,11 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) { t.Run(testCaseCopy.name, func(t *testing.T) { t.Parallel() - argoCDServiceMock := mocks.Repos{} + argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}} - argoCDServiceMock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return(testCaseCopy.repoApps, testCaseCopy.repoError) + argoCDServiceMock.Mock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return(testCaseCopy.repoApps, testCaseCopy.repoError) - var gitGenerator = NewGitGenerator(&argoCDServiceMock) + var gitGenerator = NewGitGenerator(argoCDServiceMock) applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "set", @@ -277,7 +260,6 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) { Revision: "Revision", Directories: testCaseCopy.directories, PathParamPrefix: testCaseCopy.pathParamPrefix, - Values: testCaseCopy.values, }, }}, }, @@ -292,7 +274,7 @@ func TestGitGenerateParamsFromDirectories(t *testing.T) { assert.Equal(t, testCaseCopy.expected, got) } - argoCDServiceMock.AssertExpectations(t) + argoCDServiceMock.Mock.AssertExpectations(t) }) } } @@ -547,7 +529,7 @@ func TestGitGenerateParamsFromDirectoriesGoTemplate(t *testing.T) { repoApps: []string{}, repoError: fmt.Errorf("error"), expected: []map[string]interface{}{}, - expectedError: fmt.Errorf("error generating params from git: error getting directories from repo: error"), + expectedError: fmt.Errorf("error"), }, } @@ -557,11 +539,11 @@ func TestGitGenerateParamsFromDirectoriesGoTemplate(t *testing.T) { t.Run(testCaseCopy.name, func(t *testing.T) { t.Parallel() - argoCDServiceMock := mocks.Repos{} + argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}} - argoCDServiceMock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return(testCaseCopy.repoApps, testCaseCopy.repoError) + argoCDServiceMock.Mock.On("GetDirectories", mock.Anything, mock.Anything, mock.Anything).Return(testCaseCopy.repoApps, testCaseCopy.repoError) - var gitGenerator = NewGitGenerator(&argoCDServiceMock) + var gitGenerator = NewGitGenerator(argoCDServiceMock) applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "set", @@ -588,7 +570,7 @@ func TestGitGenerateParamsFromDirectoriesGoTemplate(t *testing.T) { assert.Equal(t, testCaseCopy.expected, got) } - argoCDServiceMock.AssertExpectations(t) + argoCDServiceMock.Mock.AssertExpectations(t) }) } @@ -604,7 +586,6 @@ func TestGitGenerateParamsFromFiles(t *testing.T) { repoFileContents map[string][]byte // if repoPathsError is non-nil, the call to GetPaths(...) will return this error value repoPathsError error - values map[string]string expected []map[string]interface{} expectedError error }{ @@ -668,81 +649,13 @@ func TestGitGenerateParamsFromFiles(t *testing.T) { }, expectedError: nil, }, - { - name: "Value variable interpolation", - files: []argoprojiov1alpha1.GitFileGeneratorItem{{Path: "**/config.json"}}, - repoFileContents: map[string][]byte{ - "cluster-config/production/config.json": []byte(`{ - "cluster": { - "owner": "john.doe@example.com", - "name": "production", - "address": "https://kubernetes.default.svc" - }, - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 -}`), - "cluster-config/staging/config.json": []byte(`{ - "cluster": { - "owner": "foo.bar@example.com", - "name": "staging", - "address": "https://kubernetes.default.svc" - } -}`), - }, - repoPathsError: nil, - values: map[string]string{ - "aaa": "{{ cluster.owner }}", - "no-op": "{{ this-does-not-exist }}", - }, - expected: []map[string]interface{}{ - { - "cluster.owner": "john.doe@example.com", - "cluster.name": "production", - "cluster.address": "https://kubernetes.default.svc", - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "path": "cluster-config/production", - "path.basename": "production", - "path[0]": "cluster-config", - "path[1]": "production", - "path.basenameNormalized": "production", - "path.filename": "config.json", - "path.filenameNormalized": "config.json", - "values.aaa": "john.doe@example.com", - "values.no-op": "{{ this-does-not-exist }}", - }, - { - "cluster.owner": "foo.bar@example.com", - "cluster.name": "staging", - "cluster.address": "https://kubernetes.default.svc", - "path": "cluster-config/staging", - "path.basename": "staging", - "path[0]": "cluster-config", - "path[1]": "staging", - "path.basenameNormalized": "staging", - "path.filename": "config.json", - "path.filenameNormalized": "config.json", - "values.aaa": "foo.bar@example.com", - "values.no-op": "{{ this-does-not-exist }}", - }, - }, - expectedError: nil, - }, { name: "handles error during getting repo paths", files: []argoprojiov1alpha1.GitFileGeneratorItem{{Path: "**/config.json"}}, repoFileContents: map[string][]byte{}, repoPathsError: fmt.Errorf("paths error"), expected: []map[string]interface{}{}, - expectedError: fmt.Errorf("error generating params from git: paths error"), + expectedError: fmt.Errorf("paths error"), }, { name: "test invalid JSON file returns error", @@ -752,7 +665,7 @@ func TestGitGenerateParamsFromFiles(t *testing.T) { }, repoPathsError: nil, expected: []map[string]interface{}{}, - expectedError: fmt.Errorf("error generating params from git: unable to process file 'cluster-config/production/config.json': unable to parse file: error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string into Go value of type map[string]interface {}"), + expectedError: fmt.Errorf("unable to process file 'cluster-config/production/config.json': unable to parse file: error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string into Go value of type map[string]interface {}"), }, { name: "test JSON array", @@ -917,11 +830,11 @@ cluster: t.Run(testCaseCopy.name, func(t *testing.T) { t.Parallel() - argoCDServiceMock := mocks.Repos{} - argoCDServiceMock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything). + argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}} + argoCDServiceMock.Mock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything). Return(testCaseCopy.repoFileContents, testCaseCopy.repoPathsError) - var gitGenerator = NewGitGenerator(&argoCDServiceMock) + var gitGenerator = NewGitGenerator(argoCDServiceMock) applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "set", @@ -932,7 +845,6 @@ cluster: RepoURL: "RepoURL", Revision: "Revision", Files: testCaseCopy.files, - Values: testCaseCopy.values, }, }}, }, @@ -948,7 +860,7 @@ cluster: assert.ElementsMatch(t, testCaseCopy.expected, got) } - argoCDServiceMock.AssertExpectations(t) + argoCDServiceMock.Mock.AssertExpectations(t) }) } } @@ -1048,7 +960,7 @@ func TestGitGenerateParamsFromFilesGoTemplate(t *testing.T) { repoFileContents: map[string][]byte{}, repoPathsError: fmt.Errorf("paths error"), expected: []map[string]interface{}{}, - expectedError: fmt.Errorf("error generating params from git: paths error"), + expectedError: fmt.Errorf("paths error"), }, { name: "test invalid JSON file returns error", @@ -1058,7 +970,7 @@ func TestGitGenerateParamsFromFilesGoTemplate(t *testing.T) { }, repoPathsError: nil, expected: []map[string]interface{}{}, - expectedError: fmt.Errorf("error generating params from git: unable to process file 'cluster-config/production/config.json': unable to parse file: error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string into Go value of type map[string]interface {}"), + expectedError: fmt.Errorf("unable to process file 'cluster-config/production/config.json': unable to parse file: error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string into Go value of type map[string]interface {}"), }, { name: "test JSON array", @@ -1267,11 +1179,11 @@ cluster: t.Run(testCaseCopy.name, func(t *testing.T) { t.Parallel() - argoCDServiceMock := mocks.Repos{} - argoCDServiceMock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything). + argoCDServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}} + argoCDServiceMock.Mock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything). Return(testCaseCopy.repoFileContents, testCaseCopy.repoPathsError) - var gitGenerator = NewGitGenerator(&argoCDServiceMock) + var gitGenerator = NewGitGenerator(argoCDServiceMock) applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "set", @@ -1298,7 +1210,7 @@ cluster: assert.ElementsMatch(t, testCaseCopy.expected, got) } - argoCDServiceMock.AssertExpectations(t) + argoCDServiceMock.Mock.AssertExpectations(t) }) } } diff --git a/applicationset/generators/list.go b/applicationset/generators/list.go index b3afabe6dac7d..d53da88c467f1 100644 --- a/applicationset/generators/list.go +++ b/applicationset/generators/list.go @@ -5,9 +5,8 @@ import ( "fmt" "time" - "sigs.k8s.io/yaml" - argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + "sigs.k8s.io/yaml" ) var _ Generator = (*ListGenerator)(nil) @@ -83,7 +82,7 @@ func (g *ListGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.Appli if err != nil { return nil, fmt.Errorf("error unmarshling decoded ElementsYaml %v", err) } - res = append(res, yamlElements...) + res = append(res, yamlElements...) } return res, nil diff --git a/applicationset/generators/matrix.go b/applicationset/generators/matrix.go index e4d1b74cb7ecc..0389e8ad9062a 100644 --- a/applicationset/generators/matrix.go +++ b/applicationset/generators/matrix.go @@ -8,8 +8,6 @@ import ( "github.com/argoproj/argo-cd/v2/applicationset/utils" argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - - log "github.com/sirupsen/logrus" ) var _ Generator = (*MatrixGenerator)(nil) @@ -50,7 +48,7 @@ func (m *MatrixGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.App g0, err := m.getParams(appSetGenerator.Matrix.Generators[0], appSet, nil) if err != nil { - return nil, fmt.Errorf("error failed to get params for first generator in matrix generator: %w", err) + return nil, err } for _, a := range g0 { g1, err := m.getParams(appSetGenerator.Matrix.Generators[1], appSet, a) @@ -86,21 +84,9 @@ func (m *MatrixGenerator) getParams(appSetBaseGenerator argoprojiov1alpha1.Appli if err != nil { return nil, err } - if matrixGen != nil && !appSet.Spec.ApplyNestedSelectors { - foundSelector := dropDisabledNestedSelectors(matrixGen.Generators) - if foundSelector { - log.Warnf("AppSet '%v' defines selector on nested matrix generator's generator without enabling them via 'spec.applyNestedSelectors', ignoring nested selectors", appSet.Name) - } - } mergeGen, err := getMergeGenerator(appSetBaseGenerator) if err != nil { - return nil, fmt.Errorf("error retrieving merge generator: %w", err) - } - if mergeGen != nil && !appSet.Spec.ApplyNestedSelectors { - foundSelector := dropDisabledNestedSelectors(mergeGen.Generators) - if foundSelector { - log.Warnf("AppSet '%v' defines selector on nested merge generator's generator without enabling them via 'spec.applyNestedSelectors', ignoring nested selectors", appSet.Name) - } + return nil, err } t, err := Transform( @@ -111,7 +97,6 @@ func (m *MatrixGenerator) getParams(appSetBaseGenerator argoprojiov1alpha1.Appli SCMProvider: appSetBaseGenerator.SCMProvider, ClusterDecisionResource: appSetBaseGenerator.ClusterDecisionResource, PullRequest: appSetBaseGenerator.PullRequest, - Plugin: appSetBaseGenerator.Plugin, Matrix: matrixGen, Merge: mergeGen, Selector: appSetBaseGenerator.Selector, @@ -150,7 +135,6 @@ func (m *MatrixGenerator) GetRequeueAfter(appSetGenerator *argoprojiov1alpha1.Ap Clusters: r.Clusters, Git: r.Git, PullRequest: r.PullRequest, - Plugin: r.Plugin, Matrix: matrixGen, Merge: mergeGen, } diff --git a/applicationset/generators/matrix_test.go b/applicationset/generators/matrix_test.go index 902a7b86b2d73..f451c4527a1aa 100644 --- a/applicationset/generators/matrix_test.go +++ b/applicationset/generators/matrix_test.go @@ -13,12 +13,11 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/fake" - "github.com/argoproj/argo-cd/v2/applicationset/services/mocks" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + testutils "github.com/argoproj/argo-cd/v2/applicationset/utils/test" argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) @@ -849,7 +848,7 @@ func TestMatrixGenerateListElementsYaml(t *testing.T) { } listGenerator := &argoprojiov1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{}, + Elements: []apiextensionsv1.JSON{}, ElementsYaml: "{{ .foo.bar | toJson }}", } @@ -871,59 +870,60 @@ func TestMatrixGenerateListElementsYaml(t *testing.T) { }, expected: []map[string]interface{}{ { - "chart": "a", - "version": "1", + "chart": "a", + "version": "1", "foo": map[string]interface{}{ "bar": []interface{}{ map[string]interface{}{ - "chart": "a", + "chart": "a", "version": "1", }, map[string]interface{}{ - "chart": "b", + "chart": "b", "version": "2", }, }, }, "path": map[string]interface{}{ - "basename": "dir", + "basename": "dir", "basenameNormalized": "dir", - "filename": "file_name.yaml", + "filename": "file_name.yaml", "filenameNormalized": "file-name.yaml", - "path": "path/dir", - "segments": []string{ + "path": "path/dir", + "segments": []string { "path", "dir", }, }, }, { - "chart": "b", - "version": "2", + "chart": "b", + "version": "2", "foo": map[string]interface{}{ "bar": []interface{}{ map[string]interface{}{ - "chart": "a", + "chart": "a", "version": "1", }, map[string]interface{}{ - "chart": "b", + "chart": "b", "version": "2", }, }, }, "path": map[string]interface{}{ - "basename": "dir", + "basename": "dir", "basenameNormalized": "dir", - "filename": "file_name.yaml", + "filename": "file_name.yaml", "filenameNormalized": "file-name.yaml", - "path": "path/dir", - "segments": []string{ + "path": "path/dir", + "segments": []string { "path", "dir", }, }, }, + }, }, } @@ -952,26 +952,27 @@ func TestMatrixGenerateListElementsYaml(t *testing.T) { "foo": map[string]interface{}{ "bar": []interface{}{ map[string]interface{}{ - "chart": "a", + "chart": "a", "version": "1", }, map[string]interface{}{ - "chart": "b", + "chart": "b", "version": "2", }, }, }, "path": map[string]interface{}{ - "basename": "dir", + "basename": "dir", "basenameNormalized": "dir", - "filename": "file_name.yaml", + "filename": "file_name.yaml", "filenameNormalized": "file-name.yaml", - "path": "path/dir", - "segments": []string{ + "path": "path/dir", + "segments": []string { "path", "dir", }, }, + }}, nil) genMock.On("GetTemplate", &gitGeneratorSpec). Return(&argoprojiov1alpha1.ApplicationSetTemplate{}) @@ -1053,8 +1054,8 @@ func TestGitGenerator_GenerateParams_list_x_git_matrix_generator(t *testing.T) { }, } - repoServiceMock := &mocks.Repos{} - repoServiceMock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(map[string][]byte{ + repoServiceMock := testutils.ArgoCDServiceMock{Mock: &mock.Mock{}} + repoServiceMock.Mock.On("GetFiles", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(map[string][]byte{ "some/path.json": []byte("test: content"), }, nil) gitGenerator := NewGitGenerator(repoServiceMock) diff --git a/applicationset/generators/merge.go b/applicationset/generators/merge.go index 48ac2596ef0d9..a2827a74ba5f0 100644 --- a/applicationset/generators/merge.go +++ b/applicationset/generators/merge.go @@ -9,8 +9,6 @@ import ( "github.com/argoproj/argo-cd/v2/applicationset/utils" argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - - log "github.com/sirupsen/logrus" ) var _ Generator = (*MergeGenerator)(nil) @@ -38,10 +36,10 @@ func NewMergeGenerator(supportedGenerators map[string]Generator) Generator { // in slices ordered according to the order of the given generators. func (m *MergeGenerator) getParamSetsForAllGenerators(generators []argoprojiov1alpha1.ApplicationSetNestedGenerator, appSet *argoprojiov1alpha1.ApplicationSet) ([][]map[string]interface{}, error) { var paramSets [][]map[string]interface{} - for i, generator := range generators { + for _, generator := range generators { generatorParamSets, err := m.getParams(generator, appSet) if err != nil { - return nil, fmt.Errorf("error getting params from generator %d of %d: %w", i+1, len(generators), err) + return nil, err } // concatenate param lists produced by each generator paramSets = append(paramSets, generatorParamSets) @@ -61,18 +59,18 @@ func (m *MergeGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.Appl paramSetsFromGenerators, err := m.getParamSetsForAllGenerators(appSetGenerator.Merge.Generators, appSet) if err != nil { - return nil, fmt.Errorf("error getting param sets from generators: %w", err) + return nil, err } baseParamSetsByMergeKey, err := getParamSetsByMergeKey(appSetGenerator.Merge.MergeKeys, paramSetsFromGenerators[0]) if err != nil { - return nil, fmt.Errorf("error getting param sets by merge key: %w", err) + return nil, err } for _, paramSets := range paramSetsFromGenerators[1:] { paramSetsByMergeKey, err := getParamSetsByMergeKey(appSetGenerator.Merge.MergeKeys, paramSets) if err != nil { - return nil, fmt.Errorf("error getting param sets by merge key: %w", err) + return nil, err } for mergeKeyValue, baseParamSet := range baseParamSetsByMergeKey { @@ -80,13 +78,13 @@ func (m *MergeGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.Appl if appSet.Spec.GoTemplate { if err := mergo.Merge(&baseParamSet, overrideParamSet, mergo.WithOverride); err != nil { - return nil, fmt.Errorf("error merging base param set with override param set: %w", err) + return nil, fmt.Errorf("failed to merge base param set with override param set: %w", err) } baseParamSetsByMergeKey[mergeKeyValue] = baseParamSet } else { overriddenParamSet, err := utils.CombineStringMapsAllowDuplicates(baseParamSet, overrideParamSet) if err != nil { - return nil, fmt.Errorf("error combining string maps: %w", err) + return nil, err } baseParamSetsByMergeKey[mergeKeyValue] = utils.ConvertToMapStringInterface(overriddenParamSet) } @@ -125,7 +123,7 @@ func getParamSetsByMergeKey(mergeKeys []string, paramSets []map[string]interface } paramSetKeyJson, err := json.Marshal(paramSetKey) if err != nil { - return nil, fmt.Errorf("error marshalling param set key json: %w", err) + return nil, err } paramSetKeyString := string(paramSetKeyJson) if _, exists := paramSetsByMergeKey[paramSetKeyString]; exists { @@ -143,22 +141,10 @@ func (m *MergeGenerator) getParams(appSetBaseGenerator argoprojiov1alpha1.Applic if err != nil { return nil, err } - if matrixGen != nil && !appSet.Spec.ApplyNestedSelectors { - foundSelector := dropDisabledNestedSelectors(matrixGen.Generators) - if foundSelector { - log.Warnf("AppSet '%v' defines selector on nested matrix generator's generator without enabling them via 'spec.applyNestedSelectors', ignoring nested selector", appSet.Name) - } - } mergeGen, err := getMergeGenerator(appSetBaseGenerator) if err != nil { return nil, err } - if mergeGen != nil && !appSet.Spec.ApplyNestedSelectors { - foundSelector := dropDisabledNestedSelectors(mergeGen.Generators) - if foundSelector { - log.Warnf("AppSet '%v' defines selector on nested merge generator's generator without enabling them via 'spec.applyNestedSelectors', ignoring nested selector", appSet.Name) - } - } t, err := Transform( argoprojiov1alpha1.ApplicationSetGenerator{ @@ -168,7 +154,6 @@ func (m *MergeGenerator) getParams(appSetBaseGenerator argoprojiov1alpha1.Applic SCMProvider: appSetBaseGenerator.SCMProvider, ClusterDecisionResource: appSetBaseGenerator.ClusterDecisionResource, PullRequest: appSetBaseGenerator.PullRequest, - Plugin: appSetBaseGenerator.Plugin, Matrix: matrixGen, Merge: mergeGen, Selector: appSetBaseGenerator.Selector, @@ -205,7 +190,6 @@ func (m *MergeGenerator) GetRequeueAfter(appSetGenerator *argoprojiov1alpha1.App Clusters: r.Clusters, Git: r.Git, PullRequest: r.PullRequest, - Plugin: r.Plugin, Matrix: matrixGen, Merge: mergeGen, } @@ -234,7 +218,7 @@ func getMergeGenerator(r argoprojiov1alpha1.ApplicationSetNestedGenerator) (*arg } merge, err := argoprojiov1alpha1.ToNestedMergeGenerator(r.Merge) if err != nil { - return nil, fmt.Errorf("error converting to nested merge generator: %w", err) + return nil, err } return merge.ToMergeGenerator(), nil } diff --git a/applicationset/generators/plugin.go b/applicationset/generators/plugin.go deleted file mode 100644 index e0acca0622cdc..0000000000000 --- a/applicationset/generators/plugin.go +++ /dev/null @@ -1,211 +0,0 @@ -package generators - -import ( - "context" - "fmt" - "strconv" - "strings" - "time" - - "github.com/jeremywohl/flatten" - corev1 "k8s.io/api/core/v1" - "k8s.io/client-go/kubernetes" - "sigs.k8s.io/controller-runtime/pkg/client" - - argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - "github.com/argoproj/argo-cd/v2/util/settings" - - "github.com/argoproj/argo-cd/v2/applicationset/services/plugin" -) - -const ( - DefaultPluginRequeueAfterSeconds = 30 * time.Minute -) - -var _ Generator = (*PluginGenerator)(nil) - -type PluginGenerator struct { - client client.Client - ctx context.Context - clientset kubernetes.Interface - namespace string -} - -func NewPluginGenerator(client client.Client, ctx context.Context, clientset kubernetes.Interface, namespace string) Generator { - g := &PluginGenerator{ - client: client, - ctx: ctx, - clientset: clientset, - namespace: namespace, - } - return g -} - -func (g *PluginGenerator) GetRequeueAfter(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator) time.Duration { - // Return a requeue default of 30 minutes, if no default is specified. - - if appSetGenerator.Plugin.RequeueAfterSeconds != nil { - return time.Duration(*appSetGenerator.Plugin.RequeueAfterSeconds) * time.Second - } - - return DefaultPluginRequeueAfterSeconds -} - -func (g *PluginGenerator) GetTemplate(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator) *argoprojiov1alpha1.ApplicationSetTemplate { - return &appSetGenerator.Plugin.Template -} - -func (g *PluginGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, applicationSetInfo *argoprojiov1alpha1.ApplicationSet) ([]map[string]interface{}, error) { - - if appSetGenerator == nil { - return nil, EmptyAppSetGeneratorError - } - - if appSetGenerator.Plugin == nil { - return nil, EmptyAppSetGeneratorError - } - - ctx := context.Background() - - providerConfig := appSetGenerator.Plugin - - pluginClient, err := g.getPluginFromGenerator(ctx, applicationSetInfo.Name, providerConfig) - if err != nil { - return nil, fmt.Errorf("error getting plugin from generator: %w", err) - } - - list, err := pluginClient.List(ctx, providerConfig.Input.Parameters) - if err != nil { - return nil, fmt.Errorf("error listing params: %w", err) - } - - res, err := g.generateParams(appSetGenerator, applicationSetInfo, list.Output.Parameters, appSetGenerator.Plugin.Input.Parameters, applicationSetInfo.Spec.GoTemplate) - if err != nil { - return nil, fmt.Errorf("error generating params: %w", err) - } - - return res, nil -} - -func (g *PluginGenerator) getPluginFromGenerator(ctx context.Context, appSetName string, generatorConfig *argoprojiov1alpha1.PluginGenerator) (*plugin.Service, error) { - cm, err := g.getConfigMap(ctx, generatorConfig.ConfigMapRef.Name) - if err != nil { - return nil, fmt.Errorf("error fetching ConfigMap: %w", err) - } - token, err := g.getToken(ctx, cm["token"]) - if err != nil { - return nil, fmt.Errorf("error fetching Secret token: %v", err) - } - - var requestTimeout int - requestTimeoutStr, ok := cm["requestTimeout"] - if ok { - requestTimeout, err = strconv.Atoi(requestTimeoutStr) - if err != nil { - return nil, fmt.Errorf("error set requestTimeout : %w", err) - } - } - - pluginClient, err := plugin.NewPluginService(ctx, appSetName, cm["baseUrl"], token, requestTimeout) - if err != nil { - return nil, fmt.Errorf("error initializing plugin client: %w", err) - } - return pluginClient, nil -} - -func (g *PluginGenerator) generateParams(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, appSet *argoprojiov1alpha1.ApplicationSet, objectsFound []map[string]interface{}, pluginParams argoprojiov1alpha1.PluginParameters, useGoTemplate bool) ([]map[string]interface{}, error) { - res := []map[string]interface{}{} - - for _, objectFound := range objectsFound { - - params := map[string]interface{}{} - - if useGoTemplate { - for k, v := range objectFound { - params[k] = v - } - } else { - flat, err := flatten.Flatten(objectFound, "", flatten.DotStyle) - if err != nil { - return nil, err - } - for k, v := range flat { - params[k] = fmt.Sprintf("%v", v) - } - } - - params["generator"] = map[string]interface{}{ - "input": map[string]argoprojiov1alpha1.PluginParameters{ - "parameters": pluginParams, - }, - } - - err := appendTemplatedValues(appSetGenerator.Plugin.Values, params, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions) - if err != nil { - return nil, err - } - - res = append(res, params) - } - - return res, nil -} - -func (g *PluginGenerator) getToken(ctx context.Context, tokenRef string) (string, error) { - - if tokenRef == "" || !strings.HasPrefix(tokenRef, "$") { - return "", fmt.Errorf("token is empty, or does not reference a secret key starting with '$': %v", tokenRef) - } - - secretName, tokenKey := plugin.ParseSecretKey(tokenRef) - - secret := &corev1.Secret{} - err := g.client.Get( - ctx, - client.ObjectKey{ - Name: secretName, - Namespace: g.namespace, - }, - secret) - - if err != nil { - return "", fmt.Errorf("error fetching secret %s/%s: %v", g.namespace, secretName, err) - } - - secretValues := make(map[string]string, len(secret.Data)) - - for k, v := range secret.Data { - secretValues[k] = string(v) - } - - token := settings.ReplaceStringSecret(tokenKey, secretValues) - - return token, err -} - -func (g *PluginGenerator) getConfigMap(ctx context.Context, configMapRef string) (map[string]string, error) { - cm := &corev1.ConfigMap{} - err := g.client.Get( - ctx, - client.ObjectKey{ - Name: configMapRef, - Namespace: g.namespace, - }, - cm) - - if err != nil { - return nil, err - } - - baseUrl, ok := cm.Data["baseUrl"] - if !ok || baseUrl == "" { - return nil, fmt.Errorf("baseUrl not found in ConfigMap") - } - - token, ok := cm.Data["token"] - if !ok || token == "" { - return nil, fmt.Errorf("token not found in ConfigMap") - } - - return cm.Data, nil -} diff --git a/applicationset/generators/plugin_test.go b/applicationset/generators/plugin_test.go deleted file mode 100644 index 9611a2cbf14c1..0000000000000 --- a/applicationset/generators/plugin_test.go +++ /dev/null @@ -1,705 +0,0 @@ -package generators - -import ( - "context" - "encoding/json" - "fmt" - "net/http" - "net/http/httptest" - "strings" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - v1 "k8s.io/api/core/v1" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - kubefake "k8s.io/client-go/kubernetes/fake" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/client/fake" - - "github.com/argoproj/argo-cd/v2/applicationset/services/plugin" - argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" -) - -func TestPluginGenerateParams(t *testing.T) { - testCases := []struct { - name string - configmap *v1.ConfigMap - secret *v1.Secret - inputParameters map[string]apiextensionsv1.JSON - values map[string]string - gotemplate bool - expected []map[string]interface{} - content []byte - expectedError error - }{ - { - name: "simple case", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - gotemplate: false, - content: []byte(`{"output": { - "parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }] - }}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: nil, - }, - { - name: "simple case with values", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - values: map[string]string{ - "valuekey1": "valuevalue1", - "valuekey2": "templated-{{key1}}", - }, - gotemplate: false, - content: []byte(`{"output": { - "parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }] - }}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "values.valuekey1": "valuevalue1", - "values.valuekey2": "templated-val1", - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: nil, - }, - { - name: "simple case with gotemplate", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - gotemplate: true, - content: []byte(`{"output": { - "parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }] - }}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2": map[string]interface{}{ - "key2_1": "val2_1", - "key2_2": map[string]interface{}{ - "key2_2_1": "val2_2_1", - }, - }, - "key3": float64(123), - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: nil, - }, - { - name: "simple case with appended params", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - gotemplate: false, - content: []byte(`{"output": {"parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123, - "pkey2": "valplugin" - }]}}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "pkey2": "valplugin", - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: nil, - }, - { - name: "no params", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: argoprojiov1alpha1.PluginParameters{}, - gotemplate: false, - content: []byte(`{"output": { - "parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }] - }}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "generator": map[string]interface{}{ - "input": map[string]map[string]interface{}{ - "parameters": {}, - }, - }, - }, - }, - expectedError: nil, - }, - { - name: "empty return", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{}, - gotemplate: false, - content: []byte(`{"input": {"parameters": []}}`), - expected: []map[string]interface{}{}, - expectedError: nil, - }, - { - name: "wrong return", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{}, - gotemplate: false, - content: []byte(`wrong body ...`), - expected: []map[string]interface{}{}, - expectedError: fmt.Errorf("error listing params: error get api 'set': invalid character 'w' looking for beginning of value: wrong body ..."), - }, - { - name: "external secret", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin-secret:plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "plugin-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - gotemplate: false, - content: []byte(`{"output": {"parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123, - "pkey2": "valplugin" - }]}}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "pkey2": "valplugin", - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: nil, - }, - { - name: "no secret", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{}, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - gotemplate: false, - content: []byte(`{"output": { - "parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }] - }}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: fmt.Errorf("error getting plugin from generator: error fetching Secret token: error fetching secret default/argocd-secret: secrets \"argocd-secret\" not found"), - }, - { - name: "no configmap", - configmap: &v1.ConfigMap{}, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - gotemplate: false, - content: []byte(`{"output": { - "parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }] - }}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: fmt.Errorf("error getting plugin from generator: error fetching ConfigMap: configmaps \"\" not found"), - }, - { - name: "no baseUrl", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "token": "$plugin.token", - }, - }, - secret: &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: "default", - }, - Data: map[string][]byte{ - "plugin.token": []byte("my-secret"), - }, - }, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - gotemplate: false, - content: []byte(`{"output": { - "parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }] - }}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: fmt.Errorf("error getting plugin from generator: error fetching ConfigMap: baseUrl not found in ConfigMap"), - }, - { - name: "no token", - configmap: &v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: "first-plugin-cm", - Namespace: "default", - }, - Data: map[string]string{ - "baseUrl": "http://127.0.0.1", - }, - }, - secret: &v1.Secret{}, - inputParameters: map[string]apiextensionsv1.JSON{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - gotemplate: false, - content: []byte(`{"output": { - "parameters": [{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }] - }}`), - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2.key2_1": "val2_1", - "key2.key2_2.key2_2_1": "val2_2_1", - "key3": "123", - "generator": map[string]interface{}{ - "input": argoprojiov1alpha1.PluginInput{ - Parameters: argoprojiov1alpha1.PluginParameters{ - "pkey1": {Raw: []byte(`"val1"`)}, - "pkey2": {Raw: []byte(`"val2"`)}, - }, - }, - }, - }, - }, - expectedError: fmt.Errorf("error getting plugin from generator: error fetching ConfigMap: token not found in ConfigMap"), - }, - } - - ctx := context.Background() - - for _, testCase := range testCases { - - t.Run(testCase.name, func(t *testing.T) { - - generatorConfig := argoprojiov1alpha1.ApplicationSetGenerator{ - Plugin: &argoprojiov1alpha1.PluginGenerator{ - ConfigMapRef: argoprojiov1alpha1.PluginConfigMapRef{Name: testCase.configmap.Name}, - Input: argoprojiov1alpha1.PluginInput{ - Parameters: testCase.inputParameters, - }, - Values: testCase.values, - }, - } - - handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - - authHeader := r.Header.Get("Authorization") - _, tokenKey := plugin.ParseSecretKey(testCase.configmap.Data["token"]) - expectedToken := testCase.secret.Data[strings.Replace(tokenKey, "$", "", -1)] - if authHeader != "Bearer "+string(expectedToken) { - w.WriteHeader(http.StatusUnauthorized) - return - } - - w.Header().Set("Content-Type", "application/json") - _, err := w.Write(testCase.content) - if err != nil { - assert.NoError(t, fmt.Errorf("Error Write %v", err)) - } - }) - - fakeServer := httptest.NewServer(handler) - - defer fakeServer.Close() - - if _, ok := testCase.configmap.Data["baseUrl"]; ok { - testCase.configmap.Data["baseUrl"] = fakeServer.URL - } - - fakeClient := kubefake.NewSimpleClientset(append([]runtime.Object{}, testCase.configmap, testCase.secret)...) - - fakeClientWithCache := fake.NewClientBuilder().WithObjects([]client.Object{testCase.configmap, testCase.secret}...).Build() - - var pluginGenerator = NewPluginGenerator(fakeClientWithCache, ctx, fakeClient, "default") - - applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: "set", - }, - Spec: argoprojiov1alpha1.ApplicationSetSpec{ - GoTemplate: testCase.gotemplate, - }, - } - - got, err := pluginGenerator.GenerateParams(&generatorConfig, &applicationSetInfo) - - if err != nil { - fmt.Println(err) - } - - if testCase.expectedError != nil { - assert.EqualError(t, err, testCase.expectedError.Error()) - } else { - assert.NoError(t, err) - expectedJson, err := json.Marshal(testCase.expected) - require.NoError(t, err) - gotJson, err := json.Marshal(got) - require.NoError(t, err) - assert.Equal(t, string(expectedJson), string(gotJson)) - } - }) - } -} diff --git a/applicationset/generators/pull_request.go b/applicationset/generators/pull_request.go index c024f1b723919..db6c80c6c0f5c 100644 --- a/applicationset/generators/pull_request.go +++ b/applicationset/generators/pull_request.go @@ -11,6 +11,7 @@ import ( "github.com/gosimple/slug" + "github.com/argoproj/argo-cd/v2/applicationset/services/pull_request" pullrequest "github.com/argoproj/argo-cd/v2/applicationset/services/pull_request" argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) @@ -25,16 +26,12 @@ type PullRequestGenerator struct { client client.Client selectServiceProviderFunc func(context.Context, *argoprojiov1alpha1.PullRequestGenerator, *argoprojiov1alpha1.ApplicationSet) (pullrequest.PullRequestService, error) auth SCMAuthProviders - scmRootCAPath string - allowedSCMProviders []string } -func NewPullRequestGenerator(client client.Client, auth SCMAuthProviders, scmRootCAPath string, allowedScmProviders []string) Generator { +func NewPullRequestGenerator(client client.Client, auth SCMAuthProviders) Generator { g := &PullRequestGenerator{ - client: client, - auth: auth, - scmRootCAPath: scmRootCAPath, - allowedSCMProviders: allowedScmProviders, + client: client, + auth: auth, } g.selectServiceProviderFunc = g.selectServiceProvider return g @@ -69,7 +66,7 @@ func (g *PullRequestGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha return nil, fmt.Errorf("failed to select pull request service provider: %v", err) } - pulls, err := pullrequest.ListPullRequests(ctx, svc, appSetGenerator.PullRequest.Filters) + pulls, err := pull_request.ListPullRequests(ctx, svc, appSetGenerator.PullRequest.Filters) if err != nil { return nil, fmt.Errorf("error listing repos: %v", err) } @@ -87,27 +84,18 @@ func (g *PullRequestGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha } var shortSHALength int - var shortSHALength7 int for _, pull := range pulls { shortSHALength = 8 if len(pull.HeadSHA) < 8 { shortSHALength = len(pull.HeadSHA) } - shortSHALength7 = 7 - if len(pull.HeadSHA) < 7 { - shortSHALength7 = len(pull.HeadSHA) - } - paramMap := map[string]interface{}{ - "number": strconv.Itoa(pull.Number), - "branch": pull.Branch, - "branch_slug": slug.Make(pull.Branch), - "target_branch": pull.TargetBranch, - "target_branch_slug": slug.Make(pull.TargetBranch), - "head_sha": pull.HeadSHA, - "head_short_sha": pull.HeadSHA[:shortSHALength], - "head_short_sha_7": pull.HeadSHA[:shortSHALength7], + "number": strconv.Itoa(pull.Number), + "branch": pull.Branch, + "branch_slug": slug.Make(pull.Branch), + "head_sha": pull.HeadSHA, + "head_short_sha": pull.HeadSHA[:shortSHALength], } // PR lables will only be supported for Go Template appsets, since fasttemplate will be deprecated. @@ -122,27 +110,18 @@ func (g *PullRequestGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha // selectServiceProvider selects the provider to get pull requests from the configuration func (g *PullRequestGenerator) selectServiceProvider(ctx context.Context, generatorConfig *argoprojiov1alpha1.PullRequestGenerator, applicationSetInfo *argoprojiov1alpha1.ApplicationSet) (pullrequest.PullRequestService, error) { if generatorConfig.Github != nil { - if !ScmProviderAllowed(applicationSetInfo, generatorConfig.Github.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", generatorConfig.Github.API) - } return g.github(ctx, generatorConfig.Github, applicationSetInfo) } if generatorConfig.GitLab != nil { providerConfig := generatorConfig.GitLab - if !ScmProviderAllowed(applicationSetInfo, providerConfig.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.API) - } token, err := g.getSecretRef(ctx, providerConfig.TokenRef, applicationSetInfo.Namespace) if err != nil { return nil, fmt.Errorf("error fetching Secret token: %v", err) } - return pullrequest.NewGitLabService(ctx, token, providerConfig.API, providerConfig.Project, providerConfig.Labels, providerConfig.PullRequestState, g.scmRootCAPath, providerConfig.Insecure) + return pullrequest.NewGitLabService(ctx, token, providerConfig.API, providerConfig.Project, providerConfig.Labels, providerConfig.PullRequestState) } if generatorConfig.Gitea != nil { providerConfig := generatorConfig.Gitea - if !ScmProviderAllowed(applicationSetInfo, providerConfig.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", generatorConfig.Gitea.API) - } token, err := g.getSecretRef(ctx, providerConfig.TokenRef, applicationSetInfo.Namespace) if err != nil { return nil, fmt.Errorf("error fetching Secret token: %v", err) @@ -151,9 +130,6 @@ func (g *PullRequestGenerator) selectServiceProvider(ctx context.Context, genera } if generatorConfig.BitbucketServer != nil { providerConfig := generatorConfig.BitbucketServer - if !ScmProviderAllowed(applicationSetInfo, providerConfig.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.API) - } if providerConfig.BasicAuth != nil { password, err := g.getSecretRef(ctx, providerConfig.BasicAuth.PasswordRef, applicationSetInfo.Namespace) if err != nil { @@ -164,32 +140,6 @@ func (g *PullRequestGenerator) selectServiceProvider(ctx context.Context, genera return pullrequest.NewBitbucketServiceNoAuth(ctx, providerConfig.API, providerConfig.Project, providerConfig.Repo) } } - if generatorConfig.Bitbucket != nil { - providerConfig := generatorConfig.Bitbucket - if providerConfig.BearerToken != nil { - appToken, err := g.getSecretRef(ctx, providerConfig.BearerToken.TokenRef, applicationSetInfo.Namespace) - if err != nil { - return nil, fmt.Errorf("error fetching Secret Bearer token: %v", err) - } - return pullrequest.NewBitbucketCloudServiceBearerToken(providerConfig.API, appToken, providerConfig.Owner, providerConfig.Repo) - } else if providerConfig.BasicAuth != nil { - password, err := g.getSecretRef(ctx, providerConfig.BasicAuth.PasswordRef, applicationSetInfo.Namespace) - if err != nil { - return nil, fmt.Errorf("error fetching Secret token: %v", err) - } - return pullrequest.NewBitbucketCloudServiceBasicAuth(providerConfig.API, providerConfig.BasicAuth.Username, password, providerConfig.Owner, providerConfig.Repo) - } else { - return pullrequest.NewBitbucketCloudServiceNoAuth(providerConfig.API, providerConfig.Owner, providerConfig.Repo) - } - } - if generatorConfig.AzureDevOps != nil { - providerConfig := generatorConfig.AzureDevOps - token, err := g.getSecretRef(ctx, providerConfig.TokenRef, applicationSetInfo.Namespace) - if err != nil { - return nil, fmt.Errorf("error fetching Secret token: %v", err) - } - return pullrequest.NewAzureDevOpsService(ctx, token, providerConfig.API, providerConfig.Organization, providerConfig.Project, providerConfig.Repo, providerConfig.Labels) - } return nil, fmt.Errorf("no Pull Request provider implementation configured") } diff --git a/applicationset/generators/pull_request_test.go b/applicationset/generators/pull_request_test.go index 72017f522946e..caad198670302 100644 --- a/applicationset/generators/pull_request_test.go +++ b/applicationset/generators/pull_request_test.go @@ -27,11 +27,10 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { return pullrequest.NewFakeService( ctx, []*pullrequest.PullRequest{ - { - Number: 1, - Branch: "branch1", - TargetBranch: "master", - HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958", + &pullrequest.PullRequest{ + Number: 1, + Branch: "branch1", + HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958", }, }, nil, @@ -39,14 +38,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { }, expected: []map[string]interface{}{ { - "number": "1", - "branch": "branch1", - "branch_slug": "branch1", - "target_branch": "master", - "target_branch_slug": "master", - "head_sha": "089d92cbf9ff857a39e6feccd32798ca700fb958", - "head_short_sha": "089d92cb", - "head_short_sha_7": "089d92c", + "number": "1", + "branch": "branch1", + "branch_slug": "branch1", + "head_sha": "089d92cbf9ff857a39e6feccd32798ca700fb958", + "head_short_sha": "089d92cb", }, }, expectedErr: nil, @@ -56,11 +52,10 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { return pullrequest.NewFakeService( ctx, []*pullrequest.PullRequest{ - { - Number: 2, - Branch: "feat/areally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature", - TargetBranch: "feat/anotherreally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature", - HeadSHA: "9b34ff5bd418e57d58891eb0aa0728043ca1e8be", + &pullrequest.PullRequest{ + Number: 2, + Branch: "feat/areally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature", + HeadSHA: "9b34ff5bd418e57d58891eb0aa0728043ca1e8be", }, }, nil, @@ -68,14 +63,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { }, expected: []map[string]interface{}{ { - "number": "2", - "branch": "feat/areally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature", - "branch_slug": "feat-areally-long-pull-request-name-to-test-argo", - "target_branch": "feat/anotherreally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature", - "target_branch_slug": "feat-anotherreally-long-pull-request-name-to-test", - "head_sha": "9b34ff5bd418e57d58891eb0aa0728043ca1e8be", - "head_short_sha": "9b34ff5b", - "head_short_sha_7": "9b34ff5", + "number": "2", + "branch": "feat/areally+long_pull_request_name_to_test_argo_slugification_and_branch_name_shortening_feature", + "branch_slug": "feat-areally-long-pull-request-name-to-test-argo", + "head_sha": "9b34ff5bd418e57d58891eb0aa0728043ca1e8be", + "head_short_sha": "9b34ff5b", }, }, expectedErr: nil, @@ -85,11 +77,10 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { return pullrequest.NewFakeService( ctx, []*pullrequest.PullRequest{ - { - Number: 1, - Branch: "a-very-short-sha", - TargetBranch: "master", - HeadSHA: "abcd", + &pullrequest.PullRequest{ + Number: 1, + Branch: "a-very-short-sha", + HeadSHA: "abcd", }, }, nil, @@ -97,14 +88,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { }, expected: []map[string]interface{}{ { - "number": "1", - "branch": "a-very-short-sha", - "branch_slug": "a-very-short-sha", - "target_branch": "master", - "target_branch_slug": "master", - "head_sha": "abcd", - "head_short_sha": "abcd", - "head_short_sha_7": "abcd", + "number": "1", + "branch": "a-very-short-sha", + "branch_slug": "a-very-short-sha", + "head_sha": "abcd", + "head_short_sha": "abcd", }, }, expectedErr: nil, @@ -125,12 +113,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { return pullrequest.NewFakeService( ctx, []*pullrequest.PullRequest{ - { - Number: 1, - Branch: "branch1", - TargetBranch: "master", - HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958", - Labels: []string{"preview"}, + &pullrequest.PullRequest{ + Number: 1, + Branch: "branch1", + HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958", + Labels: []string{"preview"}, }, }, nil, @@ -138,15 +125,12 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { }, expected: []map[string]interface{}{ { - "number": "1", - "branch": "branch1", - "branch_slug": "branch1", - "target_branch": "master", - "target_branch_slug": "master", - "head_sha": "089d92cbf9ff857a39e6feccd32798ca700fb958", - "head_short_sha": "089d92cb", - "head_short_sha_7": "089d92c", - "labels": []string{"preview"}, + "number": "1", + "branch": "branch1", + "branch_slug": "branch1", + "head_sha": "089d92cbf9ff857a39e6feccd32798ca700fb958", + "head_short_sha": "089d92cb", + "labels": []string{"preview"}, }, }, expectedErr: nil, @@ -162,12 +146,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { return pullrequest.NewFakeService( ctx, []*pullrequest.PullRequest{ - { - Number: 1, - Branch: "branch1", - TargetBranch: "master", - HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958", - Labels: []string{"preview"}, + &pullrequest.PullRequest{ + Number: 1, + Branch: "branch1", + HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958", + Labels: []string{"preview"}, }, }, nil, @@ -175,14 +158,11 @@ func TestPullRequestGithubGenerateParams(t *testing.T) { }, expected: []map[string]interface{}{ { - "number": "1", - "branch": "branch1", - "branch_slug": "branch1", - "target_branch": "master", - "target_branch_slug": "master", - "head_sha": "089d92cbf9ff857a39e6feccd32798ca700fb958", - "head_short_sha": "089d92cb", - "head_short_sha_7": "089d92c", + "number": "1", + "branch": "branch1", + "branch_slug": "branch1", + "head_sha": "089d92cbf9ff857a39e6feccd32798ca700fb958", + "head_short_sha": "089d92cb", }, }, expectedErr: nil, @@ -273,80 +253,3 @@ func TestPullRequestGetSecretRef(t *testing.T) { }) } } - -func TestAllowedSCMProviderPullRequest(t *testing.T) { - cases := []struct { - name string - providerConfig *argoprojiov1alpha1.PullRequestGenerator - expectedError string - }{ - { - name: "Error Github", - providerConfig: &argoprojiov1alpha1.PullRequestGenerator{ - Github: &argoprojiov1alpha1.PullRequestGeneratorGithub{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "failed to select pull request service provider: scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - { - name: "Error Gitlab", - providerConfig: &argoprojiov1alpha1.PullRequestGenerator{ - GitLab: &argoprojiov1alpha1.PullRequestGeneratorGitLab{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "failed to select pull request service provider: scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - { - name: "Error Gitea", - providerConfig: &argoprojiov1alpha1.PullRequestGenerator{ - Gitea: &argoprojiov1alpha1.PullRequestGeneratorGitea{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "failed to select pull request service provider: scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - { - name: "Error Bitbucket", - providerConfig: &argoprojiov1alpha1.PullRequestGenerator{ - BitbucketServer: &argoprojiov1alpha1.PullRequestGeneratorBitbucketServer{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "failed to select pull request service provider: scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - } - - for _, testCase := range cases { - testCaseCopy := testCase - - t.Run(testCaseCopy.name, func(t *testing.T) { - t.Parallel() - - pullRequestGenerator := NewPullRequestGenerator(nil, SCMAuthProviders{}, "", []string{ - "github.myorg.com", - "gitlab.myorg.com", - "gitea.myorg.com", - "bitbucket.myorg.com", - "azuredevops.myorg.com", - }) - - applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: "set", - }, - Spec: argoprojiov1alpha1.ApplicationSetSpec{ - Generators: []argoprojiov1alpha1.ApplicationSetGenerator{{ - PullRequest: testCaseCopy.providerConfig, - }}, - }, - } - - _, err := pullRequestGenerator.GenerateParams(&applicationSetInfo.Spec.Generators[0], &applicationSetInfo) - - assert.Error(t, err, "Must return an error") - assert.Equal(t, testCaseCopy.expectedError, err.Error()) - }) - } -} diff --git a/applicationset/generators/scm_provider.go b/applicationset/generators/scm_provider.go index 3d7c930870eaf..352b60d26d398 100644 --- a/applicationset/generators/scm_provider.go +++ b/applicationset/generators/scm_provider.go @@ -9,12 +9,9 @@ import ( corev1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" - log "github.com/sirupsen/logrus" - "github.com/argoproj/argo-cd/v2/applicationset/services/github_app_auth" "github.com/argoproj/argo-cd/v2/applicationset/services/scm_provider" "github.com/argoproj/argo-cd/v2/applicationset/utils" - "github.com/argoproj/argo-cd/v2/common" argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) @@ -29,20 +26,16 @@ type SCMProviderGenerator struct { // Testing hooks. overrideProvider scm_provider.SCMProviderService SCMAuthProviders - scmRootCAPath string - allowedSCMProviders []string } type SCMAuthProviders struct { GitHubApps github_app_auth.Credentials } -func NewSCMProviderGenerator(client client.Client, providers SCMAuthProviders, scmRootCAPath string, allowedSCMProviders []string) Generator { +func NewSCMProviderGenerator(client client.Client, providers SCMAuthProviders) Generator { return &SCMProviderGenerator{ - client: client, - SCMAuthProviders: providers, - scmRootCAPath: scmRootCAPath, - allowedSCMProviders: allowedSCMProviders, + client: client, + SCMAuthProviders: providers, } } @@ -65,26 +58,6 @@ func (g *SCMProviderGenerator) GetTemplate(appSetGenerator *argoprojiov1alpha1.A return &appSetGenerator.SCMProvider.Template } -func ScmProviderAllowed(applicationSetInfo *argoprojiov1alpha1.ApplicationSet, url string, allowedScmProviders []string) bool { - if url == "" || len(allowedScmProviders) == 0 { - return true - } - - for _, allowedScmProvider := range allowedScmProviders { - if url == allowedScmProvider { - return true - } - } - - log.WithFields(log.Fields{ - common.SecurityField: common.SecurityMedium, - "applicationset": applicationSetInfo.Name, - "appSetNamespace": applicationSetInfo.Namespace, - }).Debugf("attempted to use disallowed SCM %q", url) - - return false -} - func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, applicationSetInfo *argoprojiov1alpha1.ApplicationSet) ([]map[string]interface{}, error) { if appSetGenerator == nil { return nil, EmptyAppSetGeneratorError @@ -102,30 +75,21 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha if g.overrideProvider != nil { provider = g.overrideProvider } else if providerConfig.Github != nil { - if !ScmProviderAllowed(applicationSetInfo, providerConfig.Github.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.Github.API) - } var err error provider, err = g.githubProvider(ctx, providerConfig.Github, applicationSetInfo) if err != nil { return nil, fmt.Errorf("scm provider: %w", err) } } else if providerConfig.Gitlab != nil { - if !ScmProviderAllowed(applicationSetInfo, providerConfig.Gitlab.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.Gitlab.API) - } token, err := g.getSecretRef(ctx, providerConfig.Gitlab.TokenRef, applicationSetInfo.Namespace) if err != nil { return nil, fmt.Errorf("error fetching Gitlab token: %v", err) } - provider, err = scm_provider.NewGitlabProvider(ctx, providerConfig.Gitlab.Group, token, providerConfig.Gitlab.API, providerConfig.Gitlab.AllBranches, providerConfig.Gitlab.IncludeSubgroups, providerConfig.Gitlab.WillIncludeSharedProjects(), providerConfig.Gitlab.Insecure, g.scmRootCAPath, providerConfig.Gitlab.Topic) + provider, err = scm_provider.NewGitlabProvider(ctx, providerConfig.Gitlab.Group, token, providerConfig.Gitlab.API, providerConfig.Gitlab.AllBranches, providerConfig.Gitlab.IncludeSubgroups) if err != nil { return nil, fmt.Errorf("error initializing Gitlab service: %v", err) } } else if providerConfig.Gitea != nil { - if !ScmProviderAllowed(applicationSetInfo, providerConfig.Gitea.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.Gitea.API) - } token, err := g.getSecretRef(ctx, providerConfig.Gitea.TokenRef, applicationSetInfo.Namespace) if err != nil { return nil, fmt.Errorf("error fetching Gitea token: %v", err) @@ -136,9 +100,6 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha } } else if providerConfig.BitbucketServer != nil { providerConfig := providerConfig.BitbucketServer - if !ScmProviderAllowed(applicationSetInfo, providerConfig.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.API) - } var scmError error if providerConfig.BasicAuth != nil { password, err := g.getSecretRef(ctx, providerConfig.BasicAuth.PasswordRef, applicationSetInfo.Namespace) @@ -153,9 +114,6 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha return nil, fmt.Errorf("error initializing Bitbucket Server service: %v", scmError) } } else if providerConfig.AzureDevOps != nil { - if !ScmProviderAllowed(applicationSetInfo, providerConfig.AzureDevOps.API, g.allowedSCMProviders) { - return nil, fmt.Errorf("scm provider not allowed: %s", providerConfig.AzureDevOps.API) - } token, err := g.getSecretRef(ctx, providerConfig.AzureDevOps.AccessTokenRef, applicationSetInfo.Namespace) if err != nil { return nil, fmt.Errorf("error fetching Azure Devops access token: %v", err) @@ -173,12 +131,6 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha if err != nil { return nil, fmt.Errorf("error initializing Bitbucket cloud service: %v", err) } - } else if providerConfig.AWSCodeCommit != nil { - var awsErr error - provider, awsErr = scm_provider.NewAWSCodeCommitProvider(ctx, providerConfig.AWSCodeCommit.TagFilters, providerConfig.AWSCodeCommit.Role, providerConfig.AWSCodeCommit.Region, providerConfig.AWSCodeCommit.AllBranches) - if awsErr != nil { - return nil, fmt.Errorf("error initializing AWS codecommit service: %v", awsErr) - } } else { return nil, fmt.Errorf("no SCM provider implementation configured") } @@ -188,40 +140,26 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha if err != nil { return nil, fmt.Errorf("error listing repos: %v", err) } - paramsArray := make([]map[string]interface{}, 0, len(repos)) + params := make([]map[string]interface{}, 0, len(repos)) var shortSHALength int - var shortSHALength7 int for _, repo := range repos { shortSHALength = 8 if len(repo.SHA) < 8 { shortSHALength = len(repo.SHA) } - shortSHALength7 = 7 - if len(repo.SHA) < 7 { - shortSHALength7 = len(repo.SHA) - } - - params := map[string]interface{}{ + params = append(params, map[string]interface{}{ "organization": repo.Organization, "repository": repo.Repository, "url": repo.URL, "branch": repo.Branch, "sha": repo.SHA, "short_sha": repo.SHA[:shortSHALength], - "short_sha_7": repo.SHA[:shortSHALength7], "labels": strings.Join(repo.Labels, ","), "branchNormalized": utils.SanitizeName(repo.Branch), - } - - err := appendTemplatedValues(appSetGenerator.SCMProvider.Values, params, applicationSetInfo.Spec.GoTemplate, applicationSetInfo.Spec.GoTemplateOptions) - if err != nil { - return nil, fmt.Errorf("failed to append templated values: %w", err) - } - - paramsArray = append(paramsArray, params) + }) } - return paramsArray, nil + return params, nil } func (g *SCMProviderGenerator) getSecretRef(ctx context.Context, ref *argoprojiov1alpha1.SecretRef, namespace string) (string, error) { diff --git a/applicationset/generators/scm_provider_test.go b/applicationset/generators/scm_provider_test.go index 4dcb8fdf3ce6f..bcc4490194285 100644 --- a/applicationset/generators/scm_provider_test.go +++ b/applicationset/generators/scm_provider_test.go @@ -80,209 +80,38 @@ func TestSCMProviderGetSecretRef(t *testing.T) { } func TestSCMProviderGenerateParams(t *testing.T) { - cases := []struct { - name string - repos []*scm_provider.Repository - values map[string]string - expected []map[string]interface{} - expectedError error - }{ - { - name: "Multiple repos with labels", - repos: []*scm_provider.Repository{ - { - Organization: "myorg", - Repository: "repo1", - URL: "git@github.com:myorg/repo1.git", - Branch: "main", - SHA: "0bc57212c3cbbec69d20b34c507284bd300def5b", - Labels: []string{"prod", "staging"}, - }, - { - Organization: "myorg", - Repository: "repo2", - URL: "git@github.com:myorg/repo2.git", - Branch: "main", - SHA: "59d0", - }, + mockProvider := &scm_provider.MockProvider{ + Repos: []*scm_provider.Repository{ + { + Organization: "myorg", + Repository: "repo1", + URL: "git@github.com:myorg/repo1.git", + Branch: "main", + SHA: "0bc57212c3cbbec69d20b34c507284bd300def5b", + Labels: []string{"prod", "staging"}, }, - expected: []map[string]interface{}{ - { - "organization": "myorg", - "repository": "repo1", - "url": "git@github.com:myorg/repo1.git", - "branch": "main", - "branchNormalized": "main", - "sha": "0bc57212c3cbbec69d20b34c507284bd300def5b", - "short_sha": "0bc57212", - "short_sha_7": "0bc5721", - "labels": "prod,staging", - }, - { - "organization": "myorg", - "repository": "repo2", - "url": "git@github.com:myorg/repo2.git", - "branch": "main", - "branchNormalized": "main", - "sha": "59d0", - "short_sha": "59d0", - "short_sha_7": "59d0", - "labels": "", - }, + { + Organization: "myorg", + Repository: "repo2", + URL: "git@github.com:myorg/repo2.git", + Branch: "main", + SHA: "59d0", }, }, - { - name: "Value interpolation", - repos: []*scm_provider.Repository{ - { - Organization: "myorg", - Repository: "repo3", - URL: "git@github.com:myorg/repo3.git", - Branch: "main", - SHA: "0bc57212c3cbbec69d20b34c507284bd300def5b", - Labels: []string{"prod", "staging"}, - }, - }, - values: map[string]string{ - "foo": "bar", - "should_i_force_push_to": "{{ branch }}?", - }, - expected: []map[string]interface{}{ - { - "organization": "myorg", - "repository": "repo3", - "url": "git@github.com:myorg/repo3.git", - "branch": "main", - "branchNormalized": "main", - "sha": "0bc57212c3cbbec69d20b34c507284bd300def5b", - "short_sha": "0bc57212", - "short_sha_7": "0bc5721", - "labels": "prod,staging", - "values.foo": "bar", - "values.should_i_force_push_to": "main?", - }, - }, - }, - } - - for _, testCase := range cases { - testCaseCopy := testCase - - t.Run(testCaseCopy.name, func(t *testing.T) { - t.Parallel() - - mockProvider := &scm_provider.MockProvider{ - Repos: testCaseCopy.repos, - } - scmGenerator := &SCMProviderGenerator{overrideProvider: mockProvider} - applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: "set", - }, - Spec: argoprojiov1alpha1.ApplicationSetSpec{ - Generators: []argoprojiov1alpha1.ApplicationSetGenerator{{ - SCMProvider: &argoprojiov1alpha1.SCMProviderGenerator{ - Values: testCaseCopy.values, - }, - }}, - }, - } - - got, err := scmGenerator.GenerateParams(&applicationSetInfo.Spec.Generators[0], &applicationSetInfo) - - if testCaseCopy.expectedError != nil { - assert.EqualError(t, err, testCaseCopy.expectedError.Error()) - } else { - assert.NoError(t, err) - assert.Equal(t, testCaseCopy.expected, got) - } - - }) - } -} - -func TestAllowedSCMProvider(t *testing.T) { - cases := []struct { - name string - providerConfig *argoprojiov1alpha1.SCMProviderGenerator - expectedError string - }{ - { - name: "Error Github", - providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{ - Github: &argoprojiov1alpha1.SCMProviderGeneratorGithub{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - { - name: "Error Gitlab", - providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{ - Gitlab: &argoprojiov1alpha1.SCMProviderGeneratorGitlab{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - { - name: "Error Gitea", - providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{ - Gitea: &argoprojiov1alpha1.SCMProviderGeneratorGitea{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - { - name: "Error Bitbucket", - providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{ - BitbucketServer: &argoprojiov1alpha1.SCMProviderGeneratorBitbucketServer{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - { - name: "Error AzureDevops", - providerConfig: &argoprojiov1alpha1.SCMProviderGenerator{ - AzureDevOps: &argoprojiov1alpha1.SCMProviderGeneratorAzureDevOps{ - API: "https://myservice.mynamespace.svc.cluster.local", - }, - }, - expectedError: "scm provider not allowed: https://myservice.mynamespace.svc.cluster.local", - }, - } - - for _, testCase := range cases { - testCaseCopy := testCase - - t.Run(testCaseCopy.name, func(t *testing.T) { - t.Parallel() - - scmGenerator := &SCMProviderGenerator{allowedSCMProviders: []string{ - "github.myorg.com", - "gitlab.myorg.com", - "gitea.myorg.com", - "bitbucket.myorg.com", - "azuredevops.myorg.com", - }} - - applicationSetInfo := argoprojiov1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: "set", - }, - Spec: argoprojiov1alpha1.ApplicationSetSpec{ - Generators: []argoprojiov1alpha1.ApplicationSetGenerator{{ - SCMProvider: testCaseCopy.providerConfig, - }}, - }, - } - - _, err := scmGenerator.GenerateParams(&applicationSetInfo.Spec.Generators[0], &applicationSetInfo) - - assert.Error(t, err, "Must return an error") - assert.Equal(t, testCaseCopy.expectedError, err.Error()) - }) } + gen := &SCMProviderGenerator{overrideProvider: mockProvider} + params, err := gen.GenerateParams(&argoprojiov1alpha1.ApplicationSetGenerator{ + SCMProvider: &argoprojiov1alpha1.SCMProviderGenerator{}, + }, nil) + assert.Nil(t, err) + assert.Len(t, params, 2) + assert.Equal(t, "myorg", params[0]["organization"]) + assert.Equal(t, "repo1", params[0]["repository"]) + assert.Equal(t, "git@github.com:myorg/repo1.git", params[0]["url"]) + assert.Equal(t, "main", params[0]["branch"]) + assert.Equal(t, "0bc57212c3cbbec69d20b34c507284bd300def5b", params[0]["sha"]) + assert.Equal(t, "0bc57212", params[0]["short_sha"]) + assert.Equal(t, "59d0", params[1]["short_sha"]) + assert.Equal(t, "prod,staging", params[0]["labels"]) + assert.Equal(t, "repo2", params[1]["repository"]) } diff --git a/applicationset/generators/value_interpolation.go b/applicationset/generators/value_interpolation.go deleted file mode 100644 index 05a078d42f782..0000000000000 --- a/applicationset/generators/value_interpolation.go +++ /dev/null @@ -1,43 +0,0 @@ -package generators - -import ( - "fmt" -) - -func appendTemplatedValues(values map[string]string, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) error { - // We create a local map to ensure that we do not fall victim to a billion-laughs attack. We iterate through the - // cluster values map and only replace values in said map if it has already been allowlisted in the params map. - // Once we iterate through all the cluster values we can then safely merge the `tmp` map into the main params map. - tmp := map[string]interface{}{} - - for key, value := range values { - result, err := replaceTemplatedString(value, params, useGoTemplate, goTemplateOptions) - - if err != nil { - return fmt.Errorf("failed to replace templated string: %w", err) - } - - if useGoTemplate { - if tmp["values"] == nil { - tmp["values"] = map[string]string{} - } - tmp["values"].(map[string]string)[key] = result - } else { - tmp[fmt.Sprintf("values.%s", key)] = result - } - } - - for key, value := range tmp { - params[key] = value - } - - return nil -} - -func replaceTemplatedString(value string, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (string, error) { - replacedTmplStr, err := render.Replace(value, params, useGoTemplate, goTemplateOptions) - if err != nil { - return "", fmt.Errorf("failed to replace templated string with rendered values: %w", err) - } - return replacedTmplStr, nil -} diff --git a/applicationset/generators/value_interpolation_test.go b/applicationset/generators/value_interpolation_test.go deleted file mode 100644 index 8aa57dc0c0e65..0000000000000 --- a/applicationset/generators/value_interpolation_test.go +++ /dev/null @@ -1,125 +0,0 @@ -package generators - -import ( - "testing" - - "github.com/stretchr/testify/assert" -) - -func TestValueInterpolation(t *testing.T) { - testCases := []struct { - name string - values map[string]string - params map[string]interface{} - expected map[string]interface{} - }{ - { - name: "Simple interpolation", - values: map[string]string{ - "hello": "{{ world }}", - }, - params: map[string]interface{}{ - "world": "world!", - }, - expected: map[string]interface{}{ - "world": "world!", - "values.hello": "world!", - }, - }, - { - name: "Non-existent", - values: map[string]string{ - "non-existent": "{{ non-existent }}", - }, - params: map[string]interface{}{}, - expected: map[string]interface{}{ - "values.non-existent": "{{ non-existent }}", - }, - }, - { - name: "Billion laughs", - values: map[string]string{ - "lol1": "lol", - "lol2": "{{values.lol1}}{{values.lol1}}", - "lol3": "{{values.lol2}}{{values.lol2}}{{values.lol2}}", - }, - params: map[string]interface{}{}, - expected: map[string]interface{}{ - "values.lol1": "lol", - "values.lol2": "{{values.lol1}}{{values.lol1}}", - "values.lol3": "{{values.lol2}}{{values.lol2}}{{values.lol2}}", - }, - }, - } - - for _, testCase := range testCases { - - t.Run(testCase.name, func(t *testing.T) { - err := appendTemplatedValues(testCase.values, testCase.params, false, nil) - assert.NoError(t, err) - assert.EqualValues(t, testCase.expected, testCase.params) - }) - } -} - -func TestValueInterpolationWithGoTemplating(t *testing.T) { - testCases := []struct { - name string - values map[string]string - params map[string]interface{} - expected map[string]interface{} - }{ - { - name: "Simple interpolation", - values: map[string]string{ - "hello": "{{ .world }}", - }, - params: map[string]interface{}{ - "world": "world!", - }, - expected: map[string]interface{}{ - "world": "world!", - "values": map[string]string{ - "hello": "world!", - }, - }, - }, - { - name: "Non-existent to default", - values: map[string]string{ - "non_existent": "{{ default \"bar\" .non_existent }}", - }, - params: map[string]interface{}{}, - expected: map[string]interface{}{ - "values": map[string]string{ - "non_existent": "bar", - }, - }, - }, - { - name: "Billion laughs", - values: map[string]string{ - "lol1": "lol", - "lol2": "{{.values.lol1}}{{.values.lol1}}", - "lol3": "{{.values.lol2}}{{.values.lol2}}{{.values.lol2}}", - }, - params: map[string]interface{}{}, - expected: map[string]interface{}{ - "values": map[string]string{ - "lol1": "lol", - "lol2": "", - "lol3": "", - }, - }, - }, - } - - for _, testCase := range testCases { - - t.Run(testCase.name, func(t *testing.T) { - err := appendTemplatedValues(testCase.values, testCase.params, true, nil) - assert.NoError(t, err) - assert.EqualValues(t, testCase.expected, testCase.params) - }) - } -} diff --git a/applicationset/services/internal/http/client.go b/applicationset/services/internal/http/client.go deleted file mode 100644 index 00bcf32f3204f..0000000000000 --- a/applicationset/services/internal/http/client.go +++ /dev/null @@ -1,161 +0,0 @@ -package http - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "io" - "net/http" - "strings" - "time" -) - -const ( - userAgent = "argocd-applicationset" - defaultTimeout = 30 -) - -type Client struct { - // URL is the URL used for API requests. - baseURL string - - // UserAgent is the user agent to include in HTTP requests. - UserAgent string - - // Token is used to make authenticated API calls. - token string - - // Client is an HTTP client used to communicate with the API. - client *http.Client -} - -type ErrorResponse struct { - Body []byte - Response *http.Response - Message string -} - -func NewClient(baseURL string, options ...ClientOptionFunc) (*Client, error) { - client, err := newClient(baseURL, options...) - if err != nil { - return nil, err - } - return client, nil -} - -func newClient(baseURL string, options ...ClientOptionFunc) (*Client, error) { - c := &Client{baseURL: baseURL, UserAgent: userAgent} - - // Configure the HTTP client. - c.client = &http.Client{ - Timeout: time.Duration(defaultTimeout) * time.Second, - } - - // Apply any given client options. - for _, fn := range options { - if fn == nil { - continue - } - if err := fn(c); err != nil { - return nil, err - } - } - - return c, nil -} - -func (c *Client) NewRequest(method, path string, body interface{}, options []ClientOptionFunc) (*http.Request, error) { - - // Make sure the given URL end with a slash - if !strings.HasSuffix(c.baseURL, "/") { - c.baseURL += "/" - } - - var buf io.ReadWriter - if body != nil { - buf = &bytes.Buffer{} - enc := json.NewEncoder(buf) - enc.SetEscapeHTML(false) - err := enc.Encode(body) - if err != nil { - return nil, err - } - } - - req, err := http.NewRequest(method, c.baseURL+path, buf) - if err != nil { - return nil, err - } - - if body != nil { - req.Header.Set("Content-Type", "application/json") - } - - if len(c.token) != 0 { - req.Header.Set("Authorization", "Bearer "+c.token) - } - - if c.UserAgent != "" { - req.Header.Set("User-Agent", c.UserAgent) - } - - return req, nil -} - -func (c *Client) Do(ctx context.Context, req *http.Request, v interface{}) (*http.Response, error) { - resp, err := c.client.Do(req) - if err != nil { - return nil, err - } - - defer resp.Body.Close() - - if err := CheckResponse(resp); err != nil { - return resp, err - } - - switch v := v.(type) { - case nil: - case io.Writer: - _, err = io.Copy(v, resp.Body) - default: - buf := new(bytes.Buffer) - teeReader := io.TeeReader(resp.Body, buf) - decErr := json.NewDecoder(teeReader).Decode(v) - if decErr == io.EOF { - decErr = nil // ignore EOF errors caused by empty response body - } - if decErr != nil { - err = fmt.Errorf("%s: %s", decErr.Error(), buf.String()) - } - } - return resp, err -} - -// CheckResponse checks the API response for errors, and returns them if present. -func CheckResponse(resp *http.Response) error { - - if c := resp.StatusCode; 200 <= c && c <= 299 { - return nil - } - - data, err := io.ReadAll(resp.Body) - if err != nil { - return fmt.Errorf("API error with status code %d: %v", resp.StatusCode, err) - } - - var raw map[string]interface{} - if err := json.Unmarshal(data, &raw); err != nil { - return fmt.Errorf("API error with status code %d: %s", resp.StatusCode, string(data)) - } - - message := "" - if value, ok := raw["message"].(string); ok { - message = value - } else if value, ok := raw["error"].(string); ok { - message = value - } - - return fmt.Errorf("API error with status code %d: %s", resp.StatusCode, message) -} diff --git a/applicationset/services/internal/http/client_options.go b/applicationset/services/internal/http/client_options.go deleted file mode 100644 index ec388c9a80605..0000000000000 --- a/applicationset/services/internal/http/client_options.go +++ /dev/null @@ -1,22 +0,0 @@ -package http - -import "time" - -// ClientOptionFunc can be used to customize a new Restful API client. -type ClientOptionFunc func(*Client) error - -// WithToken is an option for NewClient to set token -func WithToken(token string) ClientOptionFunc { - return func(c *Client) error { - c.token = token - return nil - } -} - -// WithTimeout can be used to configure a custom timeout for requests. -func WithTimeout(timeout int) ClientOptionFunc { - return func(c *Client) error { - c.client.Timeout = time.Duration(timeout) * time.Second - return nil - } -} diff --git a/applicationset/services/internal/http/client_test.go b/applicationset/services/internal/http/client_test.go deleted file mode 100644 index ca2c916177fee..0000000000000 --- a/applicationset/services/internal/http/client_test.go +++ /dev/null @@ -1,163 +0,0 @@ -package http - -import ( - "bytes" - "context" - "fmt" - "io" - "net/http" - "net/http/httptest" - "testing" - - "github.com/stretchr/testify/assert" -) - -func TestClient(t *testing.T) { - server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - _, err := w.Write([]byte("Hello, World!")) - if err != nil { - assert.NoError(t, fmt.Errorf("Error Write %v", err)) - } - })) - defer server.Close() - - var clientOptionFns []ClientOptionFunc - _, err := NewClient(server.URL, clientOptionFns...) - - if err != nil { - t.Fatalf("Failed to create client: %v", err) - } -} - -func TestClientDo(t *testing.T) { - ctx := context.Background() - - for _, c := range []struct { - name string - params map[string]string - content []byte - fakeServer *httptest.Server - clientOptionFns []ClientOptionFunc - expected []map[string]interface{} - expectedCode int - expectedError error - }{ - { - name: "Simple", - params: map[string]string{ - "pkey1": "val1", - "pkey2": "val2", - }, - fakeServer: httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - _, err := w.Write([]byte(`[{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }]`)) - if err != nil { - assert.NoError(t, fmt.Errorf("Error Write %v", err)) - } - })), - clientOptionFns: nil, - expected: []map[string]interface{}{ - { - "key1": "val1", - "key2": map[string]interface{}{ - "key2_1": "val2_1", - "key2_2": map[string]interface{}{ - "key2_2_1": "val2_2_1", - }, - }, - "key3": float64(123), - }, - }, - expectedCode: 200, - expectedError: nil, - }, - { - name: "With Token", - params: map[string]string{ - "pkey1": "val1", - "pkey2": "val2", - }, - fakeServer: httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - authHeader := r.Header.Get("Authorization") - if authHeader != "Bearer "+string("test-token") { - w.WriteHeader(http.StatusUnauthorized) - return - } - w.WriteHeader(http.StatusOK) - _, err := w.Write([]byte(`[{ - "key1": "val1", - "key2": { - "key2_1": "val2_1", - "key2_2": { - "key2_2_1": "val2_2_1" - } - }, - "key3": 123 - }]`)) - if err != nil { - assert.NoError(t, fmt.Errorf("Error Write %v", err)) - } - })), - clientOptionFns: nil, - expected: []map[string]interface{}(nil), - expectedCode: 401, - expectedError: fmt.Errorf("API error with status code 401: "), - }, - } { - cc := c - t.Run(cc.name, func(t *testing.T) { - defer cc.fakeServer.Close() - - client, err := NewClient(cc.fakeServer.URL, cc.clientOptionFns...) - - if err != nil { - t.Fatalf("NewClient returned unexpected error: %v", err) - } - - req, err := client.NewRequest("POST", "", cc.params, nil) - - if err != nil { - t.Fatalf("NewRequest returned unexpected error: %v", err) - } - - var data []map[string]interface{} - - resp, err := client.Do(ctx, req, &data) - - if cc.expectedError != nil { - assert.EqualError(t, err, cc.expectedError.Error()) - } else { - assert.Equal(t, resp.StatusCode, cc.expectedCode) - assert.Equal(t, data, cc.expected) - assert.NoError(t, err) - } - }) - } -} - -func TestCheckResponse(t *testing.T) { - resp := &http.Response{ - StatusCode: http.StatusBadRequest, - Body: io.NopCloser(bytes.NewBufferString(`{"error":"invalid_request","description":"Invalid token"}`)), - } - - err := CheckResponse(resp) - if err == nil { - t.Error("Expected an error, got nil") - } - - expected := "API error with status code 400: invalid_request" - if err.Error() != expected { - t.Errorf("Expected error '%s', got '%s'", expected, err.Error()) - } -} diff --git a/applicationset/services/mocks/Repos.go b/applicationset/services/mocks/Repos.go deleted file mode 100644 index 776b104cae284..0000000000000 --- a/applicationset/services/mocks/Repos.go +++ /dev/null @@ -1,81 +0,0 @@ -// Code generated by mockery v2.25.1. DO NOT EDIT. - -package mocks - -import ( - context "context" - - mock "github.com/stretchr/testify/mock" -) - -// Repos is an autogenerated mock type for the Repos type -type Repos struct { - mock.Mock -} - -// GetDirectories provides a mock function with given fields: ctx, repoURL, revision -func (_m *Repos) GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error) { - ret := _m.Called(ctx, repoURL, revision) - - var r0 []string - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, string, string) ([]string, error)); ok { - return rf(ctx, repoURL, revision) - } - if rf, ok := ret.Get(0).(func(context.Context, string, string) []string); ok { - r0 = rf(ctx, repoURL, revision) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).([]string) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, string, string) error); ok { - r1 = rf(ctx, repoURL, revision) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// GetFiles provides a mock function with given fields: ctx, repoURL, revision, pattern -func (_m *Repos) GetFiles(ctx context.Context, repoURL string, revision string, pattern string) (map[string][]byte, error) { - ret := _m.Called(ctx, repoURL, revision, pattern) - - var r0 map[string][]byte - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, string, string, string) (map[string][]byte, error)); ok { - return rf(ctx, repoURL, revision, pattern) - } - if rf, ok := ret.Get(0).(func(context.Context, string, string, string) map[string][]byte); ok { - r0 = rf(ctx, repoURL, revision, pattern) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(map[string][]byte) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, string, string, string) error); ok { - r1 = rf(ctx, repoURL, revision, pattern) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -type mockConstructorTestingTNewRepos interface { - mock.TestingT - Cleanup(func()) -} - -// NewRepos creates a new instance of Repos. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. -func NewRepos(t mockConstructorTestingTNewRepos) *Repos { - mock := &Repos{} - mock.Mock.Test(t) - - t.Cleanup(func() { mock.AssertExpectations(t) }) - - return mock -} diff --git a/applicationset/services/mocks/RepositoryDB.go b/applicationset/services/mocks/RepositoryDB.go deleted file mode 100644 index 9d6240d342776..0000000000000 --- a/applicationset/services/mocks/RepositoryDB.go +++ /dev/null @@ -1,57 +0,0 @@ -// Code generated by mockery v2.21.1. DO NOT EDIT. - -package mocks - -import ( - context "context" - - mock "github.com/stretchr/testify/mock" - - v1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" -) - -// RepositoryDB is an autogenerated mock type for the RepositoryDB type -type RepositoryDB struct { - mock.Mock -} - -// GetRepository provides a mock function with given fields: ctx, url -func (_m *RepositoryDB) GetRepository(ctx context.Context, url string) (*v1alpha1.Repository, error) { - ret := _m.Called(ctx, url) - - var r0 *v1alpha1.Repository - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, string) (*v1alpha1.Repository, error)); ok { - return rf(ctx, url) - } - if rf, ok := ret.Get(0).(func(context.Context, string) *v1alpha1.Repository); ok { - r0 = rf(ctx, url) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*v1alpha1.Repository) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, string) error); ok { - r1 = rf(ctx, url) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -type mockConstructorTestingTNewRepositoryDB interface { - mock.TestingT - Cleanup(func()) -} - -// NewRepositoryDB creates a new instance of RepositoryDB. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. -func NewRepositoryDB(t mockConstructorTestingTNewRepositoryDB) *RepositoryDB { - mock := &RepositoryDB{} - mock.Mock.Test(t) - - t.Cleanup(func() { mock.AssertExpectations(t) }) - - return mock -} diff --git a/applicationset/services/plugin/plugin_service.go b/applicationset/services/plugin/plugin_service.go deleted file mode 100644 index 95573e0942407..0000000000000 --- a/applicationset/services/plugin/plugin_service.go +++ /dev/null @@ -1,73 +0,0 @@ -package plugin - -import ( - "context" - "fmt" - "net/http" - - internalhttp "github.com/argoproj/argo-cd/v2/applicationset/services/internal/http" - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" -) - -// ServiceRequest is the request object sent to the plugin service. -type ServiceRequest struct { - // ApplicationSetName is the appSetName of the ApplicationSet for which we're requesting parameters. Useful for logging in - // the plugin service. - ApplicationSetName string `json:"applicationSetName"` - // Input is the map of parameters set in the ApplicationSet spec for this generator. - Input v1alpha1.PluginInput `json:"input"` -} - -type Output struct { - // Parameters is the list of parameter sets returned by the plugin. - Parameters []map[string]interface{} `json:"parameters"` -} - -// ServiceResponse is the response object returned by the plugin service. -type ServiceResponse struct { - // Output is the map of outputs returned by the plugin. - Output Output `json:"output"` -} - -type Service struct { - client *internalhttp.Client - appSetName string -} - -func NewPluginService(ctx context.Context, appSetName string, baseURL string, token string, requestTimeout int) (*Service, error) { - var clientOptionFns []internalhttp.ClientOptionFunc - - clientOptionFns = append(clientOptionFns, internalhttp.WithToken(token)) - - if requestTimeout != 0 { - clientOptionFns = append(clientOptionFns, internalhttp.WithTimeout(requestTimeout)) - } - - client, err := internalhttp.NewClient(baseURL, clientOptionFns...) - if err != nil { - return nil, fmt.Errorf("error creating plugin client: %v", err) - } - - return &Service{ - client: client, - appSetName: appSetName, - }, nil -} - -func (p *Service) List(ctx context.Context, parameters v1alpha1.PluginParameters) (*ServiceResponse, error) { - req, err := p.client.NewRequest(http.MethodPost, "api/v1/getparams.execute", ServiceRequest{ApplicationSetName: p.appSetName, Input: v1alpha1.PluginInput{Parameters: parameters}}, nil) - - if err != nil { - return nil, fmt.Errorf("NewRequest returned unexpected error: %v", err) - } - - var data ServiceResponse - - _, err = p.client.Do(ctx, req, &data) - - if err != nil { - return nil, fmt.Errorf("error get api '%s': %v", p.appSetName, err) - } - - return &data, err -} diff --git a/applicationset/services/plugin/plugin_service_test.go b/applicationset/services/plugin/plugin_service_test.go deleted file mode 100644 index 6dc81d33df71f..0000000000000 --- a/applicationset/services/plugin/plugin_service_test.go +++ /dev/null @@ -1,52 +0,0 @@ -package plugin - -import ( - "context" - "encoding/json" - "fmt" - "net/http" - "net/http/httptest" - "testing" - - "github.com/stretchr/testify/assert" -) - -func TestPlugin(t *testing.T) { - expectedJSON := `{"parameters": [{"number":123,"digest":"sha256:942ae2dfd73088b54d7151a3c3fd5af038a51c50029bfcfd21f1e650d9579967"},{"number":456,"digest":"sha256:224e68cc69566e5cbbb76034b3c42cd2ed57c1a66720396e1c257794cb7d68c1"}]}` - token := "0bc57212c3cbbec69d20b34c507284bd300def5b" - - handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - authHeader := r.Header.Get("Authorization") - if authHeader != "Bearer "+token { - w.WriteHeader(http.StatusUnauthorized) - return - } - _, err := w.Write([]byte(expectedJSON)) - - if err != nil { - assert.NoError(t, fmt.Errorf("Error Write %v", err)) - } - }) - ts := httptest.NewServer(handler) - defer ts.Close() - - client, err := NewPluginService(context.Background(), "plugin-test", ts.URL, token, 0) - - if err != nil { - t.Errorf("unexpected error: %v", err) - } - - data, err := client.List(context.Background(), nil) - - if err != nil { - t.Errorf("unexpected error: %v", err) - } - - var expectedData ServiceResponse - err = json.Unmarshal([]byte(expectedJSON), &expectedData) - if err != nil { - t.Fatal(err) - } - assert.Equal(t, &expectedData, data) -} diff --git a/applicationset/services/plugin/utils.go b/applicationset/services/plugin/utils.go deleted file mode 100644 index 26e38e492200d..0000000000000 --- a/applicationset/services/plugin/utils.go +++ /dev/null @@ -1,21 +0,0 @@ -package plugin - -import ( - "fmt" - "strings" - - "github.com/argoproj/argo-cd/v2/common" -) - -// ParseSecretKey retrieves secret appSetName if different from common ArgoCDSecretName. -func ParseSecretKey(key string) (secretName string, tokenKey string) { - if strings.Contains(key, ":") { - parts := strings.Split(key, ":") - secretName = parts[0][1:] - tokenKey = fmt.Sprintf("$%s", parts[1]) - } else { - secretName = common.ArgoCDSecretName - tokenKey = key - } - return secretName, tokenKey -} diff --git a/applicationset/services/plugin/utils_test.go b/applicationset/services/plugin/utils_test.go deleted file mode 100644 index c364d606392e4..0000000000000 --- a/applicationset/services/plugin/utils_test.go +++ /dev/null @@ -1,17 +0,0 @@ -package plugin - -import ( - "testing" - - "github.com/stretchr/testify/assert" -) - -func TestParseSecretKey(t *testing.T) { - secretName, tokenKey := ParseSecretKey("#my-secret:my-token") - assert.Equal(t, "my-secret", secretName) - assert.Equal(t, "$my-token", tokenKey) - - secretName, tokenKey = ParseSecretKey("#my-secret") - assert.Equal(t, "argocd-secret", secretName) - assert.Equal(t, "#my-secret", tokenKey) -} diff --git a/applicationset/services/pull_request/azure_devops.go b/applicationset/services/pull_request/azure_devops.go deleted file mode 100644 index 9090b829ca0c2..0000000000000 --- a/applicationset/services/pull_request/azure_devops.go +++ /dev/null @@ -1,145 +0,0 @@ -package pull_request - -import ( - "context" - "fmt" - "strings" - - "github.com/microsoft/azure-devops-go-api/azuredevops" - core "github.com/microsoft/azure-devops-go-api/azuredevops/core" - git "github.com/microsoft/azure-devops-go-api/azuredevops/git" -) - -const AZURE_DEVOPS_DEFAULT_URL = "https://dev.azure.com" - -type AzureDevOpsClientFactory interface { - // Returns an Azure Devops Client interface. - GetClient(ctx context.Context) (git.Client, error) -} - -type devopsFactoryImpl struct { - connection *azuredevops.Connection -} - -func (factory *devopsFactoryImpl) GetClient(ctx context.Context) (git.Client, error) { - gitClient, err := git.NewClient(ctx, factory.connection) - if err != nil { - return nil, fmt.Errorf("failed to get new Azure DevOps git client for pull request generator: %w", err) - } - return gitClient, nil -} - -type AzureDevOpsService struct { - clientFactory AzureDevOpsClientFactory - project string - repo string - labels []string -} - -var _ PullRequestService = (*AzureDevOpsService)(nil) -var _ AzureDevOpsClientFactory = &devopsFactoryImpl{} - -func NewAzureDevOpsService(ctx context.Context, token, url, organization, project, repo string, labels []string) (PullRequestService, error) { - organizationUrl := buildURL(url, organization) - - var connection *azuredevops.Connection - if token == "" { - connection = azuredevops.NewAnonymousConnection(organizationUrl) - } else { - connection = azuredevops.NewPatConnection(organizationUrl, token) - } - - return &AzureDevOpsService{ - clientFactory: &devopsFactoryImpl{connection: connection}, - project: project, - repo: repo, - labels: labels, - }, nil -} - -func (a *AzureDevOpsService) List(ctx context.Context) ([]*PullRequest, error) { - client, err := a.clientFactory.GetClient(ctx) - if err != nil { - return nil, fmt.Errorf("failed to get Azure DevOps client: %w", err) - } - - args := git.GetPullRequestsByProjectArgs{ - Project: &a.project, - SearchCriteria: &git.GitPullRequestSearchCriteria{}, - } - - azurePullRequests, err := client.GetPullRequestsByProject(ctx, args) - if err != nil { - return nil, fmt.Errorf("failed to get pull requests by project: %w", err) - } - - pullRequests := []*PullRequest{} - - for _, pr := range *azurePullRequests { - if pr.Repository == nil || - pr.Repository.Name == nil || - pr.PullRequestId == nil || - pr.SourceRefName == nil || - pr.LastMergeSourceCommit == nil || - pr.LastMergeSourceCommit.CommitId == nil { - continue - } - - azureDevOpsLabels := convertLabels(pr.Labels) - if !containAzureDevOpsLabels(a.labels, azureDevOpsLabels) { - continue - } - - if *pr.Repository.Name == a.repo { - pullRequests = append(pullRequests, &PullRequest{ - Number: *pr.PullRequestId, - Branch: strings.Replace(*pr.SourceRefName, "refs/heads/", "", 1), - HeadSHA: *pr.LastMergeSourceCommit.CommitId, - Labels: azureDevOpsLabels, - }) - } - } - - return pullRequests, nil -} - -// convertLabels converts WebApiTagDefinitions to strings -func convertLabels(tags *[]core.WebApiTagDefinition) []string { - if tags == nil { - return []string{} - } - labelStrings := make([]string, len(*tags)) - for i, label := range *tags { - labelStrings[i] = *label.Name - } - return labelStrings -} - -// containAzureDevOpsLabels returns true if gotLabels contains expectedLabels -func containAzureDevOpsLabels(expectedLabels []string, gotLabels []string) bool { - for _, expected := range expectedLabels { - found := false - for _, got := range gotLabels { - if expected == got { - found = true - break - } - } - if !found { - return false - } - } - return true -} - -func buildURL(url, organization string) string { - if url == "" { - url = AZURE_DEVOPS_DEFAULT_URL - } - separator := "" - if !strings.HasSuffix(url, "/") { - separator = "/" - } - devOpsURL := fmt.Sprintf("%s%s%s", url, separator, organization) - return devOpsURL -} diff --git a/applicationset/services/pull_request/azure_devops_test.go b/applicationset/services/pull_request/azure_devops_test.go deleted file mode 100644 index 15ac1c8233d89..0000000000000 --- a/applicationset/services/pull_request/azure_devops_test.go +++ /dev/null @@ -1,221 +0,0 @@ -package pull_request - -import ( - "context" - "testing" - - "github.com/microsoft/azure-devops-go-api/azuredevops/core" - git "github.com/microsoft/azure-devops-go-api/azuredevops/git" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" - - azureMock "github.com/argoproj/argo-cd/v2/applicationset/services/scm_provider/azure_devops/git/mocks" -) - -func createBoolPtr(x bool) *bool { - return &x -} - -func createStringPtr(x string) *string { - return &x -} - -func createIntPtr(x int) *int { - return &x -} - -func createLabelsPtr(x []core.WebApiTagDefinition) *[]core.WebApiTagDefinition { - return &x -} - -type AzureClientFactoryMock struct { - mock *mock.Mock -} - -func (m *AzureClientFactoryMock) GetClient(ctx context.Context) (git.Client, error) { - args := m.mock.Called(ctx) - - var client git.Client - c := args.Get(0) - if c != nil { - client = c.(git.Client) - } - - var err error - if len(args) > 1 { - if e, ok := args.Get(1).(error); ok { - err = e - } - } - - return client, err -} - -func TestListPullRequest(t *testing.T) { - teamProject := "myorg_project" - repoName := "myorg_project_repo" - pr_id := 123 - pr_head_sha := "cd4973d9d14a08ffe6b641a89a68891d6aac8056" - ctx := context.Background() - - pullRequestMock := []git.GitPullRequest{ - { - PullRequestId: createIntPtr(pr_id), - SourceRefName: createStringPtr("refs/heads/feature-branch"), - LastMergeSourceCommit: &git.GitCommitRef{ - CommitId: createStringPtr(pr_head_sha), - }, - Labels: &[]core.WebApiTagDefinition{}, - Repository: &git.GitRepository{ - Name: createStringPtr(repoName), - }, - }, - } - - args := git.GetPullRequestsByProjectArgs{ - Project: &teamProject, - SearchCriteria: &git.GitPullRequestSearchCriteria{}, - } - - gitClientMock := azureMock.Client{} - clientFactoryMock := &AzureClientFactoryMock{mock: &mock.Mock{}} - clientFactoryMock.mock.On("GetClient", mock.Anything).Return(&gitClientMock, nil) - gitClientMock.On("GetPullRequestsByProject", ctx, args).Return(&pullRequestMock, nil) - - provider := AzureDevOpsService{ - clientFactory: clientFactoryMock, - project: teamProject, - repo: repoName, - labels: nil, - } - - list, err := provider.List(ctx) - assert.NoError(t, err) - assert.Equal(t, 1, len(list)) - assert.Equal(t, "feature-branch", list[0].Branch) - assert.Equal(t, pr_head_sha, list[0].HeadSHA) - assert.Equal(t, pr_id, list[0].Number) -} - -func TestConvertLabes(t *testing.T) { - testCases := []struct { - name string - gotLabels *[]core.WebApiTagDefinition - expectedLabels []string - }{ - { - name: "empty labels", - gotLabels: createLabelsPtr([]core.WebApiTagDefinition{}), - expectedLabels: []string{}, - }, - { - name: "nil labels", - gotLabels: createLabelsPtr(nil), - expectedLabels: []string{}, - }, - { - name: "one label", - gotLabels: createLabelsPtr([]core.WebApiTagDefinition{ - {Name: createStringPtr("label1"), Active: createBoolPtr(true)}, - }), - expectedLabels: []string{"label1"}, - }, - { - name: "two label", - gotLabels: createLabelsPtr([]core.WebApiTagDefinition{ - {Name: createStringPtr("label1"), Active: createBoolPtr(true)}, - {Name: createStringPtr("label2"), Active: createBoolPtr(true)}, - }), - expectedLabels: []string{"label1", "label2"}, - }, - } - - for _, tc := range testCases { - t.Run(tc.name, func(t *testing.T) { - got := convertLabels(tc.gotLabels) - assert.Equal(t, tc.expectedLabels, got) - }) - } -} - -func TestContainAzureDevOpsLabels(t *testing.T) { - testCases := []struct { - name string - expectedLabels []string - gotLabels []string - expectedResult bool - }{ - { - name: "empty labels", - expectedLabels: []string{}, - gotLabels: []string{}, - expectedResult: true, - }, - { - name: "no matching labels", - expectedLabels: []string{"label1", "label2"}, - gotLabels: []string{"label3", "label4"}, - expectedResult: false, - }, - { - name: "some matching labels", - expectedLabels: []string{"label1", "label2"}, - gotLabels: []string{"label1", "label3"}, - expectedResult: false, - }, - { - name: "all matching labels", - expectedLabels: []string{"label1", "label2"}, - gotLabels: []string{"label1", "label2"}, - expectedResult: true, - }, - } - - for _, tc := range testCases { - t.Run(tc.name, func(t *testing.T) { - got := containAzureDevOpsLabels(tc.expectedLabels, tc.gotLabels) - assert.Equal(t, tc.expectedResult, got) - }) - } -} - -func TestBuildURL(t *testing.T) { - testCases := []struct { - name string - url string - organization string - expected string - }{ - { - name: "Provided default URL and organization", - url: "https://dev.azure.com/", - organization: "myorganization", - expected: "https://dev.azure.com/myorganization", - }, - { - name: "Provided default URL and organization without trailing slash", - url: "https://dev.azure.com", - organization: "myorganization", - expected: "https://dev.azure.com/myorganization", - }, - { - name: "Provided no URL and organization", - url: "", - organization: "myorganization", - expected: "https://dev.azure.com/myorganization", - }, - { - name: "Provided custom URL and organization", - url: "https://azuredevops.mycompany.com/", - organization: "myorganization", - expected: "https://azuredevops.mycompany.com/myorganization", - }, - } - - for _, tc := range testCases { - t.Run(tc.name, func(t *testing.T) { - result := buildURL(tc.url, tc.organization) - assert.Equal(t, result, tc.expected) - }) - } -} diff --git a/applicationset/services/pull_request/bitbucket_cloud.go b/applicationset/services/pull_request/bitbucket_cloud.go deleted file mode 100644 index 5d5f8208f9b06..0000000000000 --- a/applicationset/services/pull_request/bitbucket_cloud.go +++ /dev/null @@ -1,138 +0,0 @@ -package pull_request - -import ( - "context" - "encoding/json" - "fmt" - "net/url" - - "github.com/ktrysmt/go-bitbucket" -) - -type BitbucketCloudService struct { - client *bitbucket.Client - owner string - repositorySlug string -} - -type BitbucketCloudPullRequest struct { - ID int `json:"id"` - Source BitbucketCloudPullRequestSource `json:"source"` -} - -type BitbucketCloudPullRequestSource struct { - Branch BitbucketCloudPullRequestSourceBranch `json:"branch"` - Commit BitbucketCloudPullRequestSourceCommit `json:"commit"` -} - -type BitbucketCloudPullRequestSourceBranch struct { - Name string `json:"name"` -} - -type BitbucketCloudPullRequestSourceCommit struct { - Hash string `json:"hash"` -} - -type PullRequestResponse struct { - Page int32 `json:"page"` - Size int32 `json:"size"` - Pagelen int32 `json:"pagelen"` - Next string `json:"next"` - Previous string `json:"previous"` - Items []PullRequest `json:"values"` -} - -var _ PullRequestService = (*BitbucketCloudService)(nil) - -func parseUrl(uri string) (*url.URL, error) { - if uri == "" { - uri = "https://api.bitbucket.org/2.0" - } - - url, err := url.Parse(uri) - if err != nil { - return nil, err - } - - return url, nil -} - -func NewBitbucketCloudServiceBasicAuth(baseUrl, username, password, owner, repositorySlug string) (PullRequestService, error) { - url, err := parseUrl(baseUrl) - if err != nil { - return nil, fmt.Errorf("error parsing base url of %s for %s/%s: %v", baseUrl, owner, repositorySlug, err) - } - - bitbucketClient := bitbucket.NewBasicAuth(username, password) - bitbucketClient.SetApiBaseURL(*url) - - return &BitbucketCloudService{ - client: bitbucketClient, - owner: owner, - repositorySlug: repositorySlug, - }, nil -} - -func NewBitbucketCloudServiceBearerToken(baseUrl, bearerToken, owner, repositorySlug string) (PullRequestService, error) { - url, err := parseUrl(baseUrl) - if err != nil { - return nil, fmt.Errorf("error parsing base url of %s for %s/%s: %v", baseUrl, owner, repositorySlug, err) - } - - bitbucketClient := bitbucket.NewOAuthbearerToken(bearerToken) - bitbucketClient.SetApiBaseURL(*url) - - return &BitbucketCloudService{ - client: bitbucketClient, - owner: owner, - repositorySlug: repositorySlug, - }, nil -} - -func NewBitbucketCloudServiceNoAuth(baseUrl, owner, repositorySlug string) (PullRequestService, error) { - // There is currently no method to explicitly not require auth - return NewBitbucketCloudServiceBearerToken(baseUrl, "", owner, repositorySlug) -} - -func (b *BitbucketCloudService) List(_ context.Context) ([]*PullRequest, error) { - opts := &bitbucket.PullRequestsOptions{ - Owner: b.owner, - RepoSlug: b.repositorySlug, - } - - response, err := b.client.Repositories.PullRequests.Gets(opts) - if err != nil { - return nil, fmt.Errorf("error listing pull requests for %s/%s: %v", b.owner, b.repositorySlug, err) - } - - resp, ok := response.(map[string]interface{}) - if !ok { - return nil, fmt.Errorf("unknown type returned from bitbucket pull requests") - } - - repoArray, ok := resp["values"].([]interface{}) - if !ok { - return nil, fmt.Errorf("unknown type returned from response values") - } - - jsonStr, err := json.Marshal(repoArray) - if err != nil { - return nil, fmt.Errorf("error marshalling response body to json: %v", err) - } - - var pulls []BitbucketCloudPullRequest - if err := json.Unmarshal(jsonStr, &pulls); err != nil { - return nil, fmt.Errorf("error unmarshalling json to type '[]BitbucketCloudPullRequest': %v", err) - } - - pullRequests := []*PullRequest{} - for _, pull := range pulls { - pullRequests = append(pullRequests, &PullRequest{ - Number: pull.ID, - Branch: pull.Source.Branch.Name, - HeadSHA: pull.Source.Commit.Hash, - }) - } - - return pullRequests, nil -} diff --git a/applicationset/services/pull_request/bitbucket_cloud_test.go b/applicationset/services/pull_request/bitbucket_cloud_test.go deleted file mode 100644 index 2f604c1fa9ccf..0000000000000 --- a/applicationset/services/pull_request/bitbucket_cloud_test.go +++ /dev/null @@ -1,410 +0,0 @@ -package pull_request - -import ( - "context" - "fmt" - "io" - "net/http" - "net/http/httptest" - "testing" - - "github.com/stretchr/testify/assert" - - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" -) - -func defaultHandlerCloud(t *testing.T) func(http.ResponseWriter, *http.Request) { - return func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - var err error - switch r.RequestURI { - case "/repositories/OWNER/REPO/pullrequests/": - _, err = io.WriteString(w, `{ - "size": 1, - "pagelen": 10, - "page": 1, - "values": [ - { - "id": 101, - "source": { - "branch": { - "name": "feature/foo-bar" - }, - "commit": { - "type": "commit", - "hash": "1a8dd249c04a" - } - } - } - ] - }`) - default: - t.Fail() - } - if err != nil { - t.Fail() - } - } -} - -func TestParseUrlEmptyUrl(t *testing.T) { - url, err := parseUrl("") - bitbucketUrl, _ := url.Parse("https://api.bitbucket.org/2.0") - - assert.NoError(t, err) - assert.Equal(t, bitbucketUrl, url) -} - -func TestInvalidBaseUrlBasicAuthCloud(t *testing.T) { - _, err := NewBitbucketCloudServiceBasicAuth("http:// example.org", "user", "password", "OWNER", "REPO") - - assert.Error(t, err) -} - -func TestInvalidBaseUrlBearerTokenCloud(t *testing.T) { - _, err := NewBitbucketCloudServiceBearerToken("http:// example.org", "TOKEN", "OWNER", "REPO") - - assert.Error(t, err) -} - -func TestInvalidBaseUrlNoAuthCloud(t *testing.T) { - _, err := NewBitbucketCloudServiceNoAuth("http:// example.org", "OWNER", "REPO") - - assert.Error(t, err) -} - -func TestListPullRequestBearerTokenCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - assert.Equal(t, "Bearer TOKEN", r.Header.Get("Authorization")) - defaultHandlerCloud(t)(w, r) - })) - defer ts.Close() - svc, err := NewBitbucketCloudServiceBearerToken(ts.URL, "TOKEN", "OWNER", "REPO") - assert.NoError(t, err) - pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{}) - assert.NoError(t, err) - assert.Equal(t, 1, len(pullRequests)) - assert.Equal(t, 101, pullRequests[0].Number) - assert.Equal(t, "feature/foo-bar", pullRequests[0].Branch) - assert.Equal(t, "1a8dd249c04a", pullRequests[0].HeadSHA) -} - -func TestListPullRequestNoAuthCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - assert.Empty(t, r.Header.Get("Authorization")) - defaultHandlerCloud(t)(w, r) - })) - defer ts.Close() - svc, err := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - assert.NoError(t, err) - pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{}) - assert.NoError(t, err) - assert.Equal(t, 1, len(pullRequests)) - assert.Equal(t, 101, pullRequests[0].Number) - assert.Equal(t, "feature/foo-bar", pullRequests[0].Branch) - assert.Equal(t, "1a8dd249c04a", pullRequests[0].HeadSHA) -} - -func TestListPullRequestBasicAuthCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - assert.Equal(t, "Basic dXNlcjpwYXNzd29yZA==", r.Header.Get("Authorization")) - defaultHandlerCloud(t)(w, r) - })) - defer ts.Close() - svc, err := NewBitbucketCloudServiceBasicAuth(ts.URL, "user", "password", "OWNER", "REPO") - assert.NoError(t, err) - pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{}) - assert.NoError(t, err) - assert.Equal(t, 1, len(pullRequests)) - assert.Equal(t, 101, pullRequests[0].Number) - assert.Equal(t, "feature/foo-bar", pullRequests[0].Branch) - assert.Equal(t, "1a8dd249c04a", pullRequests[0].HeadSHA) -} - -func TestListPullRequestPaginationCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - var err error - switch r.RequestURI { - case "/repositories/OWNER/REPO/pullrequests/": - _, err = io.WriteString(w, fmt.Sprintf(`{ - "size": 2, - "pagelen": 1, - "page": 1, - "next": "http://%s/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=2", - "values": [ - { - "id": 101, - "source": { - "branch": { - "name": "feature-101" - }, - "commit": { - "type": "commit", - "hash": "1a8dd249c04a" - } - } - }, - { - "id": 102, - "source": { - "branch": { - "name": "feature-102" - }, - "commit": { - "type": "commit", - "hash": "4cf807e67a6d" - } - } - } - ] - }`, r.Host)) - case "/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=2": - _, err = io.WriteString(w, fmt.Sprintf(`{ - "size": 2, - "pagelen": 1, - "page": 2, - "previous": "http://%s/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=1", - "values": [ - { - "id": 103, - "source": { - "branch": { - "name": "feature-103" - }, - "commit": { - "type": "commit", - "hash": "6344d9623e3b" - } - } - } - ] - }`, r.Host)) - default: - t.Fail() - } - if err != nil { - t.Fail() - } - })) - defer ts.Close() - svc, err := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - assert.NoError(t, err) - pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{}) - assert.NoError(t, err) - assert.Equal(t, 3, len(pullRequests)) - assert.Equal(t, PullRequest{ - Number: 101, - Branch: "feature-101", - HeadSHA: "1a8dd249c04a", - }, *pullRequests[0]) - assert.Equal(t, PullRequest{ - Number: 102, - Branch: "feature-102", - HeadSHA: "4cf807e67a6d", - }, *pullRequests[1]) - assert.Equal(t, PullRequest{ - Number: 103, - Branch: "feature-103", - HeadSHA: "6344d9623e3b", - }, *pullRequests[2]) -} - -func TestListResponseErrorCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(500) - })) - defer ts.Close() - svc, _ := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - _, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{}) - assert.Error(t, err) -} - -func TestListResponseMalformedCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - switch r.RequestURI { - case "/repositories/OWNER/REPO/pullrequests/": - _, err := io.WriteString(w, `[{ - "size": 1, - "pagelen": 10, - "page": 1, - "values": [{ "id": 101 }] - }]`) - if err != nil { - t.Fail() - } - default: - t.Fail() - } - })) - defer ts.Close() - svc, _ := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - _, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{}) - assert.Error(t, err) -} - -func TestListResponseMalformedValuesCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - switch r.RequestURI { - case "/repositories/OWNER/REPO/pullrequests/": - _, err := io.WriteString(w, `{ - "size": 1, - "pagelen": 10, - "page": 1, - "values": { "id": 101 } - }`) - if err != nil { - t.Fail() - } - default: - t.Fail() - } - })) - defer ts.Close() - svc, _ := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - _, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{}) - assert.Error(t, err) -} - -func TestListResponseEmptyCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - switch r.RequestURI { - case "/repositories/OWNER/REPO/pullrequests/": - _, err := io.WriteString(w, `{ - "size": 1, - "pagelen": 10, - "page": 1, - "values": [] - }`) - if err != nil { - t.Fail() - } - default: - t.Fail() - } - })) - defer ts.Close() - svc, err := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - assert.NoError(t, err) - pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{}) - assert.NoError(t, err) - assert.Empty(t, pullRequests) -} - -func TestListPullRequestBranchMatchCloud(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - var err error - switch r.RequestURI { - case "/repositories/OWNER/REPO/pullrequests/": - _, err = io.WriteString(w, fmt.Sprintf(`{ - "size": 2, - "pagelen": 1, - "page": 1, - "next": "http://%s/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=2", - "values": [ - { - "id": 101, - "source": { - "branch": { - "name": "feature-101" - }, - "commit": { - "type": "commit", - "hash": "1a8dd249c04a" - } - } - }, - { - "id": 200, - "source": { - "branch": { - "name": "feature-200" - }, - "commit": { - "type": "commit", - "hash": "4cf807e67a6d" - } - } - } - ] - }`, r.Host)) - case "/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=2": - _, err = io.WriteString(w, fmt.Sprintf(`{ - "size": 2, - "pagelen": 1, - "page": 2, - "previous": "http://%s/repositories/OWNER/REPO/pullrequests/?pagelen=1&page=1", - "values": [ - { - "id": 102, - "source": { - "branch": { - "name": "feature-102" - }, - "commit": { - "type": "commit", - "hash": "6344d9623e3b" - } - } - } - ] - }`, r.Host)) - default: - t.Fail() - } - if err != nil { - t.Fail() - } - })) - defer ts.Close() - regexp := `feature-1[\d]{2}` - svc, err := NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - assert.NoError(t, err) - pullRequests, err := ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{ - { - BranchMatch: ®exp, - }, - }) - assert.NoError(t, err) - assert.Equal(t, 2, len(pullRequests)) - assert.Equal(t, PullRequest{ - Number: 101, - Branch: "feature-101", - HeadSHA: "1a8dd249c04a", - }, *pullRequests[0]) - assert.Equal(t, PullRequest{ - Number: 102, - Branch: "feature-102", - HeadSHA: "6344d9623e3b", - }, *pullRequests[1]) - - regexp = `.*2$` - svc, err = NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - assert.NoError(t, err) - pullRequests, err = ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{ - { - BranchMatch: ®exp, - }, - }) - assert.NoError(t, err) - assert.Equal(t, 1, len(pullRequests)) - assert.Equal(t, PullRequest{ - Number: 102, - Branch: "feature-102", - HeadSHA: "6344d9623e3b", - }, *pullRequests[0]) - - regexp = `[\d{2}` - svc, err = NewBitbucketCloudServiceNoAuth(ts.URL, "OWNER", "REPO") - assert.NoError(t, err) - _, err = ListPullRequests(context.Background(), svc, []v1alpha1.PullRequestGeneratorFilter{ - { - BranchMatch: ®exp, - }, - }) - assert.Error(t, err) -} diff --git a/applicationset/services/pull_request/bitbucket_server.go b/applicationset/services/pull_request/bitbucket_server.go index 99665d163e1bc..72cd6dd7e1900 100644 --- a/applicationset/services/pull_request/bitbucket_server.go +++ b/applicationset/services/pull_request/bitbucket_server.go @@ -66,11 +66,10 @@ func (b *BitbucketService) List(_ context.Context) ([]*PullRequest, error) { for _, pull := range pulls { pullRequests = append(pullRequests, &PullRequest{ - Number: pull.ID, - Branch: pull.FromRef.DisplayID, // ID: refs/heads/main DisplayID: main - TargetBranch: pull.ToRef.DisplayID, - HeadSHA: pull.FromRef.LatestCommit, // This is not defined in the official docs, but works in practice - Labels: []string{}, // Not supported by library + Number: pull.ID, + Branch: pull.FromRef.DisplayID, // ID: refs/heads/main DisplayID: main + HeadSHA: pull.FromRef.LatestCommit, // This is not defined in the official docs, but works in practice + Labels: []string{}, // Not supported by library }) } diff --git a/applicationset/services/pull_request/bitbucket_server_test.go b/applicationset/services/pull_request/bitbucket_server_test.go index 911e3e7e0ccd0..28f123fa9f43e 100644 --- a/applicationset/services/pull_request/bitbucket_server_test.go +++ b/applicationset/services/pull_request/bitbucket_server_test.go @@ -24,11 +24,6 @@ func defaultHandler(t *testing.T) func(http.ResponseWriter, *http.Request) { "values": [ { "id": 101, - "toRef": { - "latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a", - "displayId": "master", - "id": "refs/heads/master" - }, "fromRef": { "id": "refs/heads/feature-ABC-123", "displayId": "feature-ABC-123", @@ -60,7 +55,6 @@ func TestListPullRequestNoAuth(t *testing.T) { assert.Equal(t, 1, len(pullRequests)) assert.Equal(t, 101, pullRequests[0].Number) assert.Equal(t, "feature-ABC-123", pullRequests[0].Branch) - assert.Equal(t, "master", pullRequests[0].TargetBranch) assert.Equal(t, "cb3cf2e4d1517c83e720d2585b9402dbef71f992", pullRequests[0].HeadSHA) } @@ -77,11 +71,6 @@ func TestListPullRequestPagination(t *testing.T) { "values": [ { "id": 101, - "toRef": { - "latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a", - "displayId": "master", - "id": "refs/heads/master" - }, "fromRef": { "id": "refs/heads/feature-101", "displayId": "feature-101", @@ -90,11 +79,6 @@ func TestListPullRequestPagination(t *testing.T) { }, { "id": 102, - "toRef": { - "latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a", - "displayId": "branch", - "id": "refs/heads/branch" - }, "fromRef": { "id": "refs/heads/feature-102", "displayId": "feature-102", @@ -112,11 +96,6 @@ func TestListPullRequestPagination(t *testing.T) { "values": [ { "id": 200, - "toRef": { - "latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a", - "displayId": "master", - "id": "refs/heads/master" - }, "fromRef": { "id": "refs/heads/feature-200", "displayId": "feature-200", @@ -140,25 +119,22 @@ func TestListPullRequestPagination(t *testing.T) { assert.NoError(t, err) assert.Equal(t, 3, len(pullRequests)) assert.Equal(t, PullRequest{ - Number: 101, - Branch: "feature-101", - TargetBranch: "master", - HeadSHA: "ab3cf2e4d1517c83e720d2585b9402dbef71f992", - Labels: []string{}, + Number: 101, + Branch: "feature-101", + HeadSHA: "ab3cf2e4d1517c83e720d2585b9402dbef71f992", + Labels: []string{}, }, *pullRequests[0]) assert.Equal(t, PullRequest{ - Number: 102, - Branch: "feature-102", - TargetBranch: "branch", - HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992", - Labels: []string{}, + Number: 102, + Branch: "feature-102", + HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992", + Labels: []string{}, }, *pullRequests[1]) assert.Equal(t, PullRequest{ - Number: 200, - Branch: "feature-200", - TargetBranch: "master", - HeadSHA: "cb3cf2e4d1517c83e720d2585b9402dbef71f992", - Labels: []string{}, + Number: 200, + Branch: "feature-200", + HeadSHA: "cb3cf2e4d1517c83e720d2585b9402dbef71f992", + Labels: []string{}, }, *pullRequests[2]) } @@ -255,11 +231,6 @@ func TestListPullRequestBranchMatch(t *testing.T) { "values": [ { "id": 101, - "toRef": { - "latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a", - "displayId": "master", - "id": "refs/heads/master" - }, "fromRef": { "id": "refs/heads/feature-101", "displayId": "feature-101", @@ -268,11 +239,6 @@ func TestListPullRequestBranchMatch(t *testing.T) { }, { "id": 102, - "toRef": { - "latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a", - "displayId": "branch", - "id": "refs/heads/branch" - }, "fromRef": { "id": "refs/heads/feature-102", "displayId": "feature-102", @@ -290,11 +256,6 @@ func TestListPullRequestBranchMatch(t *testing.T) { "values": [ { "id": 200, - "toRef": { - "latestCommit": "5b766e3564a3453808f3cd3dd3f2e5fad8ef0e7a", - "displayId": "master", - "id": "refs/heads/master" - }, "fromRef": { "id": "refs/heads/feature-200", "displayId": "feature-200", @@ -323,18 +284,16 @@ func TestListPullRequestBranchMatch(t *testing.T) { assert.NoError(t, err) assert.Equal(t, 2, len(pullRequests)) assert.Equal(t, PullRequest{ - Number: 101, - Branch: "feature-101", - TargetBranch: "master", - HeadSHA: "ab3cf2e4d1517c83e720d2585b9402dbef71f992", - Labels: []string{}, + Number: 101, + Branch: "feature-101", + HeadSHA: "ab3cf2e4d1517c83e720d2585b9402dbef71f992", + Labels: []string{}, }, *pullRequests[0]) assert.Equal(t, PullRequest{ - Number: 102, - Branch: "feature-102", - TargetBranch: "branch", - HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992", - Labels: []string{}, + Number: 102, + Branch: "feature-102", + HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992", + Labels: []string{}, }, *pullRequests[1]) regexp = `.*2$` @@ -348,11 +307,10 @@ func TestListPullRequestBranchMatch(t *testing.T) { assert.NoError(t, err) assert.Equal(t, 1, len(pullRequests)) assert.Equal(t, PullRequest{ - Number: 102, - Branch: "feature-102", - TargetBranch: "branch", - HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992", - Labels: []string{}, + Number: 102, + Branch: "feature-102", + HeadSHA: "bb3cf2e4d1517c83e720d2585b9402dbef71f992", + Labels: []string{}, }, *pullRequests[0]) regexp = `[\d{2}` diff --git a/applicationset/services/pull_request/gitea.go b/applicationset/services/pull_request/gitea.go index 435a0b57117e6..f913fb35580f5 100644 --- a/applicationset/services/pull_request/gitea.go +++ b/applicationset/services/pull_request/gitea.go @@ -54,11 +54,10 @@ func (g *GiteaService) List(ctx context.Context) ([]*PullRequest, error) { list := []*PullRequest{} for _, pr := range prs { list = append(list, &PullRequest{ - Number: int(pr.Index), - Branch: pr.Head.Ref, - TargetBranch: pr.Base.Ref, - HeadSHA: pr.Head.Sha, - Labels: getGiteaPRLabelNames(pr.Labels), + Number: int(pr.Index), + Branch: pr.Head.Ref, + HeadSHA: pr.Head.Sha, + Labels: getGiteaPRLabelNames(pr.Labels), }) } return list, nil diff --git a/applicationset/services/pull_request/gitea_test.go b/applicationset/services/pull_request/gitea_test.go index 125c8ee481b3a..9d5ff25748234 100644 --- a/applicationset/services/pull_request/gitea_test.go +++ b/applicationset/services/pull_request/gitea_test.go @@ -256,7 +256,6 @@ func TestGiteaList(t *testing.T) { assert.Equal(t, len(prs), 1) assert.Equal(t, prs[0].Number, 1) assert.Equal(t, prs[0].Branch, "test") - assert.Equal(t, prs[0].TargetBranch, "main") assert.Equal(t, prs[0].HeadSHA, "7bbaf62d92ddfafd9cc8b340c619abaec32bc09f") } @@ -269,9 +268,9 @@ func TestGetGiteaPRLabelNames(t *testing.T) { { Name: "PR has labels", PullLabels: []*gitea.Label{ - {Name: "label1"}, - {Name: "label2"}, - {Name: "label3"}, + &gitea.Label{Name: "label1"}, + &gitea.Label{Name: "label2"}, + &gitea.Label{Name: "label3"}, }, ExpectedResult: []string{"label1", "label2", "label3"}, }, diff --git a/applicationset/services/pull_request/github.go b/applicationset/services/pull_request/github.go index 7c801e7370f53..a40588ec3d367 100644 --- a/applicationset/services/pull_request/github.go +++ b/applicationset/services/pull_request/github.go @@ -65,11 +65,10 @@ func (g *GithubService) List(ctx context.Context) ([]*PullRequest, error) { continue } pullRequests = append(pullRequests, &PullRequest{ - Number: *pull.Number, - Branch: *pull.Head.Ref, - TargetBranch: *pull.Base.Ref, - HeadSHA: *pull.Head.SHA, - Labels: getGithubPRLabelNames(pull.Labels), + Number: *pull.Number, + Branch: *pull.Head.Ref, + HeadSHA: *pull.Head.SHA, + Labels: getGithubPRLabelNames(pull.Labels), }) } if resp.NextPage == 0 { diff --git a/applicationset/services/pull_request/github_test.go b/applicationset/services/pull_request/github_test.go index c47031acb7e31..4c89404c09a6a 100644 --- a/applicationset/services/pull_request/github_test.go +++ b/applicationset/services/pull_request/github_test.go @@ -22,9 +22,9 @@ func TestContainLabels(t *testing.T) { Name: "Match labels", Labels: []string{"label1", "label2"}, PullLabels: []*github.Label{ - {Name: toPtr("label1")}, - {Name: toPtr("label2")}, - {Name: toPtr("label3")}, + &github.Label{Name: toPtr("label1")}, + &github.Label{Name: toPtr("label2")}, + &github.Label{Name: toPtr("label3")}, }, Expect: true, }, @@ -32,9 +32,9 @@ func TestContainLabels(t *testing.T) { Name: "Not match labels", Labels: []string{"label1", "label4"}, PullLabels: []*github.Label{ - {Name: toPtr("label1")}, - {Name: toPtr("label2")}, - {Name: toPtr("label3")}, + &github.Label{Name: toPtr("label1")}, + &github.Label{Name: toPtr("label2")}, + &github.Label{Name: toPtr("label3")}, }, Expect: false, }, @@ -42,9 +42,9 @@ func TestContainLabels(t *testing.T) { Name: "No specify", Labels: []string{}, PullLabels: []*github.Label{ - {Name: toPtr("label1")}, - {Name: toPtr("label2")}, - {Name: toPtr("label3")}, + &github.Label{Name: toPtr("label1")}, + &github.Label{Name: toPtr("label2")}, + &github.Label{Name: toPtr("label3")}, }, Expect: true, }, @@ -68,9 +68,9 @@ func TestGetGitHubPRLabelNames(t *testing.T) { { Name: "PR has labels", PullLabels: []*github.Label{ - {Name: toPtr("label1")}, - {Name: toPtr("label2")}, - {Name: toPtr("label3")}, + &github.Label{Name: toPtr("label1")}, + &github.Label{Name: toPtr("label2")}, + &github.Label{Name: toPtr("label3")}, }, ExpectedResult: []string{"label1", "label2", "label3"}, }, diff --git a/applicationset/services/pull_request/gitlab.go b/applicationset/services/pull_request/gitlab.go index 9732991c76fcf..39f6250aae0e8 100644 --- a/applicationset/services/pull_request/gitlab.go +++ b/applicationset/services/pull_request/gitlab.go @@ -3,11 +3,8 @@ package pull_request import ( "context" "fmt" - "net/http" "os" - "github.com/argoproj/argo-cd/v2/applicationset/utils" - "github.com/hashicorp/go-retryablehttp" gitlab "github.com/xanzy/go-gitlab" ) @@ -20,7 +17,7 @@ type GitLabService struct { var _ PullRequestService = (*GitLabService)(nil) -func NewGitLabService(ctx context.Context, token, url, project string, labels []string, pullRequestState string, scmRootCAPath string, insecure bool) (PullRequestService, error) { +func NewGitLabService(ctx context.Context, token, url, project string, labels []string, pullRequestState string) (PullRequestService, error) { var clientOptionFns []gitlab.ClientOptionFunc // Set a custom Gitlab base URL if one is provided @@ -32,14 +29,6 @@ func NewGitLabService(ctx context.Context, token, url, project string, labels [] token = os.Getenv("GITLAB_TOKEN") } - tr := &http.Transport{ - TLSClientConfig: utils.GetTlsConfig(scmRootCAPath, insecure), - } - retryClient := retryablehttp.NewClient() - retryClient.HTTPClient.Transport = tr - - clientOptionFns = append(clientOptionFns, gitlab.WithHTTPClient(retryClient.HTTPClient)) - client, err := gitlab.NewClient(token, clientOptionFns...) if err != nil { return nil, fmt.Errorf("error creating Gitlab client: %v", err) @@ -80,11 +69,10 @@ func (g *GitLabService) List(ctx context.Context) ([]*PullRequest, error) { } for _, mr := range mrs { pullRequests = append(pullRequests, &PullRequest{ - Number: mr.IID, - Branch: mr.SourceBranch, - TargetBranch: mr.TargetBranch, - HeadSHA: mr.SHA, - Labels: mr.Labels, + Number: mr.IID, + Branch: mr.SourceBranch, + HeadSHA: mr.SHA, + Labels: mr.Labels, }) } if resp.NextPage == 0 { diff --git a/applicationset/services/pull_request/gitlab_test.go b/applicationset/services/pull_request/gitlab_test.go index 59c476fcd713a..7c42e6f9f9269 100644 --- a/applicationset/services/pull_request/gitlab_test.go +++ b/applicationset/services/pull_request/gitlab_test.go @@ -34,7 +34,7 @@ func TestGitLabServiceCustomBaseURL(t *testing.T) { writeMRListResponse(t, w) }) - svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", nil, "", "", false) + svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", nil, "") assert.NoError(t, err) _, err = svc.List(context.Background()) @@ -53,7 +53,7 @@ func TestGitLabServiceToken(t *testing.T) { writeMRListResponse(t, w) }) - svc, err := NewGitLabService(context.Background(), "token-123", server.URL, "278964", nil, "", "", false) + svc, err := NewGitLabService(context.Background(), "token-123", server.URL, "278964", nil, "") assert.NoError(t, err) _, err = svc.List(context.Background()) @@ -72,7 +72,7 @@ func TestList(t *testing.T) { writeMRListResponse(t, w) }) - svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{}, "", "", false) + svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{}, "") assert.NoError(t, err) prs, err := svc.List(context.Background()) @@ -80,7 +80,6 @@ func TestList(t *testing.T) { assert.Len(t, prs, 1) assert.Equal(t, prs[0].Number, 15442) assert.Equal(t, prs[0].Branch, "use-structured-logging-for-db-load-balancer") - assert.Equal(t, prs[0].TargetBranch, "master") assert.Equal(t, prs[0].HeadSHA, "2fc4e8b972ff3208ec63b6143e34ad67ff343ad7") } @@ -96,7 +95,7 @@ func TestListWithLabels(t *testing.T) { writeMRListResponse(t, w) }) - svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{"feature", "ready"}, "", "", false) + svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{"feature", "ready"}, "") assert.NoError(t, err) _, err = svc.List(context.Background()) @@ -115,7 +114,7 @@ func TestListWithState(t *testing.T) { writeMRListResponse(t, w) }) - svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{}, "opened", "", false) + svc, err := NewGitLabService(context.Background(), "", server.URL, "278964", []string{}, "opened") assert.NoError(t, err) _, err = svc.List(context.Background()) diff --git a/applicationset/services/pull_request/interface.go b/applicationset/services/pull_request/interface.go index 0015cfe5eafa6..f81dc35e41435 100644 --- a/applicationset/services/pull_request/interface.go +++ b/applicationset/services/pull_request/interface.go @@ -10,8 +10,6 @@ type PullRequest struct { Number int // Branch is the name of the branch from which the pull request originated. Branch string - // TargetBranch is the name of the target branch of the pull request. - TargetBranch string // HeadSHA is the SHA of the HEAD from which the pull request originated. HeadSHA string // Labels of the pull request. @@ -24,6 +22,5 @@ type PullRequestService interface { } type Filter struct { - BranchMatch *regexp.Regexp - TargetBranchMatch *regexp.Regexp + BranchMatch *regexp.Regexp } diff --git a/applicationset/services/pull_request/utils.go b/applicationset/services/pull_request/utils.go index 50d4e5a3c0098..c7970170a7d64 100644 --- a/applicationset/services/pull_request/utils.go +++ b/applicationset/services/pull_request/utils.go @@ -19,12 +19,6 @@ func compileFilters(filters []argoprojiov1alpha1.PullRequestGeneratorFilter) ([] return nil, fmt.Errorf("error compiling BranchMatch regexp %q: %v", *filter.BranchMatch, err) } } - if filter.TargetBranchMatch != nil { - outFilter.TargetBranchMatch, err = regexp.Compile(*filter.TargetBranchMatch) - if err != nil { - return nil, fmt.Errorf("error compiling TargetBranchMatch regexp %q: %v", *filter.TargetBranchMatch, err) - } - } outFilters = append(outFilters, outFilter) } return outFilters, nil @@ -34,9 +28,6 @@ func matchFilter(pullRequest *PullRequest, filter *Filter) bool { if filter.BranchMatch != nil && !filter.BranchMatch.MatchString(pullRequest.Branch) { return false } - if filter.TargetBranchMatch != nil && !filter.TargetBranchMatch.MatchString(pullRequest.TargetBranch) { - return false - } return true } diff --git a/applicationset/services/pull_request/utils_test.go b/applicationset/services/pull_request/utils_test.go index 3f813127edab7..eb92e5fad866f 100644 --- a/applicationset/services/pull_request/utils_test.go +++ b/applicationset/services/pull_request/utils_test.go @@ -16,10 +16,9 @@ func TestFilterBranchMatchBadRegexp(t *testing.T) { context.Background(), []*PullRequest{ { - Number: 1, - Branch: "branch1", - TargetBranch: "master", - HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 1, + Branch: "branch1", + HeadSHA: "089d92cbf9ff857a39e6feccd32798ca700fb958", }, }, nil, @@ -38,28 +37,24 @@ func TestFilterBranchMatch(t *testing.T) { context.Background(), []*PullRequest{ { - Number: 1, - Branch: "one", - TargetBranch: "master", - HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 1, + Branch: "one", + HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958", }, { - Number: 2, - Branch: "two", - TargetBranch: "master", - HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 2, + Branch: "two", + HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958", }, { - Number: 3, - Branch: "three", - TargetBranch: "master", - HeadSHA: "389d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 3, + Branch: "three", + HeadSHA: "389d92cbf9ff857a39e6feccd32798ca700fb958", }, { - Number: 4, - Branch: "four", - TargetBranch: "master", - HeadSHA: "489d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 4, + Branch: "four", + HeadSHA: "489d92cbf9ff857a39e6feccd32798ca700fb958", }, }, nil, @@ -75,75 +70,29 @@ func TestFilterBranchMatch(t *testing.T) { assert.Equal(t, "two", pullRequests[0].Branch) } -func TestFilterTargetBranchMatch(t *testing.T) { - provider, _ := NewFakeService( - context.Background(), - []*PullRequest{ - { - Number: 1, - Branch: "one", - TargetBranch: "master", - HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958", - }, - { - Number: 2, - Branch: "two", - TargetBranch: "branch1", - HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958", - }, - { - Number: 3, - Branch: "three", - TargetBranch: "branch2", - HeadSHA: "389d92cbf9ff857a39e6feccd32798ca700fb958", - }, - { - Number: 4, - Branch: "four", - TargetBranch: "branch3", - HeadSHA: "489d92cbf9ff857a39e6feccd32798ca700fb958", - }, - }, - nil, - ) - filters := []argoprojiov1alpha1.PullRequestGeneratorFilter{ - { - TargetBranchMatch: strp("1"), - }, - } - pullRequests, err := ListPullRequests(context.Background(), provider, filters) - assert.NoError(t, err) - assert.Len(t, pullRequests, 1) - assert.Equal(t, "two", pullRequests[0].Branch) -} - func TestMultiFilterOr(t *testing.T) { provider, _ := NewFakeService( context.Background(), []*PullRequest{ { - Number: 1, - Branch: "one", - TargetBranch: "master", - HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 1, + Branch: "one", + HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958", }, { - Number: 2, - Branch: "two", - TargetBranch: "master", - HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 2, + Branch: "two", + HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958", }, { - Number: 3, - Branch: "three", - TargetBranch: "master", - HeadSHA: "389d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 3, + Branch: "three", + HeadSHA: "389d92cbf9ff857a39e6feccd32798ca700fb958", }, { - Number: 4, - Branch: "four", - TargetBranch: "master", - HeadSHA: "489d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 4, + Branch: "four", + HeadSHA: "489d92cbf9ff857a39e6feccd32798ca700fb958", }, }, nil, @@ -164,69 +113,19 @@ func TestMultiFilterOr(t *testing.T) { assert.Equal(t, "four", pullRequests[2].Branch) } -func TestMultiFilterOrWithTargetBranchFilter(t *testing.T) { - provider, _ := NewFakeService( - context.Background(), - []*PullRequest{ - { - Number: 1, - Branch: "one", - TargetBranch: "master", - HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958", - }, - { - Number: 2, - Branch: "two", - TargetBranch: "branch1", - HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958", - }, - { - Number: 3, - Branch: "three", - TargetBranch: "branch2", - HeadSHA: "389d92cbf9ff857a39e6feccd32798ca700fb958", - }, - { - Number: 4, - Branch: "four", - TargetBranch: "branch3", - HeadSHA: "489d92cbf9ff857a39e6feccd32798ca700fb958", - }, - }, - nil, - ) - filters := []argoprojiov1alpha1.PullRequestGeneratorFilter{ - { - BranchMatch: strp("w"), - TargetBranchMatch: strp("1"), - }, - { - BranchMatch: strp("r"), - TargetBranchMatch: strp("3"), - }, - } - pullRequests, err := ListPullRequests(context.Background(), provider, filters) - assert.NoError(t, err) - assert.Len(t, pullRequests, 2) - assert.Equal(t, "two", pullRequests[0].Branch) - assert.Equal(t, "four", pullRequests[1].Branch) -} - func TestNoFilters(t *testing.T) { provider, _ := NewFakeService( context.Background(), []*PullRequest{ { - Number: 1, - Branch: "one", - TargetBranch: "master", - HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 1, + Branch: "one", + HeadSHA: "189d92cbf9ff857a39e6feccd32798ca700fb958", }, { - Number: 2, - Branch: "two", - TargetBranch: "master", - HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958", + Number: 2, + Branch: "two", + HeadSHA: "289d92cbf9ff857a39e6feccd32798ca700fb958", }, }, nil, diff --git a/applicationset/services/repo_service.go b/applicationset/services/repo_service.go index 8ad261fda11cd..571f497433de8 100644 --- a/applicationset/services/repo_service.go +++ b/applicationset/services/repo_service.go @@ -3,26 +3,25 @@ package services import ( "context" "fmt" + "os" + "path/filepath" + "strings" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - "github.com/argoproj/argo-cd/v2/reposerver/apiclient" "github.com/argoproj/argo-cd/v2/util/db" "github.com/argoproj/argo-cd/v2/util/git" - "github.com/argoproj/argo-cd/v2/util/io" ) // RepositoryDB Is a lean facade for ArgoDB, -// Using a lean interface makes it easier to test the functionality of the git generator +// Using a lean interface makes it more easy to test the functionality the git generator uses type RepositoryDB interface { GetRepository(ctx context.Context, url string) (*v1alpha1.Repository, error) } type argoCDService struct { - repositoriesDB RepositoryDB - storecreds git.CredsStore - submoduleEnabled bool - repoServerClientSet apiclient.Clientset - newFileGlobbingEnabled bool + repositoriesDB RepositoryDB + storecreds git.CredsStore + submoduleEnabled bool } type Repos interface { @@ -34,63 +33,121 @@ type Repos interface { GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error) } -func NewArgoCDService(db db.ArgoDB, submoduleEnabled bool, repoClientset apiclient.Clientset, newFileGlobbingEnabled bool) (Repos, error) { +func NewArgoCDService(db db.ArgoDB, gitCredStore git.CredsStore, submoduleEnabled bool) Repos { + return &argoCDService{ - repositoriesDB: db.(RepositoryDB), - submoduleEnabled: submoduleEnabled, - repoServerClientSet: repoClientset, - newFileGlobbingEnabled: newFileGlobbingEnabled, - }, nil + repositoriesDB: db.(RepositoryDB), + storecreds: gitCredStore, + submoduleEnabled: submoduleEnabled, + } } func (a *argoCDService) GetFiles(ctx context.Context, repoURL string, revision string, pattern string) (map[string][]byte, error) { repo, err := a.repositoriesDB.GetRepository(ctx, repoURL) if err != nil { - return nil, fmt.Errorf("error in GetRepository: %w", err) + return nil, fmt.Errorf("Error in GetRepository: %w", err) } - fileRequest := &apiclient.GitFilesRequest{ - Repo: repo, - SubmoduleEnabled: a.submoduleEnabled, - Revision: revision, - Path: pattern, - NewGitFileGlobbingEnabled: a.newFileGlobbingEnabled, + gitRepoClient, err := git.NewClient(repo.Repo, repo.GetGitCreds(a.storecreds), repo.IsInsecure(), repo.IsLFSEnabled(), repo.Proxy) + + if err != nil { + return nil, err } - closer, client, err := a.repoServerClientSet.NewRepoServerClient() + + err = checkoutRepo(gitRepoClient, revision, a.submoduleEnabled) if err != nil { - return nil, fmt.Errorf("error initialising new repo server client: %w", err) + return nil, err } - defer io.Close(closer) - fileResponse, err := client.GetGitFiles(ctx, fileRequest) + paths, err := gitRepoClient.LsFiles(pattern) if err != nil { - return nil, fmt.Errorf("error retrieving Git files: %w", err) + return nil, fmt.Errorf("Error during listing files of local repo: %w", err) + } + + res := map[string][]byte{} + for _, filePath := range paths { + bytes, err := os.ReadFile(filepath.Join(gitRepoClient.Root(), filePath)) + if err != nil { + return nil, err + } + res[filePath] = bytes } - return fileResponse.GetMap(), nil + + return res, nil } func (a *argoCDService) GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error) { + repo, err := a.repositoriesDB.GetRepository(ctx, repoURL) if err != nil { - return nil, fmt.Errorf("error in GetRepository: %w", err) + return nil, fmt.Errorf("Error in GetRepository: %w", err) } - dirRequest := &apiclient.GitDirectoriesRequest{ - Repo: repo, - SubmoduleEnabled: a.submoduleEnabled, - Revision: revision, + gitRepoClient, err := git.NewClient(repo.Repo, repo.GetGitCreds(a.storecreds), repo.IsInsecure(), repo.IsLFSEnabled(), repo.Proxy) + if err != nil { + return nil, fmt.Errorf("error creating a new git client: %w", err) } - closer, client, err := a.repoServerClientSet.NewRepoServerClient() + err = checkoutRepo(gitRepoClient, revision, a.submoduleEnabled) if err != nil { - return nil, fmt.Errorf("error initialising new repo server client: %w", err) + return nil, fmt.Errorf("error while checking out repo: %w", err) } - defer io.Close(closer) - dirResponse, err := client.GetGitDirectories(ctx, dirRequest) + filteredPaths := []string{} + + repoRoot := gitRepoClient.Root() + + if err := filepath.Walk(repoRoot, func(path string, info os.FileInfo, fnErr error) error { + if fnErr != nil { + return fmt.Errorf("error walking the file tree: %w", fnErr) + } + if !info.IsDir() { // Skip files: directories only + return nil + } + + fname := info.Name() + if strings.HasPrefix(fname, ".") { // Skip all folders starts with "." + return filepath.SkipDir + } + + relativePath, err := filepath.Rel(repoRoot, path) + if err != nil { + return fmt.Errorf("error constructing relative repo path: %w", err) + } + + if relativePath == "." { // Exclude '.' from results + return nil + } + + filteredPaths = append(filteredPaths, relativePath) + + return nil + }); err != nil { + return nil, err + } + + return filteredPaths, nil + +} + +func checkoutRepo(gitRepoClient git.Client, revision string, submoduleEnabled bool) error { + err := gitRepoClient.Init() if err != nil { - return nil, fmt.Errorf("error retrieving Git Directories: %w", err) + return fmt.Errorf("Error during initializing repo: %w", err) } - return dirResponse.GetPaths(), nil + err = gitRepoClient.Fetch(revision) + if err != nil { + return fmt.Errorf("Error during fetching repo: %w", err) + } + + commitSHA, err := gitRepoClient.LsRemote(revision) + if err != nil { + return fmt.Errorf("Error during fetching commitSHA: %w", err) + } + err = gitRepoClient.Checkout(commitSHA, submoduleEnabled) + if err != nil { + return fmt.Errorf("Error during repo checkout: %w", err) + } + return nil } diff --git a/applicationset/services/repo_service_test.go b/applicationset/services/repo_service_test.go index 62f8c11c172d0..bc0238b2eacc7 100644 --- a/applicationset/services/repo_service_test.go +++ b/applicationset/services/repo_service_test.go @@ -3,189 +3,231 @@ package services import ( "context" "fmt" + "sort" "testing" - "github.com/argoproj/argo-cd/v2/applicationset/services/mocks" - "github.com/argoproj/argo-cd/v2/reposerver/apiclient" - repo_mocks "github.com/argoproj/argo-cd/v2/reposerver/apiclient/mocks" - db_mocks "github.com/argoproj/argo-cd/v2/util/db/mocks" - "github.com/argoproj/argo-cd/v2/util/git" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) +type ArgocdRepositoryMock struct { + mock *mock.Mock +} + +func (a ArgocdRepositoryMock) GetRepository(ctx context.Context, url string) (*v1alpha1.Repository, error) { + args := a.mock.Called(ctx, url) + + return args.Get(0).(*v1alpha1.Repository), args.Error(1) + +} + func TestGetDirectories(t *testing.T) { - type fields struct { - repositoriesDBFuncs []func(*mocks.RepositoryDB) - storecreds git.CredsStore - submoduleEnabled bool - repoServerClientFuncs []func(*repo_mocks.RepoServerServiceClient) - } - type args struct { - ctx context.Context - repoURL string - revision string - } - tests := []struct { - name string - fields fields - args args - want []string - wantErr assert.ErrorAssertionFunc + // Hardcode a specific revision to changes to argocd-example-apps from regressing this test: + // Author: Alexander Matyushentsev + // Date: Sun Jan 31 09:54:53 2021 -0800 + // chore: downgrade kustomize guestbook image tag (#73) + exampleRepoRevision := "08f72e2a309beab929d9fd14626071b1a61a47f9" + + for _, c := range []struct { + name string + repoURL string + revision string + repoRes *v1alpha1.Repository + repoErr error + expected []string + expectedError error }{ - {name: "ErrorGettingRepos", fields: fields{ - repositoriesDBFuncs: []func(*mocks.RepositoryDB){ - func(db *mocks.RepositoryDB) { - db.On("GetRepository", mock.Anything, mock.Anything).Return(nil, fmt.Errorf("unable to get repos")) - }, - }, - }, args: args{}, want: nil, wantErr: assert.Error}, - {name: "ErrorGettingDirs", fields: fields{ - repositoriesDBFuncs: []func(*mocks.RepositoryDB){ - func(db *mocks.RepositoryDB) { - db.On("GetRepository", mock.Anything, mock.Anything).Return(&v1alpha1.Repository{}, nil) - }, - }, - repoServerClientFuncs: []func(*repo_mocks.RepoServerServiceClient){ - func(client *repo_mocks.RepoServerServiceClient) { - client.On("GetGitDirectories", mock.Anything, mock.Anything).Return(nil, fmt.Errorf("unable to get dirs")) - }, + { + name: "All child folders should be returned", + repoURL: "https://github.com/argoproj/argocd-example-apps/", + revision: exampleRepoRevision, + repoRes: &v1alpha1.Repository{ + Repo: "https://github.com/argoproj/argocd-example-apps/", }, - }, args: args{}, want: nil, wantErr: assert.Error}, - {name: "HappyCase", fields: fields{ - repositoriesDBFuncs: []func(*mocks.RepositoryDB){ - func(db *mocks.RepositoryDB) { - db.On("GetRepository", mock.Anything, mock.Anything).Return(&v1alpha1.Repository{}, nil) - }, + repoErr: nil, + expected: []string{"apps", "apps/templates", "blue-green", "blue-green/templates", "guestbook", "helm-dependency", + "helm-guestbook", "helm-guestbook/templates", "helm-hooks", "jsonnet-guestbook", "jsonnet-guestbook-tla", + "ksonnet-guestbook", "ksonnet-guestbook/components", "ksonnet-guestbook/environments", "ksonnet-guestbook/environments/default", + "ksonnet-guestbook/environments/dev", "ksonnet-guestbook/environments/prod", "kustomize-guestbook", "plugins", "plugins/kasane", + "plugins/kustomized-helm", "plugins/kustomized-helm/overlays", "pre-post-sync", "sock-shop", "sock-shop/base", "sync-waves"}, + }, + { + name: "If GetRepository returns an error, it should pass back to caller", + repoURL: "https://github.com/argoproj/argocd-example-apps/", + revision: exampleRepoRevision, + repoRes: &v1alpha1.Repository{ + Repo: "https://github.com/argoproj/argocd-example-apps/", }, - repoServerClientFuncs: []func(*repo_mocks.RepoServerServiceClient){ - func(client *repo_mocks.RepoServerServiceClient) { - client.On("GetGitDirectories", mock.Anything, mock.Anything).Return(&apiclient.GitDirectoriesResponse{ - Paths: []string{"foo", "foo/bar", "bar/foo"}, - }, nil) - }, + repoErr: fmt.Errorf("Simulated error from GetRepository"), + expected: nil, + expectedError: fmt.Errorf("Error in GetRepository: Simulated error from GetRepository"), + }, + { + name: "Test against repository containing no directories", + // Here I picked an arbitrary repository in argoproj-labs, with a commit containing no folders. + repoURL: "https://github.com/argoproj-labs/argo-workflows-operator/", + revision: "5f50933a576833b73b7a172909d8545a108685f4", + repoRes: &v1alpha1.Repository{ + Repo: "https://github.com/argoproj-labs/argo-workflows-operator/", }, - }, args: args{}, want: []string{"foo", "foo/bar", "bar/foo"}, wantErr: assert.NoError}, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - mockDb := &mocks.RepositoryDB{} - mockRepoClient := &repo_mocks.RepoServerServiceClient{} - // decorate the mocks - for i := range tt.fields.repositoriesDBFuncs { - tt.fields.repositoriesDBFuncs[i](mockDb) - } - for i := range tt.fields.repoServerClientFuncs { - tt.fields.repoServerClientFuncs[i](mockRepoClient) - } + repoErr: nil, + expected: []string{}, + }, + } { + cc := c + t.Run(cc.name, func(t *testing.T) { + argocdRepositoryMock := ArgocdRepositoryMock{mock: &mock.Mock{}} + + argocdRepositoryMock.mock.On("GetRepository", mock.Anything, cc.repoURL).Return(cc.repoRes, cc.repoErr) - a := &argoCDService{ - repositoriesDB: mockDb, - storecreds: tt.fields.storecreds, - submoduleEnabled: tt.fields.submoduleEnabled, - repoServerClientSet: &repo_mocks.Clientset{RepoServerServiceClient: mockRepoClient}, + argocd := argoCDService{ + repositoriesDB: argocdRepositoryMock, } - got, err := a.GetDirectories(tt.args.ctx, tt.args.repoURL, tt.args.revision) - if !tt.wantErr(t, err, fmt.Sprintf("GetDirectories(%v, %v, %v)", tt.args.ctx, tt.args.repoURL, tt.args.revision)) { - return + + got, err := argocd.GetDirectories(context.TODO(), cc.repoURL, cc.revision) + + if cc.expectedError != nil { + assert.EqualError(t, err, cc.expectedError.Error()) + } else { + sort.Strings(got) + sort.Strings(cc.expected) + + assert.Equal(t, got, cc.expected) + assert.NoError(t, err) } - assert.Equalf(t, tt.want, got, "GetDirectories(%v, %v, %v)", tt.args.ctx, tt.args.repoURL, tt.args.revision) }) } } func TestGetFiles(t *testing.T) { - type fields struct { - repositoriesDBFuncs []func(*mocks.RepositoryDB) - storecreds git.CredsStore - submoduleEnabled bool - repoServerClientFuncs []func(*repo_mocks.RepoServerServiceClient) - } - type args struct { - ctx context.Context + + // Hardcode a specific commit, so that changes to argoproj/argocd-example-apps/ don't break our tests + // "chore: downgrade kustomize guestbook image tag (#73)" + commitID := "08f72e2a309beab929d9fd14626071b1a61a47f9" + + tests := []struct { + name string repoURL string revision string pattern string - } - tests := []struct { - name string - fields fields - args args - want map[string][]byte - wantErr assert.ErrorAssertionFunc + repoRes *v1alpha1.Repository + repoErr error + + expectSubsetOfPaths []string + doesNotContainPaths []string + expectedError error }{ - {name: "ErrorGettingRepos", fields: fields{ - repositoriesDBFuncs: []func(*mocks.RepositoryDB){ - func(db *mocks.RepositoryDB) { - db.On("GetRepository", mock.Anything, mock.Anything).Return(nil, fmt.Errorf("unable to get repos")) - }, + { + name: "pull a specific revision of example apps and verify the list is expected", + repoRes: &v1alpha1.Repository{ + Insecure: true, + InsecureIgnoreHostKey: true, + Repo: "https://github.com/argoproj/argocd-example-apps/", + }, + repoURL: "https://github.com/argoproj/argocd-example-apps/", + revision: commitID, + pattern: "*", + expectSubsetOfPaths: []string{ + "apps/Chart.yaml", + "apps/templates/helm-guestbook.yaml", + "apps/templates/helm-hooks.yaml", + "apps/templates/kustomize-guestbook.yaml", + "apps/templates/namespaces.yaml", + "apps/templates/sync-waves.yaml", + "apps/values.yaml", + "blue-green/.helmignore", + "blue-green/Chart.yaml", + "blue-green/README.md", + "blue-green/templates/NOTES.txt", + "blue-green/templates/rollout.yaml", + "blue-green/templates/services.yaml", + "blue-green/values.yaml", + "guestbook/guestbook-ui-deployment.yaml", + "guestbook/guestbook-ui-svc.yaml", + "kustomize-guestbook/guestbook-ui-deployment.yaml", + "kustomize-guestbook/guestbook-ui-svc.yaml", + "kustomize-guestbook/kustomization.yaml", }, - }, args: args{}, want: nil, wantErr: assert.Error}, - {name: "ErrorGettingFiles", fields: fields{ - repositoriesDBFuncs: []func(*mocks.RepositoryDB){ - func(db *mocks.RepositoryDB) { - db.On("GetRepository", mock.Anything, mock.Anything).Return(&v1alpha1.Repository{}, nil) - }, + }, + { + name: "pull an invalid revision, and confirm an error is returned", + repoRes: &v1alpha1.Repository{ + Insecure: true, + InsecureIgnoreHostKey: true, + Repo: "https://github.com/argoproj/argocd-example-apps/", }, - repoServerClientFuncs: []func(*repo_mocks.RepoServerServiceClient){ - func(client *repo_mocks.RepoServerServiceClient) { - client.On("GetGitFiles", mock.Anything, mock.Anything).Return(nil, fmt.Errorf("unable to get files")) - }, + repoURL: "https://github.com/argoproj/argocd-example-apps/", + revision: "this-tag-does-not-exist", + pattern: "*", + expectSubsetOfPaths: []string{}, + expectedError: fmt.Errorf("Error during fetching repo: `git fetch origin this-tag-does-not-exist --tags --force --prune` failed exit status 128: fatal: couldn't find remote ref this-tag-does-not-exist"), + }, + { + name: "pull a specific revision of example apps, and use a ** pattern", + repoRes: &v1alpha1.Repository{ + Insecure: true, + InsecureIgnoreHostKey: true, + Repo: "https://github.com/argoproj/argocd-example-apps/", }, - }, args: args{}, want: nil, wantErr: assert.Error}, - {name: "HappyCase", fields: fields{ - repositoriesDBFuncs: []func(*mocks.RepositoryDB){ - func(db *mocks.RepositoryDB) { - db.On("GetRepository", mock.Anything, mock.Anything).Return(&v1alpha1.Repository{}, nil) - }, + repoURL: "https://github.com/argoproj/argocd-example-apps/", + revision: commitID, + pattern: "**/*.yaml", + expectSubsetOfPaths: []string{ + "apps/Chart.yaml", + "apps/templates/helm-guestbook.yaml", + "apps/templates/helm-hooks.yaml", + "apps/templates/kustomize-guestbook.yaml", + "apps/templates/namespaces.yaml", + "apps/templates/sync-waves.yaml", + "apps/values.yaml", + "blue-green/templates/rollout.yaml", + "blue-green/templates/services.yaml", + "blue-green/values.yaml", + "guestbook/guestbook-ui-deployment.yaml", + "guestbook/guestbook-ui-svc.yaml", + "kustomize-guestbook/guestbook-ui-deployment.yaml", + "kustomize-guestbook/guestbook-ui-svc.yaml", + "kustomize-guestbook/kustomization.yaml", }, - repoServerClientFuncs: []func(*repo_mocks.RepoServerServiceClient){ - func(client *repo_mocks.RepoServerServiceClient) { - client.On("GetGitFiles", mock.Anything, mock.Anything).Return(&apiclient.GitFilesResponse{ - Map: map[string][]byte{ - "foo.json": []byte("hello: world!"), - "bar.yaml": []byte("yay: appsets"), - }, - }, nil) - }, + doesNotContainPaths: []string{ + "blue-green/.helmignore", + "blue-green/README.md", + "blue-green/templates/NOTES.txt", }, - }, args: args{}, want: map[string][]byte{ - "foo.json": []byte("hello: world!"), - "bar.yaml": []byte("yay: appsets"), - }, wantErr: assert.NoError}, + }, } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - mockDb := &mocks.RepositoryDB{} - mockRepoClient := &repo_mocks.RepoServerServiceClient{} - // decorate the mocks - for i := range tt.fields.repositoriesDBFuncs { - tt.fields.repositoriesDBFuncs[i](mockDb) - } - for i := range tt.fields.repoServerClientFuncs { - tt.fields.repoServerClientFuncs[i](mockRepoClient) - } - a := &argoCDService{ - repositoriesDB: mockDb, - storecreds: tt.fields.storecreds, - submoduleEnabled: tt.fields.submoduleEnabled, - repoServerClientSet: &repo_mocks.Clientset{RepoServerServiceClient: mockRepoClient}, + for _, cc := range tests { + + // Get all the paths for a repository, and confirm that the expected subset of paths is found (or the expected error is returned) + t.Run(cc.name, func(t *testing.T) { + argocdRepositoryMock := ArgocdRepositoryMock{mock: &mock.Mock{}} + + argocdRepositoryMock.mock.On("GetRepository", mock.Anything, cc.repoURL).Return(cc.repoRes, cc.repoErr) + + argocd := argoCDService{ + repositoriesDB: argocdRepositoryMock, } - got, err := a.GetFiles(tt.args.ctx, tt.args.repoURL, tt.args.revision, tt.args.pattern) - if !tt.wantErr(t, err, fmt.Sprintf("GetFiles(%v, %v, %v, %v)", tt.args.ctx, tt.args.repoURL, tt.args.revision, tt.args.pattern)) { - return + + getPathsRes, err := argocd.GetFiles(context.Background(), cc.repoURL, cc.revision, cc.pattern) + + if cc.expectedError == nil { + + assert.NoError(t, err) + for _, path := range cc.expectSubsetOfPaths { + assert.Contains(t, getPathsRes, path, "Unable to locate path: %s", path) + } + + for _, shouldNotContain := range cc.doesNotContainPaths { + assert.NotContains(t, getPathsRes, shouldNotContain, "GetPaths should not contain %s", shouldNotContain) + } + + } else { + assert.EqualError(t, err, cc.expectedError.Error()) } - assert.Equalf(t, tt.want, got, "GetFiles(%v, %v, %v, %v)", tt.args.ctx, tt.args.repoURL, tt.args.revision, tt.args.pattern) }) } } - -func TestNewArgoCDService(t *testing.T) { - service, err := NewArgoCDService(&db_mocks.ArgoDB{}, false, &repo_mocks.Clientset{}, false) - assert.NoError(t, err, err) - assert.NotNil(t, service) -} diff --git a/applicationset/services/scm_provider/aws_codecommit.go b/applicationset/services/scm_provider/aws_codecommit.go deleted file mode 100644 index 280711271cfb0..0000000000000 --- a/applicationset/services/scm_provider/aws_codecommit.go +++ /dev/null @@ -1,376 +0,0 @@ -package scm_provider - -import ( - "context" - "fmt" - "github.com/aws/aws-sdk-go/aws/request" - pathpkg "path" - "path/filepath" - "strings" - - application "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/arn" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/credentials/stscreds" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/codecommit" - "github.com/aws/aws-sdk-go/service/resourcegroupstaggingapi" - log "github.com/sirupsen/logrus" - "golang.org/x/exp/maps" - "k8s.io/utils/strings/slices" -) - -const ( - resourceTypeCodeCommitRepository = "codecommit:repository" - prefixGitUrlHttps = "https://git-codecommit." - prefixGitUrlHttpsFIPS = "https://git-codecommit-fips." -) - -// AWSCodeCommitClient is a lean facade to the codecommitiface.CodeCommitAPI -// it helps to reduce the mockery generated code. -type AWSCodeCommitClient interface { - ListRepositoriesWithContext(aws.Context, *codecommit.ListRepositoriesInput, ...request.Option) (*codecommit.ListRepositoriesOutput, error) - GetRepositoryWithContext(aws.Context, *codecommit.GetRepositoryInput, ...request.Option) (*codecommit.GetRepositoryOutput, error) - ListBranchesWithContext(aws.Context, *codecommit.ListBranchesInput, ...request.Option) (*codecommit.ListBranchesOutput, error) - GetFolderWithContext(aws.Context, *codecommit.GetFolderInput, ...request.Option) (*codecommit.GetFolderOutput, error) -} - -// AWSTaggingClient is a lean facade to the resourcegroupstaggingapiiface.ResourceGroupsTaggingAPIAPI -// it helps to reduce the mockery generated code. -type AWSTaggingClient interface { - GetResourcesWithContext(aws.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) (*resourcegroupstaggingapi.GetResourcesOutput, error) -} - -type AWSCodeCommitProvider struct { - codeCommitClient AWSCodeCommitClient - taggingClient AWSTaggingClient - tagFilters []*application.TagFilter - allBranches bool -} - -func NewAWSCodeCommitProvider(ctx context.Context, tagFilters []*application.TagFilter, role string, region string, allBranches bool) (*AWSCodeCommitProvider, error) { - taggingClient, codeCommitClient, err := createAWSDiscoveryClients(ctx, role, region) - if err != nil { - return nil, err - } - return &AWSCodeCommitProvider{ - codeCommitClient: codeCommitClient, - taggingClient: taggingClient, - tagFilters: tagFilters, - allBranches: allBranches, - }, nil -} - -func (p *AWSCodeCommitProvider) ListRepos(ctx context.Context, cloneProtocol string) ([]*Repository, error) { - repos := make([]*Repository, 0) - - repoNames, err := p.listRepoNames(ctx) - if err != nil { - return nil, fmt.Errorf("failed to list codecommit repository: %w", err) - } - - for _, repoName := range repoNames { - repo, err := p.codeCommitClient.GetRepositoryWithContext(ctx, &codecommit.GetRepositoryInput{ - RepositoryName: aws.String(repoName), - }) - if err != nil { - // we don't want to skip at this point. It's a valid repo, we don't want to have flapping Application on an AWS outage. - return nil, fmt.Errorf("failed to get codecommit repository: %w", err) - } - if repo == nil || repo.RepositoryMetadata == nil { - // unlikely to happen, but just in case to protect nil pointer dereferences. - log.Warnf("codecommit returned invalid response for repository %s, skipped", repoName) - continue - } - if aws.StringValue(repo.RepositoryMetadata.DefaultBranch) == "" { - // if a codecommit repo doesn't have default branch, it's uninitialized. not going to bother with it. - log.Warnf("repository %s does not have default branch, skipped", repoName) - continue - } - var url string - switch cloneProtocol { - // default to SSH if unspecified (i.e. if ""). - case "", "ssh": - url = aws.StringValue(repo.RepositoryMetadata.CloneUrlSsh) - case "https": - url = aws.StringValue(repo.RepositoryMetadata.CloneUrlHttp) - case "https-fips": - url, err = getCodeCommitFIPSEndpoint(aws.StringValue(repo.RepositoryMetadata.CloneUrlHttp)) - if err != nil { - return nil, fmt.Errorf("https-fips is provided but repoUrl can't be transformed to FIPS endpoint: %w", err) - } - default: - return nil, fmt.Errorf("unknown clone protocol for codecommit %v", cloneProtocol) - } - repos = append(repos, &Repository{ - // there's no "organization" level at codecommit. - // we are just using AWS accountId for now. - Organization: aws.StringValue(repo.RepositoryMetadata.AccountId), - Repository: aws.StringValue(repo.RepositoryMetadata.RepositoryName), - URL: url, - Branch: aws.StringValue(repo.RepositoryMetadata.DefaultBranch), - // we could propagate repo tag keys, but without value not sure if it's any useful. - Labels: []string{}, - RepositoryId: aws.StringValue(repo.RepositoryMetadata.RepositoryId), - }) - } - - return repos, nil -} - -func (p *AWSCodeCommitProvider) RepoHasPath(ctx context.Context, repo *Repository, path string) (bool, error) { - // we use GetFolder instead of GetFile here because GetFile always downloads the full blob which has scalability problem. - // GetFolder is slightly less concerning. - - path = toAbsolutePath(path) - // shortcut: if it's root folder ('/'), we always return true. - if path == "/" { - return true, nil - } - // here we are sure it's not root folder, strip the suffix for easier comparison. - path = strings.TrimSuffix(path, "/") - - // we always get the parent folder, so we could support both submodule, file, symlink and folder cases. - parentPath := pathpkg.Dir(path) - basePath := pathpkg.Base(path) - - input := &codecommit.GetFolderInput{ - CommitSpecifier: aws.String(repo.Branch), - FolderPath: aws.String(parentPath), - RepositoryName: aws.String(repo.Repository), - } - output, err := p.codeCommitClient.GetFolderWithContext(ctx, input) - if err != nil { - if hasAwsError(err, - codecommit.ErrCodeRepositoryDoesNotExistException, - codecommit.ErrCodeCommitDoesNotExistException, - codecommit.ErrCodeFolderDoesNotExistException, - ) { - return false, nil - } - // unhandled exception, propagate out - return false, err - } - - // anything that matches. - for _, submodule := range output.SubModules { - if basePath == aws.StringValue(submodule.RelativePath) { - return true, nil - } - } - for _, subpath := range output.SubFolders { - if basePath == aws.StringValue(subpath.RelativePath) { - return true, nil - } - } - for _, subpath := range output.Files { - if basePath == aws.StringValue(subpath.RelativePath) { - return true, nil - } - } - for _, subpath := range output.SymbolicLinks { - if basePath == aws.StringValue(subpath.RelativePath) { - return true, nil - } - } - return false, nil -} - -func (p *AWSCodeCommitProvider) GetBranches(ctx context.Context, repo *Repository) ([]*Repository, error) { - repos := make([]*Repository, 0) - if !p.allBranches { - output, err := p.codeCommitClient.GetRepositoryWithContext(ctx, &codecommit.GetRepositoryInput{ - RepositoryName: aws.String(repo.Repository), - }) - if err != nil { - return nil, err - } - repos = append(repos, &Repository{ - Organization: repo.Organization, - Repository: repo.Repository, - URL: repo.URL, - Branch: aws.StringValue(output.RepositoryMetadata.DefaultBranch), - RepositoryId: repo.RepositoryId, - Labels: repo.Labels, - // getting SHA of the branch requires a separate GetBranch call. - // too expensive. for now, we just don't support it. - // SHA: "", - }) - } else { - input := &codecommit.ListBranchesInput{ - RepositoryName: aws.String(repo.Repository), - } - for { - output, err := p.codeCommitClient.ListBranchesWithContext(ctx, input) - if err != nil { - return nil, err - } - for _, branch := range output.Branches { - repos = append(repos, &Repository{ - Organization: repo.Organization, - Repository: repo.Repository, - URL: repo.URL, - Branch: aws.StringValue(branch), - RepositoryId: repo.RepositoryId, - Labels: repo.Labels, - // getting SHA of the branch requires a separate GetBranch call. - // too expensive. for now, we just don't support it. - // SHA: "", - }) - } - input.NextToken = output.NextToken - if aws.StringValue(output.NextToken) == "" { - break - } - } - } - - return repos, nil -} - -func (p *AWSCodeCommitProvider) listRepoNames(ctx context.Context) ([]string, error) { - tagFilters := p.getTagFilters() - repoNames := make([]string, 0) - var err error - - if len(tagFilters) < 1 { - log.Debugf("no tag filer, calling codecommit api to list repos") - listReposInput := &codecommit.ListRepositoriesInput{} - var output *codecommit.ListRepositoriesOutput - for { - output, err = p.codeCommitClient.ListRepositoriesWithContext(ctx, listReposInput) - if err != nil { - break - } - for _, repo := range output.Repositories { - repoNames = append(repoNames, aws.StringValue(repo.RepositoryName)) - } - listReposInput.NextToken = output.NextToken - if aws.StringValue(output.NextToken) == "" { - break - } - } - } else { - log.Debugf("tag filer is specified, calling tagging api to list repos") - discoveryInput := &resourcegroupstaggingapi.GetResourcesInput{ - ResourceTypeFilters: aws.StringSlice([]string{resourceTypeCodeCommitRepository}), - TagFilters: tagFilters, - } - var output *resourcegroupstaggingapi.GetResourcesOutput - for { - output, err = p.taggingClient.GetResourcesWithContext(ctx, discoveryInput) - if err != nil { - break - } - for _, resource := range output.ResourceTagMappingList { - repoArn := aws.StringValue(resource.ResourceARN) - log.Debugf("discovered codecommit repo with arn %s", repoArn) - repoName, extractErr := getCodeCommitRepoName(repoArn) - if extractErr != nil { - log.Warnf("discovered codecommit repoArn %s cannot be parsed due to %v", repoArn, err) - continue - } - repoNames = append(repoNames, repoName) - } - discoveryInput.PaginationToken = output.PaginationToken - if aws.StringValue(output.PaginationToken) == "" { - break - } - } - } - return repoNames, err -} - -func (p *AWSCodeCommitProvider) getTagFilters() []*resourcegroupstaggingapi.TagFilter { - filters := make(map[string]*resourcegroupstaggingapi.TagFilter) - for _, tagFilter := range p.tagFilters { - filter, hasKey := filters[tagFilter.Key] - if !hasKey { - filter = &resourcegroupstaggingapi.TagFilter{ - Key: aws.String(tagFilter.Key), - } - filters[tagFilter.Key] = filter - } - if tagFilter.Value != "" { - filter.Values = append(filter.Values, aws.String(tagFilter.Value)) - } - } - return maps.Values(filters) -} - -func getCodeCommitRepoName(repoArn string) (string, error) { - parsedArn, err := arn.Parse(repoArn) - if err != nil { - return "", fmt.Errorf("failed to parse codecommit repository ARN: %w", err) - } - // see: https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-permissions-reference.html - // arn:aws:codecommit:region:account-id:repository-name - return parsedArn.Resource, nil -} - -// getCodeCommitFIPSEndpoint transforms provided https:// codecommit URL to a FIPS-compliant endpoint. -// note that the specified region must support FIPS, otherwise the returned URL won't be reachable -// see: https://docs.aws.amazon.com/codecommit/latest/userguide/regions.html#regions-git -func getCodeCommitFIPSEndpoint(repoUrl string) (string, error) { - if strings.HasPrefix(repoUrl, prefixGitUrlHttpsFIPS) { - log.Debugf("provided repoUrl %s is already a fips endpoint", repoUrl) - return repoUrl, nil - } - if !strings.HasPrefix(repoUrl, prefixGitUrlHttps) { - return "", fmt.Errorf("the provided https endpoint isn't recognized, cannot be transformed to FIPS endpoint: %s", repoUrl) - } - // we already have the prefix, so we guarantee to replace exactly the prefix only. - return strings.Replace(repoUrl, prefixGitUrlHttps, prefixGitUrlHttpsFIPS, 1), nil -} - -func hasAwsError(err error, codes ...string) bool { - if awsErr, ok := err.(awserr.Error); ok { - return slices.Contains(codes, awsErr.Code()) - } - return false -} - -// toAbsolutePath transforms a path input to absolute path, as required by AWS CodeCommit -// see https://docs.aws.amazon.com/codecommit/latest/APIReference/API_GetFolder.html -func toAbsolutePath(path string) string { - if filepath.IsAbs(path) { - return path - } - return filepath.ToSlash(filepath.Join("/", path)) -} - -func createAWSDiscoveryClients(_ context.Context, role string, region string) (*resourcegroupstaggingapi.ResourceGroupsTaggingAPI, *codecommit.CodeCommit, error) { - podSession, err := session.NewSession() - if err != nil { - return nil, nil, fmt.Errorf("error creating new AWS pod session: %w", err) - } - discoverySession := podSession - // assume role if provided - this allows cross account CodeCommit repo discovery. - if role != "" { - log.Debugf("role %s is provided for AWS CodeCommit discovery", role) - assumeRoleCreds := stscreds.NewCredentials(podSession, role) - discoverySession, err = session.NewSession(&aws.Config{ - Credentials: assumeRoleCreds, - }) - if err != nil { - return nil, nil, fmt.Errorf("error creating new AWS discovery session: %s", err) - } - } else { - log.Debugf("role is not provided for AWS CodeCommit discovery, using pod role") - } - // use region explicitly if provided - this allows cross region CodeCommit repo discovery. - if region != "" { - log.Debugf("region %s is provided for AWS CodeCommit discovery", region) - discoverySession = discoverySession.Copy(&aws.Config{ - Region: aws.String(region), - }) - } else { - log.Debugf("region is not provided for AWS CodeCommit discovery, using pod region") - } - - taggingClient := resourcegroupstaggingapi.New(discoverySession) - codeCommitClient := codecommit.New(discoverySession) - - return taggingClient, codeCommitClient, nil -} diff --git a/applicationset/services/scm_provider/aws_codecommit/mocks/AWSCodeCommitClient.go b/applicationset/services/scm_provider/aws_codecommit/mocks/AWSCodeCommitClient.go deleted file mode 100644 index b9d6f6a5d5956..0000000000000 --- a/applicationset/services/scm_provider/aws_codecommit/mocks/AWSCodeCommitClient.go +++ /dev/null @@ -1,321 +0,0 @@ -// Code generated by mockery v2.26.1. DO NOT EDIT. - -package mocks - -import ( - context "context" - - codecommit "github.com/aws/aws-sdk-go/service/codecommit" - - mock "github.com/stretchr/testify/mock" - - request "github.com/aws/aws-sdk-go/aws/request" -) - -// AWSCodeCommitClient is an autogenerated mock type for the AWSCodeCommitClient type -type AWSCodeCommitClient struct { - mock.Mock -} - -type AWSCodeCommitClient_Expecter struct { - mock *mock.Mock -} - -func (_m *AWSCodeCommitClient) EXPECT() *AWSCodeCommitClient_Expecter { - return &AWSCodeCommitClient_Expecter{mock: &_m.Mock} -} - -// GetFolderWithContext provides a mock function with given fields: _a0, _a1, _a2 -func (_m *AWSCodeCommitClient) GetFolderWithContext(_a0 context.Context, _a1 *codecommit.GetFolderInput, _a2 ...request.Option) (*codecommit.GetFolderOutput, error) { - _va := make([]interface{}, len(_a2)) - for _i := range _a2 { - _va[_i] = _a2[_i] - } - var _ca []interface{} - _ca = append(_ca, _a0, _a1) - _ca = append(_ca, _va...) - ret := _m.Called(_ca...) - - var r0 *codecommit.GetFolderOutput - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *codecommit.GetFolderInput, ...request.Option) (*codecommit.GetFolderOutput, error)); ok { - return rf(_a0, _a1, _a2...) - } - if rf, ok := ret.Get(0).(func(context.Context, *codecommit.GetFolderInput, ...request.Option) *codecommit.GetFolderOutput); ok { - r0 = rf(_a0, _a1, _a2...) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*codecommit.GetFolderOutput) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, *codecommit.GetFolderInput, ...request.Option) error); ok { - r1 = rf(_a0, _a1, _a2...) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// AWSCodeCommitClient_GetFolderWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetFolderWithContext' -type AWSCodeCommitClient_GetFolderWithContext_Call struct { - *mock.Call -} - -// GetFolderWithContext is a helper method to define mock.On call -// - _a0 context.Context -// - _a1 *codecommit.GetFolderInput -// - _a2 ...request.Option -func (_e *AWSCodeCommitClient_Expecter) GetFolderWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSCodeCommitClient_GetFolderWithContext_Call { - return &AWSCodeCommitClient_GetFolderWithContext_Call{Call: _e.mock.On("GetFolderWithContext", - append([]interface{}{_a0, _a1}, _a2...)...)} -} - -func (_c *AWSCodeCommitClient_GetFolderWithContext_Call) Run(run func(_a0 context.Context, _a1 *codecommit.GetFolderInput, _a2 ...request.Option)) *AWSCodeCommitClient_GetFolderWithContext_Call { - _c.Call.Run(func(args mock.Arguments) { - variadicArgs := make([]request.Option, len(args)-2) - for i, a := range args[2:] { - if a != nil { - variadicArgs[i] = a.(request.Option) - } - } - run(args[0].(context.Context), args[1].(*codecommit.GetFolderInput), variadicArgs...) - }) - return _c -} - -func (_c *AWSCodeCommitClient_GetFolderWithContext_Call) Return(_a0 *codecommit.GetFolderOutput, _a1 error) *AWSCodeCommitClient_GetFolderWithContext_Call { - _c.Call.Return(_a0, _a1) - return _c -} - -func (_c *AWSCodeCommitClient_GetFolderWithContext_Call) RunAndReturn(run func(context.Context, *codecommit.GetFolderInput, ...request.Option) (*codecommit.GetFolderOutput, error)) *AWSCodeCommitClient_GetFolderWithContext_Call { - _c.Call.Return(run) - return _c -} - -// GetRepositoryWithContext provides a mock function with given fields: _a0, _a1, _a2 -func (_m *AWSCodeCommitClient) GetRepositoryWithContext(_a0 context.Context, _a1 *codecommit.GetRepositoryInput, _a2 ...request.Option) (*codecommit.GetRepositoryOutput, error) { - _va := make([]interface{}, len(_a2)) - for _i := range _a2 { - _va[_i] = _a2[_i] - } - var _ca []interface{} - _ca = append(_ca, _a0, _a1) - _ca = append(_ca, _va...) - ret := _m.Called(_ca...) - - var r0 *codecommit.GetRepositoryOutput - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *codecommit.GetRepositoryInput, ...request.Option) (*codecommit.GetRepositoryOutput, error)); ok { - return rf(_a0, _a1, _a2...) - } - if rf, ok := ret.Get(0).(func(context.Context, *codecommit.GetRepositoryInput, ...request.Option) *codecommit.GetRepositoryOutput); ok { - r0 = rf(_a0, _a1, _a2...) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*codecommit.GetRepositoryOutput) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, *codecommit.GetRepositoryInput, ...request.Option) error); ok { - r1 = rf(_a0, _a1, _a2...) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// AWSCodeCommitClient_GetRepositoryWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetRepositoryWithContext' -type AWSCodeCommitClient_GetRepositoryWithContext_Call struct { - *mock.Call -} - -// GetRepositoryWithContext is a helper method to define mock.On call -// - _a0 context.Context -// - _a1 *codecommit.GetRepositoryInput -// - _a2 ...request.Option -func (_e *AWSCodeCommitClient_Expecter) GetRepositoryWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSCodeCommitClient_GetRepositoryWithContext_Call { - return &AWSCodeCommitClient_GetRepositoryWithContext_Call{Call: _e.mock.On("GetRepositoryWithContext", - append([]interface{}{_a0, _a1}, _a2...)...)} -} - -func (_c *AWSCodeCommitClient_GetRepositoryWithContext_Call) Run(run func(_a0 context.Context, _a1 *codecommit.GetRepositoryInput, _a2 ...request.Option)) *AWSCodeCommitClient_GetRepositoryWithContext_Call { - _c.Call.Run(func(args mock.Arguments) { - variadicArgs := make([]request.Option, len(args)-2) - for i, a := range args[2:] { - if a != nil { - variadicArgs[i] = a.(request.Option) - } - } - run(args[0].(context.Context), args[1].(*codecommit.GetRepositoryInput), variadicArgs...) - }) - return _c -} - -func (_c *AWSCodeCommitClient_GetRepositoryWithContext_Call) Return(_a0 *codecommit.GetRepositoryOutput, _a1 error) *AWSCodeCommitClient_GetRepositoryWithContext_Call { - _c.Call.Return(_a0, _a1) - return _c -} - -func (_c *AWSCodeCommitClient_GetRepositoryWithContext_Call) RunAndReturn(run func(context.Context, *codecommit.GetRepositoryInput, ...request.Option) (*codecommit.GetRepositoryOutput, error)) *AWSCodeCommitClient_GetRepositoryWithContext_Call { - _c.Call.Return(run) - return _c -} - -// ListBranchesWithContext provides a mock function with given fields: _a0, _a1, _a2 -func (_m *AWSCodeCommitClient) ListBranchesWithContext(_a0 context.Context, _a1 *codecommit.ListBranchesInput, _a2 ...request.Option) (*codecommit.ListBranchesOutput, error) { - _va := make([]interface{}, len(_a2)) - for _i := range _a2 { - _va[_i] = _a2[_i] - } - var _ca []interface{} - _ca = append(_ca, _a0, _a1) - _ca = append(_ca, _va...) - ret := _m.Called(_ca...) - - var r0 *codecommit.ListBranchesOutput - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *codecommit.ListBranchesInput, ...request.Option) (*codecommit.ListBranchesOutput, error)); ok { - return rf(_a0, _a1, _a2...) - } - if rf, ok := ret.Get(0).(func(context.Context, *codecommit.ListBranchesInput, ...request.Option) *codecommit.ListBranchesOutput); ok { - r0 = rf(_a0, _a1, _a2...) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*codecommit.ListBranchesOutput) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, *codecommit.ListBranchesInput, ...request.Option) error); ok { - r1 = rf(_a0, _a1, _a2...) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// AWSCodeCommitClient_ListBranchesWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'ListBranchesWithContext' -type AWSCodeCommitClient_ListBranchesWithContext_Call struct { - *mock.Call -} - -// ListBranchesWithContext is a helper method to define mock.On call -// - _a0 context.Context -// - _a1 *codecommit.ListBranchesInput -// - _a2 ...request.Option -func (_e *AWSCodeCommitClient_Expecter) ListBranchesWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSCodeCommitClient_ListBranchesWithContext_Call { - return &AWSCodeCommitClient_ListBranchesWithContext_Call{Call: _e.mock.On("ListBranchesWithContext", - append([]interface{}{_a0, _a1}, _a2...)...)} -} - -func (_c *AWSCodeCommitClient_ListBranchesWithContext_Call) Run(run func(_a0 context.Context, _a1 *codecommit.ListBranchesInput, _a2 ...request.Option)) *AWSCodeCommitClient_ListBranchesWithContext_Call { - _c.Call.Run(func(args mock.Arguments) { - variadicArgs := make([]request.Option, len(args)-2) - for i, a := range args[2:] { - if a != nil { - variadicArgs[i] = a.(request.Option) - } - } - run(args[0].(context.Context), args[1].(*codecommit.ListBranchesInput), variadicArgs...) - }) - return _c -} - -func (_c *AWSCodeCommitClient_ListBranchesWithContext_Call) Return(_a0 *codecommit.ListBranchesOutput, _a1 error) *AWSCodeCommitClient_ListBranchesWithContext_Call { - _c.Call.Return(_a0, _a1) - return _c -} - -func (_c *AWSCodeCommitClient_ListBranchesWithContext_Call) RunAndReturn(run func(context.Context, *codecommit.ListBranchesInput, ...request.Option) (*codecommit.ListBranchesOutput, error)) *AWSCodeCommitClient_ListBranchesWithContext_Call { - _c.Call.Return(run) - return _c -} - -// ListRepositoriesWithContext provides a mock function with given fields: _a0, _a1, _a2 -func (_m *AWSCodeCommitClient) ListRepositoriesWithContext(_a0 context.Context, _a1 *codecommit.ListRepositoriesInput, _a2 ...request.Option) (*codecommit.ListRepositoriesOutput, error) { - _va := make([]interface{}, len(_a2)) - for _i := range _a2 { - _va[_i] = _a2[_i] - } - var _ca []interface{} - _ca = append(_ca, _a0, _a1) - _ca = append(_ca, _va...) - ret := _m.Called(_ca...) - - var r0 *codecommit.ListRepositoriesOutput - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *codecommit.ListRepositoriesInput, ...request.Option) (*codecommit.ListRepositoriesOutput, error)); ok { - return rf(_a0, _a1, _a2...) - } - if rf, ok := ret.Get(0).(func(context.Context, *codecommit.ListRepositoriesInput, ...request.Option) *codecommit.ListRepositoriesOutput); ok { - r0 = rf(_a0, _a1, _a2...) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*codecommit.ListRepositoriesOutput) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, *codecommit.ListRepositoriesInput, ...request.Option) error); ok { - r1 = rf(_a0, _a1, _a2...) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// AWSCodeCommitClient_ListRepositoriesWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'ListRepositoriesWithContext' -type AWSCodeCommitClient_ListRepositoriesWithContext_Call struct { - *mock.Call -} - -// ListRepositoriesWithContext is a helper method to define mock.On call -// - _a0 context.Context -// - _a1 *codecommit.ListRepositoriesInput -// - _a2 ...request.Option -func (_e *AWSCodeCommitClient_Expecter) ListRepositoriesWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSCodeCommitClient_ListRepositoriesWithContext_Call { - return &AWSCodeCommitClient_ListRepositoriesWithContext_Call{Call: _e.mock.On("ListRepositoriesWithContext", - append([]interface{}{_a0, _a1}, _a2...)...)} -} - -func (_c *AWSCodeCommitClient_ListRepositoriesWithContext_Call) Run(run func(_a0 context.Context, _a1 *codecommit.ListRepositoriesInput, _a2 ...request.Option)) *AWSCodeCommitClient_ListRepositoriesWithContext_Call { - _c.Call.Run(func(args mock.Arguments) { - variadicArgs := make([]request.Option, len(args)-2) - for i, a := range args[2:] { - if a != nil { - variadicArgs[i] = a.(request.Option) - } - } - run(args[0].(context.Context), args[1].(*codecommit.ListRepositoriesInput), variadicArgs...) - }) - return _c -} - -func (_c *AWSCodeCommitClient_ListRepositoriesWithContext_Call) Return(_a0 *codecommit.ListRepositoriesOutput, _a1 error) *AWSCodeCommitClient_ListRepositoriesWithContext_Call { - _c.Call.Return(_a0, _a1) - return _c -} - -func (_c *AWSCodeCommitClient_ListRepositoriesWithContext_Call) RunAndReturn(run func(context.Context, *codecommit.ListRepositoriesInput, ...request.Option) (*codecommit.ListRepositoriesOutput, error)) *AWSCodeCommitClient_ListRepositoriesWithContext_Call { - _c.Call.Return(run) - return _c -} - -type mockConstructorTestingTNewAWSCodeCommitClient interface { - mock.TestingT - Cleanup(func()) -} - -// NewAWSCodeCommitClient creates a new instance of AWSCodeCommitClient. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. -func NewAWSCodeCommitClient(t mockConstructorTestingTNewAWSCodeCommitClient) *AWSCodeCommitClient { - mock := &AWSCodeCommitClient{} - mock.Mock.Test(t) - - t.Cleanup(func() { mock.AssertExpectations(t) }) - - return mock -} diff --git a/applicationset/services/scm_provider/aws_codecommit/mocks/AWSTaggingClient.go b/applicationset/services/scm_provider/aws_codecommit/mocks/AWSTaggingClient.go deleted file mode 100644 index 9acd8979b7818..0000000000000 --- a/applicationset/services/scm_provider/aws_codecommit/mocks/AWSTaggingClient.go +++ /dev/null @@ -1,110 +0,0 @@ -// Code generated by mockery v2.26.1. DO NOT EDIT. - -package mocks - -import ( - context "context" - - request "github.com/aws/aws-sdk-go/aws/request" - mock "github.com/stretchr/testify/mock" - - resourcegroupstaggingapi "github.com/aws/aws-sdk-go/service/resourcegroupstaggingapi" -) - -// AWSTaggingClient is an autogenerated mock type for the AWSTaggingClient type -type AWSTaggingClient struct { - mock.Mock -} - -type AWSTaggingClient_Expecter struct { - mock *mock.Mock -} - -func (_m *AWSTaggingClient) EXPECT() *AWSTaggingClient_Expecter { - return &AWSTaggingClient_Expecter{mock: &_m.Mock} -} - -// GetResourcesWithContext provides a mock function with given fields: _a0, _a1, _a2 -func (_m *AWSTaggingClient) GetResourcesWithContext(_a0 context.Context, _a1 *resourcegroupstaggingapi.GetResourcesInput, _a2 ...request.Option) (*resourcegroupstaggingapi.GetResourcesOutput, error) { - _va := make([]interface{}, len(_a2)) - for _i := range _a2 { - _va[_i] = _a2[_i] - } - var _ca []interface{} - _ca = append(_ca, _a0, _a1) - _ca = append(_ca, _va...) - ret := _m.Called(_ca...) - - var r0 *resourcegroupstaggingapi.GetResourcesOutput - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) (*resourcegroupstaggingapi.GetResourcesOutput, error)); ok { - return rf(_a0, _a1, _a2...) - } - if rf, ok := ret.Get(0).(func(context.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) *resourcegroupstaggingapi.GetResourcesOutput); ok { - r0 = rf(_a0, _a1, _a2...) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*resourcegroupstaggingapi.GetResourcesOutput) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) error); ok { - r1 = rf(_a0, _a1, _a2...) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// AWSTaggingClient_GetResourcesWithContext_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetResourcesWithContext' -type AWSTaggingClient_GetResourcesWithContext_Call struct { - *mock.Call -} - -// GetResourcesWithContext is a helper method to define mock.On call -// - _a0 context.Context -// - _a1 *resourcegroupstaggingapi.GetResourcesInput -// - _a2 ...request.Option -func (_e *AWSTaggingClient_Expecter) GetResourcesWithContext(_a0 interface{}, _a1 interface{}, _a2 ...interface{}) *AWSTaggingClient_GetResourcesWithContext_Call { - return &AWSTaggingClient_GetResourcesWithContext_Call{Call: _e.mock.On("GetResourcesWithContext", - append([]interface{}{_a0, _a1}, _a2...)...)} -} - -func (_c *AWSTaggingClient_GetResourcesWithContext_Call) Run(run func(_a0 context.Context, _a1 *resourcegroupstaggingapi.GetResourcesInput, _a2 ...request.Option)) *AWSTaggingClient_GetResourcesWithContext_Call { - _c.Call.Run(func(args mock.Arguments) { - variadicArgs := make([]request.Option, len(args)-2) - for i, a := range args[2:] { - if a != nil { - variadicArgs[i] = a.(request.Option) - } - } - run(args[0].(context.Context), args[1].(*resourcegroupstaggingapi.GetResourcesInput), variadicArgs...) - }) - return _c -} - -func (_c *AWSTaggingClient_GetResourcesWithContext_Call) Return(_a0 *resourcegroupstaggingapi.GetResourcesOutput, _a1 error) *AWSTaggingClient_GetResourcesWithContext_Call { - _c.Call.Return(_a0, _a1) - return _c -} - -func (_c *AWSTaggingClient_GetResourcesWithContext_Call) RunAndReturn(run func(context.Context, *resourcegroupstaggingapi.GetResourcesInput, ...request.Option) (*resourcegroupstaggingapi.GetResourcesOutput, error)) *AWSTaggingClient_GetResourcesWithContext_Call { - _c.Call.Return(run) - return _c -} - -type mockConstructorTestingTNewAWSTaggingClient interface { - mock.TestingT - Cleanup(func()) -} - -// NewAWSTaggingClient creates a new instance of AWSTaggingClient. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. -func NewAWSTaggingClient(t mockConstructorTestingTNewAWSTaggingClient) *AWSTaggingClient { - mock := &AWSTaggingClient{} - mock.Mock.Test(t) - - t.Cleanup(func() { mock.AssertExpectations(t) }) - - return mock -} diff --git a/applicationset/services/scm_provider/aws_codecommit_test.go b/applicationset/services/scm_provider/aws_codecommit_test.go deleted file mode 100644 index 3a4f7c1a9a6a8..0000000000000 --- a/applicationset/services/scm_provider/aws_codecommit_test.go +++ /dev/null @@ -1,483 +0,0 @@ -package scm_provider - -import ( - "context" - "errors" - "sort" - "testing" - - "github.com/argoproj/argo-cd/v2/applicationset/services/scm_provider/aws_codecommit/mocks" - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/codecommit" - "github.com/aws/aws-sdk-go/service/resourcegroupstaggingapi" - "github.com/google/go-cmp/cmp" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" -) - -type awsCodeCommitTestRepository struct { - name string - id string - arn string - accountId string - defaultBranch string - expectedCloneUrl string - getRepositoryError error - getRepositoryNilMetadata bool - valid bool -} - -func TestAWSCodeCommitListRepos(t *testing.T) { - testCases := []struct { - name string - repositories []*awsCodeCommitTestRepository - cloneProtocol string - tagFilters []*v1alpha1.TagFilter - expectTagFilters []*resourcegroupstaggingapi.TagFilter - listRepositoryError error - expectOverallError bool - expectListAtCodeCommit bool - }{ - { - name: "ListRepos by tag with https", - cloneProtocol: "https", - repositories: []*awsCodeCommitTestRepository{ - { - name: "repo1", - id: "8235624d-d248-4df9-a983-2558b01dbe83", - arn: "arn:aws:codecommit:us-east-1:111111111111:repo1", - defaultBranch: "main", - expectedCloneUrl: "https://git-codecommit.us-east-1.amazonaws.com/v1/repos/repo1", - valid: true, - }, - }, - tagFilters: []*v1alpha1.TagFilter{ - {Key: "key1", Value: "value1"}, - {Key: "key1", Value: "value2"}, - {Key: "key2"}, - }, - expectTagFilters: []*resourcegroupstaggingapi.TagFilter{ - {Key: aws.String("key1"), Values: aws.StringSlice([]string{"value1", "value2"})}, - {Key: aws.String("key2")}, - }, - expectOverallError: false, - expectListAtCodeCommit: false, - }, - { - name: "ListRepos by tag with https-fips", - cloneProtocol: "https-fips", - repositories: []*awsCodeCommitTestRepository{ - { - name: "repo1", - id: "8235624d-d248-4df9-a983-2558b01dbe83", - arn: "arn:aws:codecommit:us-east-1:111111111111:repo1", - defaultBranch: "main", - expectedCloneUrl: "https://git-codecommit-fips.us-east-1.amazonaws.com/v1/repos/repo1", - valid: true, - }, - }, - tagFilters: []*v1alpha1.TagFilter{ - {Key: "key1"}, - }, - expectTagFilters: []*resourcegroupstaggingapi.TagFilter{ - {Key: aws.String("key1")}, - }, - expectOverallError: false, - expectListAtCodeCommit: false, - }, - { - name: "ListRepos without tag with invalid repo", - cloneProtocol: "ssh", - repositories: []*awsCodeCommitTestRepository{ - { - name: "repo1", - id: "8235624d-d248-4df9-a983-2558b01dbe83", - arn: "arn:aws:codecommit:us-east-1:111111111111:repo1", - defaultBranch: "main", - expectedCloneUrl: "ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/repo1", - valid: true, - }, - { - name: "repo2", - id: "640d5859-d265-4e27-a9fa-e0731eb13ed7", - arn: "arn:aws:codecommit:us-east-1:111111111111:repo2", - valid: false, - }, - { - name: "repo3-nil-metadata", - id: "24a6ee96-d3a0-4be6-a595-c5e5b1ab1617", - arn: "arn:aws:codecommit:us-east-1:111111111111:repo3-nil-metadata", - getRepositoryNilMetadata: true, - valid: false, - }, - }, - expectOverallError: false, - expectListAtCodeCommit: true, - }, - { - name: "ListRepos with invalid protocol", - cloneProtocol: "invalid-protocol", - repositories: []*awsCodeCommitTestRepository{ - { - name: "repo1", - id: "8235624d-d248-4df9-a983-2558b01dbe83", - arn: "arn:aws:codecommit:us-east-1:111111111111:repo1", - defaultBranch: "main", - valid: true, - }, - }, - expectOverallError: true, - expectListAtCodeCommit: true, - }, - { - name: "ListRepos error on listRepos", - cloneProtocol: "https", - listRepositoryError: errors.New("list repo error"), - expectOverallError: true, - expectListAtCodeCommit: true, - }, - { - name: "ListRepos error on getRepo", - cloneProtocol: "https", - repositories: []*awsCodeCommitTestRepository{ - { - name: "repo1", - id: "8235624d-d248-4df9-a983-2558b01dbe83", - arn: "arn:aws:codecommit:us-east-1:111111111111:repo1", - defaultBranch: "main", - getRepositoryError: errors.New("get repo error"), - valid: true, - }, - }, - expectOverallError: true, - expectListAtCodeCommit: true, - }, - } - - for _, testCase := range testCases { - t.Run(testCase.name, func(t *testing.T) { - codeCommitClient := mocks.NewAWSCodeCommitClient(t) - taggingClient := mocks.NewAWSTaggingClient(t) - ctx := context.Background() - codecommitRepoNameIdPairs := make([]*codecommit.RepositoryNameIdPair, 0) - resourceTaggings := make([]*resourcegroupstaggingapi.ResourceTagMapping, 0) - validRepositories := make([]*awsCodeCommitTestRepository, 0) - - for _, repo := range testCase.repositories { - repoMetadata := &codecommit.RepositoryMetadata{ - AccountId: aws.String(repo.accountId), - Arn: aws.String(repo.arn), - CloneUrlHttp: aws.String("https://git-codecommit.us-east-1.amazonaws.com/v1/repos/" + repo.name), - CloneUrlSsh: aws.String("ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/" + repo.name), - DefaultBranch: aws.String(repo.defaultBranch), - RepositoryId: aws.String(repo.id), - RepositoryName: aws.String(repo.name), - } - if repo.getRepositoryNilMetadata { - repoMetadata = nil - } - codeCommitClient.EXPECT(). - GetRepositoryWithContext(ctx, &codecommit.GetRepositoryInput{RepositoryName: aws.String(repo.name)}). - Return(&codecommit.GetRepositoryOutput{RepositoryMetadata: repoMetadata}, repo.getRepositoryError) - codecommitRepoNameIdPairs = append(codecommitRepoNameIdPairs, &codecommit.RepositoryNameIdPair{ - RepositoryId: aws.String(repo.id), - RepositoryName: aws.String(repo.name), - }) - resourceTaggings = append(resourceTaggings, &resourcegroupstaggingapi.ResourceTagMapping{ - ResourceARN: aws.String(repo.arn), - }) - if repo.valid { - validRepositories = append(validRepositories, repo) - } - } - - if testCase.expectListAtCodeCommit { - codeCommitClient.EXPECT(). - ListRepositoriesWithContext(ctx, &codecommit.ListRepositoriesInput{}). - Return(&codecommit.ListRepositoriesOutput{ - Repositories: codecommitRepoNameIdPairs, - }, testCase.listRepositoryError) - } else { - taggingClient.EXPECT(). - GetResourcesWithContext(ctx, mock.MatchedBy(equalIgnoringTagFilterOrder(&resourcegroupstaggingapi.GetResourcesInput{ - TagFilters: testCase.expectTagFilters, - ResourceTypeFilters: aws.StringSlice([]string{resourceTypeCodeCommitRepository}), - }))). - Return(&resourcegroupstaggingapi.GetResourcesOutput{ - ResourceTagMappingList: resourceTaggings, - }, testCase.listRepositoryError) - } - - provider := &AWSCodeCommitProvider{ - codeCommitClient: codeCommitClient, - taggingClient: taggingClient, - tagFilters: testCase.tagFilters, - } - repos, err := provider.ListRepos(ctx, testCase.cloneProtocol) - if testCase.expectOverallError { - assert.Error(t, err) - } else { - assert.Len(t, repos, len(validRepositories)) - for i, repo := range repos { - originRepo := validRepositories[i] - assert.Equal(t, originRepo.accountId, repo.Organization) - assert.Equal(t, originRepo.name, repo.Repository) - assert.Equal(t, originRepo.id, repo.RepositoryId) - assert.Equal(t, originRepo.defaultBranch, repo.Branch) - assert.Equal(t, originRepo.expectedCloneUrl, repo.URL) - assert.Empty(t, repo.SHA, "SHA is always empty") - } - } - }) - } -} - -func TestAWSCodeCommitRepoHasPath(t *testing.T) { - organization := "111111111111" - repoName := "repo1" - branch := "main" - - testCases := []struct { - name string - path string - expectedGetFolderPath string - getFolderOutput *codecommit.GetFolderOutput - getFolderError error - expectOverallError bool - expectedResult bool - }{ - { - name: "RepoHasPath on regular file", - path: "lib/config.yaml", - expectedGetFolderPath: "/lib", - getFolderOutput: &codecommit.GetFolderOutput{ - Files: []*codecommit.File{ - {RelativePath: aws.String("config.yaml")}, - }, - }, - expectOverallError: false, - expectedResult: true, - }, - { - name: "RepoHasPath on folder", - path: "lib/config", - expectedGetFolderPath: "/lib", - getFolderOutput: &codecommit.GetFolderOutput{ - SubFolders: []*codecommit.Folder{ - {RelativePath: aws.String("config")}, - }, - }, - expectOverallError: false, - expectedResult: true, - }, - { - name: "RepoHasPath on submodules", - path: "/lib/submodule/", - expectedGetFolderPath: "/lib", - getFolderOutput: &codecommit.GetFolderOutput{ - SubModules: []*codecommit.SubModule{ - {RelativePath: aws.String("submodule")}, - }, - }, - expectOverallError: false, - expectedResult: true, - }, - { - name: "RepoHasPath on symlink", - path: "./lib/service.json", - expectedGetFolderPath: "/lib", - getFolderOutput: &codecommit.GetFolderOutput{ - SymbolicLinks: []*codecommit.SymbolicLink{ - {RelativePath: aws.String("service.json")}, - }, - }, - expectOverallError: false, - expectedResult: true, - }, - { - name: "RepoHasPath when no match", - path: "no-match.json", - expectedGetFolderPath: "/", - getFolderOutput: &codecommit.GetFolderOutput{ - Files: []*codecommit.File{ - {RelativePath: aws.String("config.yaml")}, - }, - SubFolders: []*codecommit.Folder{ - {RelativePath: aws.String("config")}, - }, - SubModules: []*codecommit.SubModule{ - {RelativePath: aws.String("submodule")}, - }, - SymbolicLinks: []*codecommit.SymbolicLink{ - {RelativePath: aws.String("service.json")}, - }, - }, - expectOverallError: false, - expectedResult: false, - }, - { - name: "RepoHasPath when parent folder not found", - path: "lib/submodule", - expectedGetFolderPath: "/lib", - getFolderError: &codecommit.FolderDoesNotExistException{}, - expectOverallError: false, - }, - { - name: "RepoHasPath when unknown error", - path: "lib/submodule", - expectedGetFolderPath: "/lib", - getFolderError: errors.New("unknown error"), - expectOverallError: true, - }, - { - name: "RepoHasPath on root folder - './'", - path: "./", - expectOverallError: false, - expectedResult: true, - }, - { - name: "RepoHasPath on root folder - '/'", - path: "/", - expectOverallError: false, - expectedResult: true, - }, - } - - for _, testCase := range testCases { - t.Run(testCase.name, func(t *testing.T) { - codeCommitClient := mocks.NewAWSCodeCommitClient(t) - taggingClient := mocks.NewAWSTaggingClient(t) - ctx := context.Background() - if testCase.expectedGetFolderPath != "" { - codeCommitClient.EXPECT(). - GetFolderWithContext(ctx, &codecommit.GetFolderInput{ - CommitSpecifier: aws.String(branch), - FolderPath: aws.String(testCase.expectedGetFolderPath), - RepositoryName: aws.String(repoName), - }). - Return(testCase.getFolderOutput, testCase.getFolderError) - } - provider := &AWSCodeCommitProvider{ - codeCommitClient: codeCommitClient, - taggingClient: taggingClient, - } - actual, err := provider.RepoHasPath(ctx, &Repository{ - Organization: organization, - Repository: repoName, - Branch: branch, - }, testCase.path) - if testCase.expectOverallError { - assert.Error(t, err) - } else { - assert.Equal(t, testCase.expectedResult, actual) - } - }) - } -} - -func TestAWSCodeCommitGetBranches(t *testing.T) { - name := "repo1" - id := "1a64adc4-2fb5-4abd-afe7-127984ba83c0" - defaultBranch := "main" - organization := "111111111111" - cloneUrl := "https://git-codecommit.us-east-1.amazonaws.com/v1/repos/repo1" - - testCases := []struct { - name string - branches []string - apiError error - expectOverallError bool - allBranches bool - }{ - { - name: "GetBranches all branches", - branches: []string{"main", "feature/codecommit", "chore/go-upgrade"}, - allBranches: true, - }, - { - name: "GetBranches default branch only", - allBranches: false, - }, - { - name: "GetBranches default branch only", - allBranches: false, - }, - { - name: "GetBranches all branches on api error", - apiError: errors.New("api error"), - expectOverallError: true, - allBranches: true, - }, - { - name: "GetBranches default branch on api error", - apiError: errors.New("api error"), - expectOverallError: true, - allBranches: false, - }, - } - - for _, testCase := range testCases { - t.Run(testCase.name, func(t *testing.T) { - codeCommitClient := mocks.NewAWSCodeCommitClient(t) - taggingClient := mocks.NewAWSTaggingClient(t) - ctx := context.Background() - if testCase.allBranches { - codeCommitClient.EXPECT(). - ListBranchesWithContext(ctx, &codecommit.ListBranchesInput{ - RepositoryName: aws.String(name), - }). - Return(&codecommit.ListBranchesOutput{Branches: aws.StringSlice(testCase.branches)}, testCase.apiError) - } else { - codeCommitClient.EXPECT(). - GetRepositoryWithContext(ctx, &codecommit.GetRepositoryInput{RepositoryName: aws.String(name)}). - Return(&codecommit.GetRepositoryOutput{RepositoryMetadata: &codecommit.RepositoryMetadata{ - AccountId: aws.String(organization), - DefaultBranch: aws.String(defaultBranch), - }}, testCase.apiError) - } - provider := &AWSCodeCommitProvider{ - codeCommitClient: codeCommitClient, - taggingClient: taggingClient, - allBranches: testCase.allBranches, - } - actual, err := provider.GetBranches(ctx, &Repository{ - Organization: organization, - Repository: name, - URL: cloneUrl, - RepositoryId: id, - }) - if testCase.expectOverallError { - assert.Error(t, err) - } else { - assertCopiedProperties := func(repo *Repository) { - assert.Equal(t, id, repo.RepositoryId) - assert.Equal(t, name, repo.Repository) - assert.Equal(t, cloneUrl, repo.URL) - assert.Equal(t, organization, repo.Organization) - assert.Empty(t, repo.SHA) - } - actualBranches := make([]string, 0) - for _, repo := range actual { - assertCopiedProperties(repo) - actualBranches = append(actualBranches, repo.Branch) - } - if testCase.allBranches { - assert.ElementsMatch(t, testCase.branches, actualBranches) - } else { - assert.ElementsMatch(t, []string{defaultBranch}, actualBranches) - } - } - }) - } -} - -// equalIgnoringTagFilterOrder provides an argumentMatcher function that can be used to compare equality of GetResourcesInput ignoring the tagFilter ordering. -func equalIgnoringTagFilterOrder(expected *resourcegroupstaggingapi.GetResourcesInput) func(*resourcegroupstaggingapi.GetResourcesInput) bool { - return func(actual *resourcegroupstaggingapi.GetResourcesInput) bool { - sort.Slice(actual.TagFilters, func(i, j int) bool { - return *actual.TagFilters[i].Key < *actual.TagFilters[j].Key - }) - return cmp.Equal(expected, actual) - } -} diff --git a/applicationset/services/scm_provider/bitbucket_cloud_test.go b/applicationset/services/scm_provider/bitbucket_cloud_test.go index fca03e1693ade..359eac17e3f11 100644 --- a/applicationset/services/scm_provider/bitbucket_cloud_test.go +++ b/applicationset/services/scm_provider/bitbucket_cloud_test.go @@ -5,6 +5,7 @@ import ( "fmt" "net/http" "net/http/httptest" + "os" "testing" "github.com/stretchr/testify/assert" @@ -61,7 +62,7 @@ func TestBitbucketHasRepo(t *testing.T) { })) defer func() { testServer.Close() }() - t.Setenv("BITBUCKET_API_BASE_URL", testServer.URL) + os.Setenv("BITBUCKET_API_BASE_URL", testServer.URL) cases := []struct { name, path, repo, owner, sha string status int @@ -448,7 +449,7 @@ func TestBitbucketListRepos(t *testing.T) { })) defer func() { testServer.Close() }() - t.Setenv("BITBUCKET_API_BASE_URL", testServer.URL) + os.Setenv("BITBUCKET_API_BASE_URL", testServer.URL) cases := []struct { name, proto, owner string hasError, allBranches bool diff --git a/applicationset/services/scm_provider/bitbucket_server.go b/applicationset/services/scm_provider/bitbucket_server.go index 9e46569512156..f8a08bc4ccfc0 100644 --- a/applicationset/services/scm_provider/bitbucket_server.go +++ b/applicationset/services/scm_provider/bitbucket_server.go @@ -3,7 +3,6 @@ package scm_provider import ( "context" "fmt" - "io" "github.com/argoproj/argo-cd/v2/applicationset/utils" bitbucketv1 "github.com/gfleury/go-bitbucket-v1" @@ -184,9 +183,8 @@ func (b *BitbucketServerProvider) listBranches(repo *Repository) ([]bitbucketv1. func (b *BitbucketServerProvider) getDefaultBranch(org string, repo string) (*bitbucketv1.Branch, error) { response, err := b.client.DefaultApi.GetDefaultBranch(org, repo) - // The API will return 404 if a default branch is set but doesn't exist. In case the repo is empty and default branch is unset, - // we will get an EOF and a nil response. - if (response != nil && response.StatusCode == 404) || (response == nil && err == io.EOF) { + if response != nil && response.StatusCode == 404 { + // There's no default branch i.e. empty repo, not an error return nil, nil } if err != nil { diff --git a/applicationset/services/scm_provider/bitbucket_server_test.go b/applicationset/services/scm_provider/bitbucket_server_test.go index d403bd72caaac..d6741981e1c54 100644 --- a/applicationset/services/scm_provider/bitbucket_server_test.go +++ b/applicationset/services/scm_provider/bitbucket_server_test.go @@ -365,28 +365,6 @@ func TestGetBranchesMissingDefault(t *testing.T) { assert.Empty(t, repos) } -func TestGetBranchesEmptyRepo(t *testing.T) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - assert.Empty(t, r.Header.Get("Authorization")) - switch r.RequestURI { - case "/rest/api/1.0/projects/PROJECT/repos/REPO/branches/default": - return - } - })) - defer ts.Close() - provider, err := NewBitbucketServerProviderNoAuth(context.Background(), ts.URL, "PROJECT", false) - assert.NoError(t, err) - repos, err := provider.GetBranches(context.Background(), &Repository{ - Organization: "PROJECT", - Repository: "REPO", - URL: "ssh://git@mycompany.bitbucket.org/PROJECT/REPO.git", - Labels: []string{}, - RepositoryId: 1, - }) - assert.Empty(t, repos) - assert.NoError(t, err) -} - func TestGetBranchesErrorDefaultBranch(t *testing.T) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { assert.Empty(t, r.Header.Get("Authorization")) diff --git a/applicationset/services/scm_provider/gitlab.go b/applicationset/services/scm_provider/gitlab.go index d132de2b8fc9a..26f8060f2b669 100644 --- a/applicationset/services/scm_provider/gitlab.go +++ b/applicationset/services/scm_provider/gitlab.go @@ -3,54 +3,42 @@ package scm_provider import ( "context" "fmt" - "net/http" "os" + "net/http" pathpkg "path" - "github.com/argoproj/argo-cd/v2/applicationset/utils" - "github.com/hashicorp/go-retryablehttp" - "github.com/xanzy/go-gitlab" + gitlab "github.com/xanzy/go-gitlab" ) type GitlabProvider struct { - client *gitlab.Client - organization string - allBranches bool - includeSubgroups bool - includeSharedProjects bool - topic string + client *gitlab.Client + organization string + allBranches bool + includeSubgroups bool } var _ SCMProviderService = &GitlabProvider{} -func NewGitlabProvider(ctx context.Context, organization string, token string, url string, allBranches, includeSubgroups, includeSharedProjects, insecure bool, scmRootCAPath, topic string) (*GitlabProvider, error) { +func NewGitlabProvider(ctx context.Context, organization string, token string, url string, allBranches, includeSubgroups bool) (*GitlabProvider, error) { // Undocumented environment variable to set a default token, to be used in testing to dodge anonymous rate limits. if token == "" { token = os.Getenv("GITLAB_TOKEN") } var client *gitlab.Client - - tr := &http.Transport{ - TLSClientConfig: utils.GetTlsConfig(scmRootCAPath, insecure), - } - retryClient := retryablehttp.NewClient() - retryClient.HTTPClient.Transport = tr - if url == "" { var err error - client, err = gitlab.NewClient(token, gitlab.WithHTTPClient(retryClient.HTTPClient)) + client, err = gitlab.NewClient(token) if err != nil { return nil, err } } else { var err error - client, err = gitlab.NewClient(token, gitlab.WithBaseURL(url), gitlab.WithHTTPClient(retryClient.HTTPClient)) + client, err = gitlab.NewClient(token, gitlab.WithBaseURL(url)) if err != nil { return nil, err } } - - return &GitlabProvider{client: client, organization: organization, allBranches: allBranches, includeSubgroups: includeSubgroups, includeSharedProjects: includeSharedProjects, topic: topic}, nil + return &GitlabProvider{client: client, organization: organization, allBranches: allBranches, includeSubgroups: includeSubgroups}, nil } func (g *GitlabProvider) GetBranches(ctx context.Context, repo *Repository) ([]*Repository, error) { @@ -77,11 +65,8 @@ func (g *GitlabProvider) GetBranches(ctx context.Context, repo *Repository) ([]* func (g *GitlabProvider) ListRepos(ctx context.Context, cloneProtocol string) ([]*Repository, error) { opt := &gitlab.ListGroupProjectsOptions{ ListOptions: gitlab.ListOptions{PerPage: 100}, - IncludeSubGroups: &g.includeSubgroups, - WithShared: &g.includeSharedProjects, - Topic: &g.topic, + IncludeSubgroups: &g.includeSubgroups, } - repos := []*Repository{} for { gitlabRepos, resp, err := g.client.Groups.ListGroupProjects(g.organization, opt) diff --git a/applicationset/services/scm_provider/gitlab_test.go b/applicationset/services/scm_provider/gitlab_test.go index 11b21cb6da6d4..2fd61f28b6eea 100644 --- a/applicationset/services/scm_provider/gitlab_test.go +++ b/applicationset/services/scm_provider/gitlab_test.go @@ -19,7 +19,7 @@ func gitlabMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request) { switch r.RequestURI { case "/api/v4": fmt.Println("here1") - case "/api/v4/groups/test-argocd-proton/projects?include_subgroups=false&per_page=100", "/api/v4/groups/test-argocd-proton/projects?include_subgroups=false&per_page=100&topic=&with_shared=false": + case "/api/v4/groups/test-argocd-proton/projects?include_subgroups=false&per_page=100": fmt.Println("here") _, err := io.WriteString(w, `[{ "id": 27084533, @@ -30,12 +30,8 @@ func gitlabMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request) { "path_with_namespace": "test-argocd-proton/argocd", "created_at": "2021-06-01T17:30:44.724Z", "default_branch": "master", - "tag_list": [ - "test-topic" - ], - "topics": [ - "test-topic" - ], + "tag_list": [], + "topics": [], "ssh_url_to_repo": "git@gitlab.com:test-argocd-proton/argocd.git", "http_url_to_repo": "https://gitlab.com/test-argocd-proton/argocd.git", "web_url": "https://gitlab.com/test-argocd-proton/argocd", @@ -147,650 +143,6 @@ func gitlabMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request) { if err != nil { t.Fail() } - case "/api/v4/groups/test-argocd-proton/projects?include_subgroups=true&per_page=100&topic=&with_shared=false": - fmt.Println("here") - _, err := io.WriteString(w, `[{ - "id": 27084533, - "description": "", - "name": "argocd", - "name_with_namespace": "test argocd proton / argocd", - "path": "argocd", - "path_with_namespace": "test-argocd-proton/argocd", - "created_at": "2021-06-01T17:30:44.724Z", - "default_branch": "master", - "tag_list": [ - "test-topic", - "specific-topic" - ], - "topics": [ - "test-topic", - "specific-topic" - ], - "ssh_url_to_repo": "git@gitlab.com:test-argocd-proton/argocd.git", - "http_url_to_repo": "https://gitlab.com/test-argocd-proton/argocd.git", - "web_url": "https://gitlab.com/test-argocd-proton/argocd", - "readme_url": null, - "avatar_url": null, - "forks_count": 0, - "star_count": 0, - "last_activity_at": "2021-06-04T08:19:51.656Z", - "namespace": { - "id": 12258515, - "name": "test argocd proton", - "path": "test-argocd-proton", - "kind": "gro* Connection #0 to host gitlab.com left intact up ", - "full_path ": "test - argocd - proton ", - "parent_id ": null, - "avatar_url ": null, - "web_url ": "https: //gitlab.com/groups/test-argocd-proton" - }, - "container_registry_image_prefix": "registry.gitlab.com/test-argocd-proton/argocd", - "_links": { - "self": "https://gitlab.com/api/v4/projects/27084533", - "issues": "https://gitlab.com/api/v4/projects/27084533/issues", - "merge_requests": "https://gitlab.com/api/v4/projects/27084533/merge_requests", - "repo_branches": "https://gitlab.com/api/v4/projects/27084533/repository/branches", - "labels": "https://gitlab.com/api/v4/projects/27084533/labels", - "events": "https://gitlab.com/api/v4/projects/27084533/events", - "members": "https://gitlab.com/api/v4/projects/27084533/members", - "cluster_agents": "https://gitlab.com/api/v4/projects/27084533/cluster_agents" - }, - "packages_enabled": true, - "empty_repo": false, - "archived": false, - "visibility": "public", - "resolve_outdated_diff_discussions": false, - "container_expiration_policy": { - "cadence": "1d", - "enabled": false, - "keep_n": 10, - "older_than": "90d", - "name_regex": ".*", - "name_regex_keep": null, - "next_run_at": "2021-06-02T17:30:44.740Z" - }, - "issues_enabled": true, - "merge_requests_enabled": true, - "wiki_enabled": true, - "jobs_enabled": true, - "snippets_enabled": true, - "container_registry_enabled": true, - "service_desk_enabled": true, - "can_create_merge_request_in": false, - "issues_access_level": "enabled", - "repository_access_level": "enabled", - "merge_requests_access_level": "enabled", - "forking_access_level": "enabled", - "wiki_access_level": "enabled", - "builds_access_level": "enabled", - "snippets_access_level": "enabled", - "pages_access_level": "enabled", - "operations_access_level": "enabled", - "analytics_access_level": "enabled", - "container_registry_access_level": "enabled", - "security_and_compliance_access_level": "private", - "emails_disabled": null, - "shared_runners_enabled": true, - "lfs_enabled": true, - "creator_id": 2378866, - "import_status": "none", - "open_issues_count": 0, - "ci_default_git_depth": 50, - "ci_forward_deployment_enabled": true, - "ci_job_token_scope_enabled": false, - "public_jobs": true, - "build_timeout": 3600, - "auto_cancel_pending_pipelines": "enabled", - "ci_config_path": "", - "shared_with_groups": [], - "only_allow_merge_if_pipeline_succeeds": false, - "allow_merge_on_skipped_pipeline": null, - "restrict_user_defined_variables": false, - "request_access_enabled": true, - "only_allow_merge_if_all_discussions_are_resolved": false, - "remove_source_branch_after_merge": true, - "printing_merge_request_link_enabled": true, - "merge_method": "merge", - "squash_option": "default_off", - "suggestion_commit_message": null, - "merge_commit_template": null, - "squash_commit_template": null, - "auto_devops_enabled": false, - "auto_devops_deploy_strategy": "continuous", - "autoclose_referenced_issues": true, - "keep_latest_artifact": true, - "runner_token_expiration_interval": null, - "approvals_before_merge": 0, - "mirror": false, - "external_authorization_classification_label": "", - "marked_for_deletion_at": null, - "marked_for_deletion_on": null, - "requirements_enabled": true, - "requirements_access_level": "enabled", - "security_and_compliance_enabled": false, - "compliance_frameworks": [], - "issues_template": null, - "merge_requests_template": null, - "merge_pipelines_enabled": false, - "merge_trains_enabled": false - }, - { - "id": 27084538, - "description": "This is a Project from a Subgroup", - "name": "argocd-subgroup", - "name_with_namespace": "test argocd proton / subgroup / argocd-subgroup", - "path": "argocd-subgroup", - "path_with_namespace": "test-argocd-proton/subgroup/argocd-subgroup", - "created_at": "2021-06-01T17:30:44.724Z", - "default_branch": "master", - "tag_list": [ - "test-topic" - ], - "topics": [ - "test-topic" - ], - "ssh_url_to_repo": "git@gitlab.com:test-argocd-proton/subgroup/argocd-subgroup.git", - "http_url_to_repo": "https://gitlab.com/test-argocd-proton/subgroup/argocd-subgroup.git", - "web_url": "https://gitlab.com/test-argocd-proton/subgroup/argocd-subgroup", - "readme_url": null, - "avatar_url": null, - "forks_count": 0, - "star_count": 0, - "last_activity_at": "2021-06-04T08:19:51.656Z", - "namespace": { - "id": 12258542, - "name": "subgroup", - "path": "subgroup", - "kind": "group ", - "full_path ": "test-argocd-proton/subgroup", - "parent_id ": 12258515, - "avatar_url ": null, - "web_url ": "https: //gitlab.com/groups/test-argocd-proton/subgroup" - }, - "container_registry_image_prefix": "registry.gitlab.com/test-argocd-proton/subgroup/argocd", - "_links": { - "self": "https://gitlab.com/api/v4/projects/27084538", - "issues": "https://gitlab.com/api/v4/projects/27084538/issues", - "merge_requests": "https://gitlab.com/api/v4/projects/27084538/merge_requests", - "repo_branches": "https://gitlab.com/api/v4/projects/27084538/repository/branches", - "labels": "https://gitlab.com/api/v4/projects/27084538/labels", - "events": "https://gitlab.com/api/v4/projects/27084538/events", - "members": "https://gitlab.com/api/v4/projects/27084538/members", - "cluster_agents": "https://gitlab.com/api/v4/projects/27084538/cluster_agents" - }, - "packages_enabled": true, - "empty_repo": false, - "archived": false, - "visibility": "public", - "resolve_outdated_diff_discussions": false, - "container_expiration_policy": { - "cadence": "1d", - "enabled": false, - "keep_n": 10, - "older_than": "90d", - "name_regex": ".*", - "name_regex_keep": null, - "next_run_at": "2021-06-02T17:30:44.740Z" - }, - "issues_enabled": true, - "merge_requests_enabled": true, - "wiki_enabled": true, - "jobs_enabled": true, - "snippets_enabled": true, - "container_registry_enabled": true, - "service_desk_enabled": true, - "can_create_merge_request_in": false, - "issues_access_level": "enabled", - "repository_access_level": "enabled", - "merge_requests_access_level": "enabled", - "forking_access_level": "enabled", - "wiki_access_level": "enabled", - "builds_access_level": "enabled", - "snippets_access_level": "enabled", - "pages_access_level": "enabled", - "operations_access_level": "enabled", - "analytics_access_level": "enabled", - "container_registry_access_level": "enabled", - "security_and_compliance_access_level": "private", - "emails_disabled": null, - "shared_runners_enabled": true, - "lfs_enabled": true, - "creator_id": 2378866, - "import_status": "none", - "open_issues_count": 0, - "ci_default_git_depth": 50, - "ci_forward_deployment_enabled": true, - "ci_job_token_scope_enabled": false, - "public_jobs": true, - "build_timeout": 3600, - "auto_cancel_pending_pipelines": "enabled", - "ci_config_path": "", - "shared_with_groups": [], - "only_allow_merge_if_pipeline_succeeds": false, - "allow_merge_on_skipped_pipeline": null, - "restrict_user_defined_variables": false, - "request_access_enabled": true, - "only_allow_merge_if_all_discussions_are_resolved": false, - "remove_source_branch_after_merge": true, - "printing_merge_request_link_enabled": true, - "merge_method": "merge", - "squash_option": "default_off", - "suggestion_commit_message": null, - "merge_commit_template": null, - "squash_commit_template": null, - "auto_devops_enabled": false, - "auto_devops_deploy_strategy": "continuous", - "autoclose_referenced_issues": true, - "keep_latest_artifact": true, - "runner_token_expiration_interval": null, - "approvals_before_merge": 0, - "mirror": false, - "external_authorization_classification_label": "", - "marked_for_deletion_at": null, - "marked_for_deletion_on": null, - "requirements_enabled": true, - "requirements_access_level": "enabled", - "security_and_compliance_enabled": false, - "compliance_frameworks": [], - "issues_template": null, - "merge_requests_template": null, - "merge_pipelines_enabled": false, - "merge_trains_enabled": false - } - ]`) - if err != nil { - t.Fail() - } - case "/api/v4/groups/test-argocd-proton/projects?include_subgroups=false&per_page=100&topic=specific-topic&with_shared=false": - fmt.Println("here") - _, err := io.WriteString(w, `[{ - "id": 27084533, - "description": "", - "name": "argocd", - "name_with_namespace": "test argocd proton / argocd", - "path": "argocd", - "path_with_namespace": "test-argocd-proton/argocd", - "created_at": "2021-06-01T17:30:44.724Z", - "default_branch": "master", - "tag_list": [ - "test-topic", - "specific-topic" - ], - "topics": [ - "test-topic", - "specific-topic" - ], - "ssh_url_to_repo": "git@gitlab.com:test-argocd-proton/argocd.git", - "http_url_to_repo": "https://gitlab.com/test-argocd-proton/argocd.git", - "web_url": "https://gitlab.com/test-argocd-proton/argocd", - "readme_url": null, - "avatar_url": null, - "forks_count": 0, - "star_count": 0, - "last_activity_at": "2021-06-04T08:19:51.656Z", - "namespace": { - "id": 12258515, - "name": "test argocd proton", - "path": "test-argocd-proton", - "kind": "gro* Connection #0 to host gitlab.com left intact up ", - "full_path ": "test - argocd - proton ", - "parent_id ": null, - "avatar_url ": null, - "web_url ": "https: //gitlab.com/groups/test-argocd-proton" - }, - "container_registry_image_prefix": "registry.gitlab.com/test-argocd-proton/argocd", - "_links": { - "self": "https://gitlab.com/api/v4/projects/27084533", - "issues": "https://gitlab.com/api/v4/projects/27084533/issues", - "merge_requests": "https://gitlab.com/api/v4/projects/27084533/merge_requests", - "repo_branches": "https://gitlab.com/api/v4/projects/27084533/repository/branches", - "labels": "https://gitlab.com/api/v4/projects/27084533/labels", - "events": "https://gitlab.com/api/v4/projects/27084533/events", - "members": "https://gitlab.com/api/v4/projects/27084533/members", - "cluster_agents": "https://gitlab.com/api/v4/projects/27084533/cluster_agents" - }, - "packages_enabled": true, - "empty_repo": false, - "archived": false, - "visibility": "public", - "resolve_outdated_diff_discussions": false, - "container_expiration_policy": { - "cadence": "1d", - "enabled": false, - "keep_n": 10, - "older_than": "90d", - "name_regex": ".*", - "name_regex_keep": null, - "next_run_at": "2021-06-02T17:30:44.740Z" - }, - "issues_enabled": true, - "merge_requests_enabled": true, - "wiki_enabled": true, - "jobs_enabled": true, - "snippets_enabled": true, - "container_registry_enabled": true, - "service_desk_enabled": true, - "can_create_merge_request_in": false, - "issues_access_level": "enabled", - "repository_access_level": "enabled", - "merge_requests_access_level": "enabled", - "forking_access_level": "enabled", - "wiki_access_level": "enabled", - "builds_access_level": "enabled", - "snippets_access_level": "enabled", - "pages_access_level": "enabled", - "operations_access_level": "enabled", - "analytics_access_level": "enabled", - "container_registry_access_level": "enabled", - "security_and_compliance_access_level": "private", - "emails_disabled": null, - "shared_runners_enabled": true, - "lfs_enabled": true, - "creator_id": 2378866, - "import_status": "none", - "open_issues_count": 0, - "ci_default_git_depth": 50, - "ci_forward_deployment_enabled": true, - "ci_job_token_scope_enabled": false, - "public_jobs": true, - "build_timeout": 3600, - "auto_cancel_pending_pipelines": "enabled", - "ci_config_path": "", - "shared_with_groups": [], - "only_allow_merge_if_pipeline_succeeds": false, - "allow_merge_on_skipped_pipeline": null, - "restrict_user_defined_variables": false, - "request_access_enabled": true, - "only_allow_merge_if_all_discussions_are_resolved": false, - "remove_source_branch_after_merge": true, - "printing_merge_request_link_enabled": true, - "merge_method": "merge", - "squash_option": "default_off", - "suggestion_commit_message": null, - "merge_commit_template": null, - "squash_commit_template": null, - "auto_devops_enabled": false, - "auto_devops_deploy_strategy": "continuous", - "autoclose_referenced_issues": true, - "keep_latest_artifact": true, - "runner_token_expiration_interval": null, - "approvals_before_merge": 0, - "mirror": false, - "external_authorization_classification_label": "", - "marked_for_deletion_at": null, - "marked_for_deletion_on": null, - "requirements_enabled": true, - "requirements_access_level": "enabled", - "security_and_compliance_enabled": false, - "compliance_frameworks": [], - "issues_template": null, - "merge_requests_template": null, - "merge_pipelines_enabled": false, - "merge_trains_enabled": false - } - ]`) - if err != nil { - t.Fail() - } - case "/api/v4/groups/test-argocd-proton/projects?include_subgroups=true&per_page=100&topic=&with_shared=true": - fmt.Println("here") - _, err := io.WriteString(w, `[{ - "id": 27084533, - "description": "", - "name": "argocd", - "name_with_namespace": "test argocd proton / argocd", - "path": "argocd", - "path_with_namespace": "test-argocd-proton/argocd", - "created_at": "2021-06-01T17:30:44.724Z", - "default_branch": "master", - "tag_list": [ - "test-topic" - ], - "topics": [ - "test-topic" - ], - "ssh_url_to_repo": "git@gitlab.com:test-argocd-proton/argocd.git", - "http_url_to_repo": "https://gitlab.com/test-argocd-proton/argocd.git", - "web_url": "https://gitlab.com/test-argocd-proton/argocd", - "readme_url": null, - "avatar_url": null, - "forks_count": 0, - "star_count": 0, - "last_activity_at": "2021-06-04T08:19:51.656Z", - "namespace": { - "id": 12258515, - "name": "test argocd proton", - "path": "test-argocd-proton", - "kind": "gro* Connection #0 to host gitlab.com left intact up ", - "full_path ": "test - argocd - proton ", - "parent_id ": null, - "avatar_url ": null, - "web_url ": "https: //gitlab.com/groups/test-argocd-proton" - }, - "container_registry_image_prefix": "registry.gitlab.com/test-argocd-proton/argocd", - "_links": { - "self": "https://gitlab.com/api/v4/projects/27084533", - "issues": "https://gitlab.com/api/v4/projects/27084533/issues", - "merge_requests": "https://gitlab.com/api/v4/projects/27084533/merge_requests", - "repo_branches": "https://gitlab.com/api/v4/projects/27084533/repository/branches", - "labels": "https://gitlab.com/api/v4/projects/27084533/labels", - "events": "https://gitlab.com/api/v4/projects/27084533/events", - "members": "https://gitlab.com/api/v4/projects/27084533/members", - "cluster_agents": "https://gitlab.com/api/v4/projects/27084533/cluster_agents" - }, - "packages_enabled": true, - "empty_repo": false, - "archived": false, - "visibility": "public", - "resolve_outdated_diff_discussions": false, - "container_expiration_policy": { - "cadence": "1d", - "enabled": false, - "keep_n": 10, - "older_than": "90d", - "name_regex": ".*", - "name_regex_keep": null, - "next_run_at": "2021-06-02T17:30:44.740Z" - }, - "issues_enabled": true, - "merge_requests_enabled": true, - "wiki_enabled": true, - "jobs_enabled": true, - "snippets_enabled": true, - "container_registry_enabled": true, - "service_desk_enabled": true, - "can_create_merge_request_in": false, - "issues_access_level": "enabled", - "repository_access_level": "enabled", - "merge_requests_access_level": "enabled", - "forking_access_level": "enabled", - "wiki_access_level": "enabled", - "builds_access_level": "enabled", - "snippets_access_level": "enabled", - "pages_access_level": "enabled", - "operations_access_level": "enabled", - "analytics_access_level": "enabled", - "container_registry_access_level": "enabled", - "security_and_compliance_access_level": "private", - "emails_disabled": null, - "shared_runners_enabled": true, - "lfs_enabled": true, - "creator_id": 2378866, - "import_status": "none", - "open_issues_count": 0, - "ci_default_git_depth": 50, - "ci_forward_deployment_enabled": true, - "ci_job_token_scope_enabled": false, - "public_jobs": true, - "build_timeout": 3600, - "auto_cancel_pending_pipelines": "enabled", - "ci_config_path": "", - "shared_with_groups": [], - "only_allow_merge_if_pipeline_succeeds": false, - "allow_merge_on_skipped_pipeline": null, - "restrict_user_defined_variables": false, - "request_access_enabled": true, - "only_allow_merge_if_all_discussions_are_resolved": false, - "remove_source_branch_after_merge": true, - "printing_merge_request_link_enabled": true, - "merge_method": "merge", - "squash_option": "default_off", - "suggestion_commit_message": null, - "merge_commit_template": null, - "squash_commit_template": null, - "auto_devops_enabled": false, - "auto_devops_deploy_strategy": "continuous", - "autoclose_referenced_issues": true, - "keep_latest_artifact": true, - "runner_token_expiration_interval": null, - "approvals_before_merge": 0, - "mirror": false, - "external_authorization_classification_label": "", - "marked_for_deletion_at": null, - "marked_for_deletion_on": null, - "requirements_enabled": true, - "requirements_access_level": "enabled", - "security_and_compliance_enabled": false, - "compliance_frameworks": [], - "issues_template": null, - "merge_requests_template": null, - "merge_pipelines_enabled": false, - "merge_trains_enabled": false - }, - { - "id": 27084534, - "description": "This is a Shared Project", - "name": "shared-argocd", - "name_with_namespace": "shared project to test argocd proton / argocd", - "path": "shared-argocd", - "path_with_namespace": "test-shared-argocd-proton/shared-argocd", - "created_at": "2021-06-11T17:30:44.724Z", - "default_branch": "master", - "tag_list": [ - "test-topic" - ], - "topics": [ - "test-topic" - ], - "ssh_url_to_repo": "git@gitlab.com:test-shared-argocd-proton/shared-argocd.git", - "http_url_to_repo": "https://gitlab.com/test-shared-argocd-proton/shared-argocd.git", - "web_url": "https://gitlab.com/test-shared-argocd-proton/shared-argocd", - "readme_url": null, - "avatar_url": null, - "forks_count": 0, - "star_count": 0, - "last_activity_at": "2021-06-04T08:19:51.656Z", - "namespace": { - "id": 12258518, - "name": "test shared argocd proton", - "path": "test-shared-argocd-proton", - "kind": "group", - "full_path ": "test-shared-argocd-proton", - "parent_id ": null, - "avatar_url ": null, - "web_url ": "https: //gitlab.com/groups/test-shared-argocd-proton" - }, - "container_registry_image_prefix": "registry.gitlab.com/test-shared-argocd-proton/shared-argocd", - "_links": { - "self": "https://gitlab.com/api/v4/projects/27084534", - "issues": "https://gitlab.com/api/v4/projects/27084534/issues", - "merge_requests": "https://gitlab.com/api/v4/projects/27084534/merge_requests", - "repo_branches": "https://gitlab.com/api/v4/projects/27084534/repository/branches", - "labels": "https://gitlab.com/api/v4/projects/27084534/labels", - "events": "https://gitlab.com/api/v4/projects/27084534/events", - "members": "https://gitlab.com/api/v4/projects/27084534/members", - "cluster_agents": "https://gitlab.com/api/v4/projects/27084534/cluster_agents" - }, - "packages_enabled": true, - "empty_repo": false, - "archived": false, - "visibility": "public", - "resolve_outdated_diff_discussions": false, - "container_expiration_policy": { - "cadence": "1d", - "enabled": false, - "keep_n": 10, - "older_than": "90d", - "name_regex": ".*", - "name_regex_keep": null, - "next_run_at": "2021-06-12T17:30:44.740Z" - }, - "issues_enabled": true, - "merge_requests_enabled": true, - "wiki_enabled": true, - "jobs_enabled": true, - "snippets_enabled": true, - "container_registry_enabled": true, - "service_desk_enabled": true, - "can_create_merge_request_in": false, - "issues_access_level": "enabled", - "repository_access_level": "enabled", - "merge_requests_access_level": "enabled", - "forking_access_level": "enabled", - "wiki_access_level": "enabled", - "builds_access_level": "enabled", - "snippets_access_level": "enabled", - "pages_access_level": "enabled", - "operations_access_level": "enabled", - "analytics_access_level": "enabled", - "container_registry_access_level": "enabled", - "security_and_compliance_access_level": "private", - "emails_disabled": null, - "shared_runners_enabled": true, - "lfs_enabled": true, - "creator_id": 2378866, - "import_status": "none", - "open_issues_count": 0, - "ci_default_git_depth": 50, - "ci_forward_deployment_enabled": true, - "ci_job_token_scope_enabled": false, - "public_jobs": true, - "build_timeout": 3600, - "auto_cancel_pending_pipelines": "enabled", - "ci_config_path": "", - "shared_with_groups": [ - { - "group_id": 12258515, - "group_name": "test-argocd-proton", - "group_full_path": "test-shared-argocd-proton", - "group_access_level": 30, - "expires_at": null - } - ], - "only_allow_merge_if_pipeline_succeeds": false, - "allow_merge_on_skipped_pipeline": null, - "restrict_user_defined_variables": false, - "request_access_enabled": true, - "only_allow_merge_if_all_discussions_are_resolved": false, - "remove_source_branch_after_merge": true, - "printing_merge_request_link_enabled": true, - "merge_method": "merge", - "squash_option": "default_off", - "suggestion_commit_message": null, - "merge_commit_template": null, - "squash_commit_template": null, - "auto_devops_enabled": false, - "auto_devops_deploy_strategy": "continuous", - "autoclose_referenced_issues": true, - "keep_latest_artifact": true, - "runner_token_expiration_interval": null, - "approvals_before_merge": 0, - "mirror": false, - "external_authorization_classification_label": "", - "marked_for_deletion_at": null, - "marked_for_deletion_on": null, - "requirements_enabled": true, - "requirements_access_level": "enabled", - "security_and_compliance_enabled": false, - "compliance_frameworks": [], - "issues_template": null, - "merge_requests_template": null, - "merge_pipelines_enabled": false, - "merge_trains_enabled": false - }]`) - if err != nil { - t.Fail() - } case "/api/v4/projects/27084533/repository/branches/master": fmt.Println("returning") _, err := io.WriteString(w, `{ @@ -877,116 +229,6 @@ func gitlabMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request) { if err != nil { t.Fail() } - case "/api/v4/projects/27084534/repository/branches?per_page=100": - _, err := io.WriteString(w, `[{ - "name": "master", - "commit": { - "id": "8898d7999fc99dd0fd578650b58b244fc63f6b53", - "short_id": "8898d799", - "created_at": "2021-06-04T08:24:44.000+00:00", - "parent_ids": null, - "title": "Merge branch 'pipeline-1317911429' into 'master'", - "message": "Merge branch 'pipeline-1317911429' into 'master'", - "author_name": "Martin Vozník", - "author_email": "martin@voznik.cz", - "authored_date": "2021-06-04T08:24:44.000+00:00", - "committer_name": "Martin Vozník", - "committer_email": "martin@voznik.cz", - "committed_date": "2021-06-04T08:24:44.000+00:00", - "trailers": null, - "web_url": "https://gitlab.com/test-shared-argocd-proton/shared-argocd/-/commit/8898d7999fc99dd0fd578650b58b244fc63f6b53" - }, - "merged": false, - "protected": true, - "developers_can_push": false, - "developers_can_merge": false, - "can_push": false, - "default": true, - "web_url": "https://gitlab.com/test-shared-argocd-proton/shared-argocd/-/tree/master" - }, { - "name": "pipeline-2310077506", - "commit": { - "id": "0f92540e5f396ba960adea4ed0aa905baf3f73d1", - "short_id": "0f92540e", - "created_at": "2021-06-01T18:39:59.000+00:00", - "parent_ids": null, - "title": "[testapp-ci] manifests/demo/test-app.yaml: release v1.0.1", - "message": "[testapp-ci] manifests/demo/test-app.yaml: release v1.0.1", - "author_name": "ci-test-app", - "author_email": "mvoznik+cicd@protonmail.com", - "authored_date": "2021-06-01T18:39:59.000+00:00", - "committer_name": "ci-test-app", - "committer_email": "mvoznik+cicd@protonmail.com", - "committed_date": "2021-06-01T18:39:59.000+00:00", - "trailers": null, - "web_url": "https://gitlab.com/test-shared-argocd-proton/shared-argocd/-/commit/0f92540e5f396ba960adea4ed0aa905baf3f73d1" - }, - "merged": false, - "protected": false, - "developers_can_push": false, - "developers_can_merge": false, - "can_push": false, - "default": false, - "web_url": "https://gitlab.com/test-shared-argocd-proton/shared-argocd/-/tree/pipeline-1310077506" - }]`) - if err != nil { - t.Fail() - } - case "/api/v4/projects/27084538/repository/branches?per_page=100": - _, err := io.WriteString(w, `[{ - "name": "master", - "commit": { - "id": "8898d7999fc99dd0fd578650b58b244fc63f6b58", - "short_id": "8898d801", - "created_at": "2021-06-04T08:24:44.000+00:00", - "parent_ids": null, - "title": "Merge branch 'pipeline-1317911429' into 'master'", - "message": "Merge branch 'pipeline-1317911429' into 'master'", - "author_name": "Martin Vozník", - "author_email": "martin@voznik.cz", - "authored_date": "2021-06-04T08:24:44.000+00:00", - "committer_name": "Martin Vozník", - "committer_email": "martin@voznik.cz", - "committed_date": "2021-06-04T08:24:44.000+00:00", - "trailers": null, - "web_url": "https://gitlab.com/test-argocd-proton/subgroup/argocd-subgroup/-/commit/8898d7999fc99dd0fd578650b58b244fc63f6b53" - }, - "merged": false, - "protected": true, - "developers_can_push": false, - "developers_can_merge": false, - "can_push": false, - "default": true, - "web_url": "https://gitlab.com/test-argocd-proton/subgroup/argocd-subgroup/-/tree/master" - }, { - "name": "pipeline-2310077506", - "commit": { - "id": "0f92540e5f396ba960adea4ed0aa905baf3f73d1", - "short_id": "0f92540e", - "created_at": "2021-06-01T18:39:59.000+00:00", - "parent_ids": null, - "title": "[testapp-ci] manifests/demo/test-app.yaml: release v1.0.1", - "message": "[testapp-ci] manifests/demo/test-app.yaml: release v1.0.1", - "author_name": "ci-test-app", - "author_email": "mvoznik+cicd@protonmail.com", - "authored_date": "2021-06-01T18:39:59.000+00:00", - "committer_name": "ci-test-app", - "committer_email": "mvoznik+cicd@protonmail.com", - "committed_date": "2021-06-01T18:39:59.000+00:00", - "trailers": null, - "web_url": "https://gitlab.com/test-argocd-proton/subgroup/argocd-subgroup/-/commit/0f92540e5f396ba960adea4ed0aa905baf3f73d1" - }, - "merged": false, - "protected": false, - "developers_can_push": false, - "developers_can_merge": false, - "can_push": false, - "default": false, - "web_url": "https://gitlab.com/test-argocd-proton/subgroup/argocd-subgroup/-/tree/pipeline-1310077506" - }]`) - if err != nil { - t.Fail() - } case "/api/v4/projects/test-argocd-proton%2Fargocd": fmt.Println("auct") _, err := io.WriteString(w, `{ @@ -998,12 +240,8 @@ func gitlabMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request) { "path_with_namespace": "test-argocd-proton/argocd", "created_at": "2021-06-01T17:30:44.724Z", "default_branch": "master", - "tag_list": [ - "test-topic" - ], - "topics": [ - "test-topic" - ], + "tag_list": [], + "topics": [], "ssh_url_to_repo": "git@gitlab.com:test-argocd-proton/argocd.git", "http_url_to_repo": "https://gitlab.com/test-argocd-proton/argocd.git", "web_url": "https://gitlab.com/test-argocd-proton/argocd", @@ -1048,10 +286,10 @@ func gitlabMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request) { } func TestGitlabListRepos(t *testing.T) { cases := []struct { - name, proto, url, topic string - hasError, allBranches, includeSubgroups, includeSharedProjects, insecure bool - branches []string - filters []v1alpha1.SCMProviderGeneratorFilter + name, proto, url string + hasError, allBranches, includeSubgroups bool + branches []string + filters []v1alpha1.SCMProviderGeneratorFilter }{ { name: "blank protocol", @@ -1079,66 +317,32 @@ func TestGitlabListRepos(t *testing.T) { url: "git@gitlab.com:test-argocd-proton/argocd.git", branches: []string{"master"}, }, - { - name: "all subgroups", - allBranches: true, - url: "git@gitlab.com:test-argocd-proton/argocd.git", - branches: []string{"master"}, - includeSharedProjects: false, - includeSubgroups: true, - }, - { - name: "all subgroups and shared projects", - allBranches: true, - url: "git@gitlab.com:test-argocd-proton/argocd.git", - branches: []string{"master"}, - includeSharedProjects: true, - includeSubgroups: true, - }, - { - name: "specific topic", - allBranches: true, - url: "git@gitlab.com:test-argocd-proton/argocd.git", - branches: []string{"master"}, - includeSubgroups: false, - topic: "specific-topic", - }, } ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { gitlabMockHandler(t)(w, r) })) for _, c := range cases { t.Run(c.name, func(t *testing.T) { - provider, _ := NewGitlabProvider(context.Background(), "test-argocd-proton", "", ts.URL, c.allBranches, c.includeSubgroups, c.includeSharedProjects, c.insecure, "", c.topic) + provider, _ := NewGitlabProvider(context.Background(), "test-argocd-proton", "", ts.URL, c.allBranches, c.includeSubgroups) rawRepos, err := ListRepos(context.Background(), provider, c.filters, c.proto) if c.hasError { assert.NotNil(t, err) } else { assert.Nil(t, err) - // Just check that this one project shows up. Not a great test but better than nothing? + // Just check that this one project shows up. Not a great test but better thing nothing? repos := []*Repository{} - uniqueRepos := map[string]int{} branches := []string{} for _, r := range rawRepos { if r.Repository == "argocd" { repos = append(repos, r) branches = append(branches, r.Branch) } - uniqueRepos[r.Repository]++ } assert.NotEmpty(t, repos) assert.Equal(t, c.url, repos[0].URL) for _, b := range c.branches { assert.Contains(t, branches, b) } - // In case of listing subgroups, validate the number of returned projects - if c.includeSubgroups || c.includeSharedProjects { - assert.Equal(t, 2, len(uniqueRepos)) - } - // In case we filter on the topic, ensure we got only one repo returned - if c.topic != "" { - assert.Equal(t, 1, len(uniqueRepos)) - } } }) } @@ -1148,7 +352,7 @@ func TestGitlabHasPath(t *testing.T) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { gitlabMockHandler(t)(w, r) })) - host, _ := NewGitlabProvider(context.Background(), "test-argocd-proton", "", ts.URL, false, true, true, false, "", "") + host, _ := NewGitlabProvider(context.Background(), "test-argocd-proton", "", ts.URL, false, true) repo := &Repository{ Organization: "test-argocd-proton", Repository: "argocd", @@ -1194,7 +398,7 @@ func TestGitlabGetBranches(t *testing.T) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { gitlabMockHandler(t)(w, r) })) - host, _ := NewGitlabProvider(context.Background(), "test-argocd-proton", "", ts.URL, false, true, true, false, "", "") + host, _ := NewGitlabProvider(context.Background(), "test-argocd-proton", "", ts.URL, false, true) repo := &Repository{ RepositoryId: 27084533, diff --git a/applicationset/utils/clusterUtils.go b/applicationset/utils/clusterUtils.go index ee9832f533e5e..e06d7b39fac50 100644 --- a/applicationset/utils/clusterUtils.go +++ b/applicationset/utils/clusterUtils.go @@ -50,10 +50,10 @@ const ( // ValidateDestination checks: // if we used destination name we infer the server url // if we used both name and server then we return an invalid spec error -func ValidateDestination(ctx context.Context, dest *appv1.ApplicationDestination, clientset kubernetes.Interface, argoCDNamespace string) error { +func ValidateDestination(ctx context.Context, dest *appv1.ApplicationDestination, clientset kubernetes.Interface, namespace string) error { if dest.Name != "" { if dest.Server == "" { - server, err := getDestinationServer(ctx, dest.Name, clientset, argoCDNamespace) + server, err := getDestinationServer(ctx, dest.Name, clientset, namespace) if err != nil { return fmt.Errorf("unable to find destination server: %v", err) } @@ -70,11 +70,11 @@ func ValidateDestination(ctx context.Context, dest *appv1.ApplicationDestination return nil } -func getDestinationServer(ctx context.Context, clusterName string, clientset kubernetes.Interface, argoCDNamespace string) (string, error) { +func getDestinationServer(ctx context.Context, clusterName string, clientset kubernetes.Interface, namespace string) (string, error) { // settingsMgr := settings.NewSettingsManager(context.TODO(), clientset, namespace) // argoDB := db.NewDB(namespace, settingsMgr, clientset) // clusterList, err := argoDB.ListClusters(ctx) - clusterList, err := ListClusters(ctx, clientset, argoCDNamespace) + clusterList, err := ListClusters(ctx, clientset, namespace) if err != nil { return "", err } diff --git a/applicationset/utils/policy.go b/applicationset/utils/policy.go index a06509265a540..926a50926cd05 100644 --- a/applicationset/utils/policy.go +++ b/applicationset/utils/policy.go @@ -1,22 +1,55 @@ package utils -import ( - argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" -) +// Policy allows to apply different rules to a set of changes. +type Policy interface { + Update() bool + Delete() bool +} // Policies is a registry of available policies. -var Policies = map[string]argov1alpha1.ApplicationsSyncPolicy{ - "create-only": argov1alpha1.ApplicationsSyncPolicyCreateOnly, - "create-update": argov1alpha1.ApplicationsSyncPolicyCreateUpdate, - "create-delete": argov1alpha1.ApplicationsSyncPolicyCreateDelete, - "sync": argov1alpha1.ApplicationsSyncPolicySync, - // Default is "sync" - "": argov1alpha1.ApplicationsSyncPolicySync, -} - -func DefaultPolicy(appSetSyncPolicy *argov1alpha1.ApplicationSetSyncPolicy, controllerPolicy argov1alpha1.ApplicationsSyncPolicy, enablePolicyOverride bool) argov1alpha1.ApplicationsSyncPolicy { - if appSetSyncPolicy == nil || appSetSyncPolicy.ApplicationsSync == nil || !enablePolicyOverride { - return controllerPolicy - } - return *appSetSyncPolicy.ApplicationsSync +var Policies = map[string]Policy{ + "sync": &SyncPolicy{}, + "create-only": &CreateOnlyPolicy{}, + "create-update": &CreateUpdatePolicy{}, + "create-delete": &CreateDeletePolicy{}, +} + +type SyncPolicy struct{} + +func (p *SyncPolicy) Update() bool { + return true +} + +func (p *SyncPolicy) Delete() bool { + return true +} + +type CreateUpdatePolicy struct{} + +func (p *CreateUpdatePolicy) Update() bool { + return true +} + +func (p *CreateUpdatePolicy) Delete() bool { + return false +} + +type CreateOnlyPolicy struct{} + +func (p *CreateOnlyPolicy) Update() bool { + return false +} + +func (p *CreateOnlyPolicy) Delete() bool { + return false +} + +type CreateDeletePolicy struct{} + +func (p *CreateDeletePolicy) Update() bool { + return false +} + +func (p *CreateDeletePolicy) Delete() bool { + return true } diff --git a/applicationset/utils/test/testutils.go b/applicationset/utils/test/testutils.go new file mode 100644 index 0000000000000..896ac75e274d3 --- /dev/null +++ b/applicationset/utils/test/testutils.go @@ -0,0 +1,34 @@ +package test + +import ( + "context" + + "github.com/stretchr/testify/mock" +) + +type ArgoCDServiceMock struct { + Mock *mock.Mock +} + +func (a ArgoCDServiceMock) GetApps(ctx context.Context, repoURL string, revision string) ([]string, error) { + args := a.Mock.Called(ctx, repoURL, revision) + + return args.Get(0).([]string), args.Error(1) +} + +func (a ArgoCDServiceMock) GetFiles(ctx context.Context, repoURL string, revision string, pattern string) (map[string][]byte, error) { + args := a.Mock.Called(ctx, repoURL, revision, pattern) + + return args.Get(0).(map[string][]byte), args.Error(1) +} + +func (a ArgoCDServiceMock) GetFileContent(ctx context.Context, repoURL string, revision string, path string) ([]byte, error) { + args := a.Mock.Called(ctx, repoURL, revision, path) + + return args.Get(0).([]byte), args.Error(1) +} + +func (a ArgoCDServiceMock) GetDirectories(ctx context.Context, repoURL string, revision string) ([]string, error) { + args := a.Mock.Called(ctx, repoURL, revision) + return args.Get(0).([]string), args.Error(1) +} diff --git a/applicationset/utils/utils.go b/applicationset/utils/utils.go index 264c18cda9811..62d39299281e2 100644 --- a/applicationset/utils/utils.go +++ b/applicationset/utils/utils.go @@ -2,12 +2,9 @@ package utils import ( "bytes" - "crypto/tls" - "crypto/x509" "encoding/json" "fmt" "io" - "os" "reflect" "regexp" "sort" @@ -17,7 +14,6 @@ import ( "github.com/Masterminds/sprig/v3" "github.com/valyala/fasttemplate" - "sigs.k8s.io/yaml" log "github.com/sirupsen/logrus" @@ -35,7 +31,7 @@ func init() { } type Renderer interface { - RenderTemplateParams(tmpl *argoappsv1.Application, syncPolicy *argoappsv1.ApplicationSetSyncPolicy, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (*argoappsv1.Application, error) + RenderTemplateParams(tmpl *argoappsv1.Application, syncPolicy *argoappsv1.ApplicationSetSyncPolicy, params map[string]interface{}, useGoTemplate bool) (*argoappsv1.Application, error) } type Render struct { @@ -52,25 +48,9 @@ func copyUnexported(copy, original reflect.Value) { copyValueIntoUnexported(copy, unexported) } -func IsJSONStr(str string) bool { - str = strings.TrimSpace(str) - return len(str) > 0 && str[0] == '{' -} - -func ConvertYAMLToJSON(str string) (string, error) { - if !IsJSONStr(str) { - jsonStr, err := yaml.YAMLToJSON([]byte(str)) - if err != nil { - return str, err - } - return string(jsonStr), nil - } - return str, nil -} - // This function is in charge of searching all String fields of the object recursively and apply templating // thanks to https://gist.github.com/randallmlough/1fd78ec8a1034916ca52281e3b886dc7 -func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) error { +func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[string]interface{}, useGoTemplate bool) error { switch original.Kind() { // The first cases handle nested structures and translate them recursively // If it is a pointer we need to unwrap and call once again @@ -90,8 +70,7 @@ func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[stri copyUnexported(copy, original) } // Unwrap the newly created pointer - if err := r.deeplyReplace(copy.Elem(), originalValue, replaceMap, useGoTemplate, goTemplateOptions); err != nil { - // Not wrapping the error, since this is a recursive function. Avoids excessively long error messages. + if err := r.deeplyReplace(copy.Elem(), originalValue, replaceMap, useGoTemplate); err != nil { return err } @@ -104,19 +83,11 @@ func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[stri originalValue := original.Elem() // Create a new object. Now new gives us a pointer, but we want the value it // points to, so we have to call Elem() to unwrap it - - if originalValue.IsValid() { - reflectType := originalValue.Type() - - reflectValue := reflect.New(reflectType) - - copyValue := reflectValue.Elem() - if err := r.deeplyReplace(copyValue, originalValue, replaceMap, useGoTemplate, goTemplateOptions); err != nil { - // Not wrapping the error, since this is a recursive function. Avoids excessively long error messages. - return err - } - copy.Set(copyValue) + copyValue := reflect.New(originalValue.Type()).Elem() + if err := r.deeplyReplace(copyValue, originalValue, replaceMap, useGoTemplate); err != nil { + return err } + copy.Set(copyValue) // If it is a struct we translate each field case reflect.Struct: @@ -125,20 +96,16 @@ func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[stri // specific case time if currentType == "time.Time" { copy.Field(i).Set(original.Field(i)) - } else if currentType == "Raw.k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" || currentType == "Raw.k8s.io/apimachinery/pkg/runtime" { + } else if currentType == "Raw.k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" { var unmarshaled interface{} originalBytes := original.Field(i).Bytes() - convertedToJson, err := ConvertYAMLToJSON(string(originalBytes)) - if err != nil { - return fmt.Errorf("error while converting template to json %q: %w", convertedToJson, err) - } - err = json.Unmarshal([]byte(convertedToJson), &unmarshaled) + err := json.Unmarshal(originalBytes, &unmarshaled) if err != nil { return fmt.Errorf("failed to unmarshal JSON field: %w", err) } jsonOriginal := reflect.ValueOf(&unmarshaled) jsonCopy := reflect.New(jsonOriginal.Type()).Elem() - err = r.deeplyReplace(jsonCopy, jsonOriginal, replaceMap, useGoTemplate, goTemplateOptions) + err = r.deeplyReplace(jsonCopy, jsonOriginal, replaceMap, useGoTemplate) if err != nil { return fmt.Errorf("failed to deeply replace JSON field contents: %w", err) } @@ -148,8 +115,7 @@ func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[stri return fmt.Errorf("failed to marshal templated JSON field: %w", err) } copy.Field(i).Set(reflect.ValueOf(data)) - } else if err := r.deeplyReplace(copy.Field(i), original.Field(i), replaceMap, useGoTemplate, goTemplateOptions); err != nil { - // Not wrapping the error, since this is a recursive function. Avoids excessively long error messages. + } else if err := r.deeplyReplace(copy.Field(i), original.Field(i), replaceMap, useGoTemplate); err != nil { return err } } @@ -163,8 +129,7 @@ func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[stri } for i := 0; i < original.Len(); i += 1 { - if err := r.deeplyReplace(copy.Index(i), original.Index(i), replaceMap, useGoTemplate, goTemplateOptions); err != nil { - // Not wrapping the error, since this is a recursive function. Avoids excessively long error messages. + if err := r.deeplyReplace(copy.Index(i), original.Index(i), replaceMap, useGoTemplate); err != nil { return err } } @@ -178,22 +143,20 @@ func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[stri } for _, key := range original.MapKeys() { originalValue := original.MapIndex(key) - if originalValue.Kind() != reflect.String && isNillable(originalValue) && originalValue.IsNil() { + if originalValue.Kind() != reflect.String && originalValue.IsNil() { continue } // New gives us a pointer, but again we want the value copyValue := reflect.New(originalValue.Type()).Elem() - if err := r.deeplyReplace(copyValue, originalValue, replaceMap, useGoTemplate, goTemplateOptions); err != nil { - // Not wrapping the error, since this is a recursive function. Avoids excessively long error messages. + if err := r.deeplyReplace(copyValue, originalValue, replaceMap, useGoTemplate); err != nil { return err } // Keys can be templated as well as values (e.g. to template something into an annotation). if key.Kind() == reflect.String { - templatedKey, err := r.Replace(key.String(), replaceMap, useGoTemplate, goTemplateOptions) + templatedKey, err := r.Replace(key.String(), replaceMap, useGoTemplate) if err != nil { - // Not wrapping the error, since this is a recursive function. Avoids excessively long error messages. return err } key = reflect.ValueOf(templatedKey) @@ -206,9 +169,8 @@ func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[stri // If it is a string translate it (yay finally we're doing what we came for) case reflect.String: strToTemplate := original.String() - templated, err := r.Replace(strToTemplate, replaceMap, useGoTemplate, goTemplateOptions) + templated, err := r.Replace(strToTemplate, replaceMap, useGoTemplate) if err != nil { - // Not wrapping the error, since this is a recursive function. Avoids excessively long error messages. return err } if copy.CanSet() { @@ -229,17 +191,7 @@ func (r *Render) deeplyReplace(copy, original reflect.Value, replaceMap map[stri return nil } -// isNillable returns true if the value is something which may be set to nil. This function is meant to guard against a -// panic from calling IsNil on a non-pointer type. -func isNillable(v reflect.Value) bool { - switch v.Kind() { - case reflect.Map, reflect.Pointer, reflect.UnsafePointer, reflect.Interface, reflect.Slice: - return true - } - return false -} - -func (r *Render) RenderTemplateParams(tmpl *argoappsv1.Application, syncPolicy *argoappsv1.ApplicationSetSyncPolicy, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (*argoappsv1.Application, error) { +func (r *Render) RenderTemplateParams(tmpl *argoappsv1.Application, syncPolicy *argoappsv1.ApplicationSetSyncPolicy, params map[string]interface{}, useGoTemplate bool) (*argoappsv1.Application, error) { if tmpl == nil { return nil, fmt.Errorf("application template is empty") } @@ -251,7 +203,7 @@ func (r *Render) RenderTemplateParams(tmpl *argoappsv1.Application, syncPolicy * original := reflect.ValueOf(tmpl) copy := reflect.New(original.Type()).Elem() - if err := r.deeplyReplace(copy, original, params, useGoTemplate, goTemplateOptions); err != nil { + if err := r.deeplyReplace(copy, original, params, useGoTemplate); err != nil { return nil, err } @@ -271,7 +223,7 @@ func (r *Render) RenderTemplateParams(tmpl *argoappsv1.Application, syncPolicy * return replacedTmpl, nil } -func (r *Render) RenderGeneratorParams(gen *argoappsv1.ApplicationSetGenerator, params map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (*argoappsv1.ApplicationSetGenerator, error) { +func (r *Render) RenderGeneratorParams(gen *argoappsv1.ApplicationSetGenerator, params map[string]interface{}, useGoTemplate bool) (*argoappsv1.ApplicationSetGenerator, error) { if gen == nil { return nil, fmt.Errorf("generator is empty") } @@ -283,7 +235,7 @@ func (r *Render) RenderGeneratorParams(gen *argoappsv1.ApplicationSetGenerator, original := reflect.ValueOf(gen) copy := reflect.New(original.Type()).Elem() - if err := r.deeplyReplace(copy, original, params, useGoTemplate, goTemplateOptions); err != nil { + if err := r.deeplyReplace(copy, original, params, useGoTemplate); err != nil { return nil, fmt.Errorf("failed to replace parameters in generator: %w", err) } @@ -296,15 +248,12 @@ var isTemplatedRegex = regexp.MustCompile(".*{{.*}}.*") // Replace executes basic string substitution of a template with replacement values. // remaining in the substituted template. -func (r *Render) Replace(tmpl string, replaceMap map[string]interface{}, useGoTemplate bool, goTemplateOptions []string) (string, error) { +func (r *Render) Replace(tmpl string, replaceMap map[string]interface{}, useGoTemplate bool) (string, error) { if useGoTemplate { template, err := template.New("").Funcs(sprigFuncMap).Parse(tmpl) if err != nil { return "", fmt.Errorf("failed to parse template %s: %w", tmpl, err) } - for _, option := range goTemplateOptions { - template = template.Option(option) - } var replacedTmplBuffer bytes.Buffer if err = template.Execute(&replacedTmplBuffer, replaceMap); err != nil { @@ -447,38 +396,3 @@ func SanitizeName(name string) string { return strings.Trim(name, "-.") } - -func getTlsConfigWithCACert(scmRootCAPath string) *tls.Config { - - tlsConfig := &tls.Config{} - - if scmRootCAPath != "" { - _, err := os.Stat(scmRootCAPath) - if os.IsNotExist(err) { - log.Errorf("scmRootCAPath '%s' specified does not exist: %s", scmRootCAPath, err) - return tlsConfig - } - rootCA, err := os.ReadFile(scmRootCAPath) - if err != nil { - log.Errorf("error reading certificate from file '%s', proceeding without custom rootCA : %s", scmRootCAPath, err) - return tlsConfig - } - certPool := x509.NewCertPool() - ok := certPool.AppendCertsFromPEM([]byte(rootCA)) - if !ok { - log.Errorf("failed to append certificates from PEM: proceeding without custom rootCA") - } else { - tlsConfig.RootCAs = certPool - } - } - return tlsConfig -} - -func GetTlsConfig(scmRootCAPath string, insecure bool) *tls.Config { - tlsConfig := getTlsConfigWithCACert(scmRootCAPath) - - if insecure { - tlsConfig.InsecureSkipVerify = true - } - return tlsConfig -} diff --git a/applicationset/utils/utils_test.go b/applicationset/utils/utils_test.go index cfabd9ce088c0..31c7cb34a5148 100644 --- a/applicationset/utils/utils_test.go +++ b/applicationset/utils/utils_test.go @@ -1,10 +1,6 @@ package utils import ( - "crypto/x509" - "encoding/json" - "os" - "path" "testing" "time" @@ -12,11 +8,11 @@ import ( logtest "github.com/sirupsen/logrus/hooks/test" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" + argoappsetv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" argoappsv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) @@ -178,7 +174,7 @@ func TestRenderTemplateParams(t *testing.T) { // Render the cloned application, into a new application render := Render{} - newApplication, err := render.RenderTemplateParams(application, nil, test.params, false, nil) + newApplication, err := render.RenderTemplateParams(application, nil, test.params, false) // Retrieve the value of the target field from the newApplication, then verify that // the target field has been templated into the expected value @@ -199,113 +195,6 @@ func TestRenderTemplateParams(t *testing.T) { } -func TestRenderHelmValuesObjectJson(t *testing.T) { - - params := map[string]interface{}{ - "test": "Hello world", - } - - application := &argoappsv1.Application{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{"annotation-key": "annotation-value", "annotation-key2": "annotation-value2"}, - Labels: map[string]string{"label-key": "label-value", "label-key2": "label-value2"}, - CreationTimestamp: metav1.NewTime(time.Now()), - UID: types.UID("d546da12-06b7-4f9a-8ea2-3adb16a20e2b"), - Name: "application-one", - Namespace: "default", - }, - Spec: argoappsv1.ApplicationSpec{ - Source: &argoappsv1.ApplicationSource{ - Path: "", - RepoURL: "", - TargetRevision: "", - Chart: "", - Helm: &argoappsv1.ApplicationSourceHelm{ - ValuesObject: &runtime.RawExtension{ - Raw: []byte(`{ - "some": { - "string": "{{.test}}" - } - }`), - }, - }, - }, - Destination: argoappsv1.ApplicationDestination{ - Server: "", - Namespace: "", - Name: "", - }, - Project: "", - }, - } - - // Render the cloned application, into a new application - render := Render{} - newApplication, err := render.RenderTemplateParams(application, nil, params, true, []string{}) - - assert.NoError(t, err) - assert.NotNil(t, newApplication) - - var unmarshaled interface{} - err = json.Unmarshal(newApplication.Spec.Source.Helm.ValuesObject.Raw, &unmarshaled) - - assert.NoError(t, err) - assert.Equal(t, unmarshaled.(map[string]interface{})["some"].(map[string]interface{})["string"], "Hello world") - -} - -func TestRenderHelmValuesObjectYaml(t *testing.T) { - - params := map[string]interface{}{ - "test": "Hello world", - } - - application := &argoappsv1.Application{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{"annotation-key": "annotation-value", "annotation-key2": "annotation-value2"}, - Labels: map[string]string{"label-key": "label-value", "label-key2": "label-value2"}, - CreationTimestamp: metav1.NewTime(time.Now()), - UID: types.UID("d546da12-06b7-4f9a-8ea2-3adb16a20e2b"), - Name: "application-one", - Namespace: "default", - }, - Spec: argoappsv1.ApplicationSpec{ - Source: &argoappsv1.ApplicationSource{ - Path: "", - RepoURL: "", - TargetRevision: "", - Chart: "", - Helm: &argoappsv1.ApplicationSourceHelm{ - ValuesObject: &runtime.RawExtension{ - Raw: []byte(`some: - string: "{{.test}}"`), - }, - }, - }, - Destination: argoappsv1.ApplicationDestination{ - Server: "", - Namespace: "", - Name: "", - }, - Project: "", - }, - } - - // Render the cloned application, into a new application - render := Render{} - newApplication, err := render.RenderTemplateParams(application, nil, params, true, []string{}) - - assert.NoError(t, err) - assert.NotNil(t, newApplication) - - var unmarshaled interface{} - err = json.Unmarshal(newApplication.Spec.Source.Helm.ValuesObject.Raw, &unmarshaled) - - assert.NoError(t, err) - assert.Equal(t, unmarshaled.(map[string]interface{})["some"].(map[string]interface{})["string"], "Hello world") - -} - func TestRenderTemplateParamsGoTemplate(t *testing.T) { // Believe it or not, this is actually less complex than the equivalent solution using reflection @@ -347,12 +236,11 @@ func TestRenderTemplateParamsGoTemplate(t *testing.T) { } tests := []struct { - name string - fieldVal string - params map[string]interface{} - expectedVal string - errorMessage string - templateOptions []string + name string + fieldVal string + params map[string]interface{} + expectedVal string + errorMessage string }{ { name: "simple substitution", @@ -535,26 +423,6 @@ func TestRenderTemplateParamsGoTemplate(t *testing.T) { }, errorMessage: `failed to execute go template {{.data.test}}: template: :1:7: executing "" at <.data.test>: can't evaluate field test in type interface {}`, }, - { - name: "lookup missing value with missingkey=default", - fieldVal: `--> {{.doesnotexist}} <--`, - expectedVal: `--> <--`, - params: map[string]interface{}{ - // if no params are passed then for some reason templating is skipped - "unused": "this is not used", - }, - }, - { - name: "lookup missing value with missingkey=error", - fieldVal: `--> {{.doesnotexist}} <--`, - expectedVal: "", - params: map[string]interface{}{ - // if no params are passed then for some reason templating is skipped - "unused": "this is not used", - }, - templateOptions: []string{"missingkey=error"}, - errorMessage: `failed to execute go template --> {{.doesnotexist}} <--: template: :1:6: executing "" at <.doesnotexist>: map has no entry for key "doesnotexist"`, - }, } for _, test := range tests { @@ -571,7 +439,7 @@ func TestRenderTemplateParamsGoTemplate(t *testing.T) { // Render the cloned application, into a new application render := Render{} - newApplication, err := render.RenderTemplateParams(application, nil, test.params, true, test.templateOptions) + newApplication, err := render.RenderTemplateParams(application, nil, test.params, true) // Retrieve the value of the target field from the newApplication, then verify that // the target field has been templated into the expected value @@ -596,32 +464,12 @@ func TestRenderTemplateParamsGoTemplate(t *testing.T) { } } -func TestRenderGeneratorParams_does_not_panic(t *testing.T) { - // This test verifies that the RenderGeneratorParams function does not panic when the value in a map is a non- - // nillable type. This is a regression test. - render := Render{} - params := map[string]interface{}{ - "branch": "master", - } - generator := &argoappsv1.ApplicationSetGenerator{ - Plugin: &argoappsv1.PluginGenerator{ - ConfigMapRef: argoappsv1.PluginConfigMapRef{ - Name: "cm-plugin", - }, - Input: argoappsv1.PluginInput{ - Parameters: map[string]apiextensionsv1.JSON{ - "branch": { - Raw: []byte(`"{{.branch}}"`), - }, - "repo": { - Raw: []byte(`"argo-test"`), - }, - }, - }, - }, - } - _, err := render.RenderGeneratorParams(generator, params, true, []string{}) - assert.NoError(t, err) +func Test_Render_Replace_no_panic_on_missing_closing_brace(t *testing.T) { + r := &Render{} + assert.NotPanics(t, func() { + _, err := r.Replace("{{properly.closed}} {{improperly.closed}", nil, false) + assert.Error(t, err) + }) } func TestRenderTemplateKeys(t *testing.T) { @@ -640,7 +488,7 @@ func TestRenderTemplateKeys(t *testing.T) { } render := Render{} - newApplication, err := render.RenderTemplateParams(application, nil, params, false, nil) + newApplication, err := render.RenderTemplateParams(application, nil, params, false) require.NoError(t, err) require.Contains(t, newApplication.ObjectMeta.Annotations, "annotation-some-key") assert.Equal(t, newApplication.ObjectMeta.Annotations["annotation-some-key"], "annotation-some-value") @@ -660,21 +508,13 @@ func TestRenderTemplateKeys(t *testing.T) { } render := Render{} - newApplication, err := render.RenderTemplateParams(application, nil, params, true, nil) + newApplication, err := render.RenderTemplateParams(application, nil, params, true) require.NoError(t, err) require.Contains(t, newApplication.ObjectMeta.Annotations, "annotation-some-key") assert.Equal(t, newApplication.ObjectMeta.Annotations["annotation-some-key"], "annotation-some-value") }) } -func Test_Render_Replace_no_panic_on_missing_closing_brace(t *testing.T) { - r := &Render{} - assert.NotPanics(t, func() { - _, err := r.Replace("{{properly.closed}} {{improperly.closed}", nil, false, []string{}) - assert.Error(t, err) - }) -} - func TestRenderTemplateParamsFinalizers(t *testing.T) { emptyApplication := &argoappsv1.Application{ @@ -696,7 +536,7 @@ func TestRenderTemplateParamsFinalizers(t *testing.T) { for _, c := range []struct { testName string - syncPolicy *argoappsv1.ApplicationSetSyncPolicy + syncPolicy *argoappsetv1.ApplicationSetSyncPolicy existingFinalizers []string expectedFinalizers []string }{ @@ -735,13 +575,13 @@ func TestRenderTemplateParamsFinalizers(t *testing.T) { { testName: "non-nil sync policy should use standard finalizer", existingFinalizers: nil, - syncPolicy: &argoappsv1.ApplicationSetSyncPolicy{}, + syncPolicy: &argoappsetv1.ApplicationSetSyncPolicy{}, expectedFinalizers: []string{"resources-finalizer.argocd.argoproj.io"}, }, { testName: "preserveResourcesOnDeletion should not have a finalizer", existingFinalizers: nil, - syncPolicy: &argoappsv1.ApplicationSetSyncPolicy{ + syncPolicy: &argoappsetv1.ApplicationSetSyncPolicy{ PreserveResourcesOnDeletion: true, }, expectedFinalizers: nil, @@ -749,7 +589,7 @@ func TestRenderTemplateParamsFinalizers(t *testing.T) { { testName: "user-specified finalizer should overwrite preserveResourcesOnDeletion", existingFinalizers: []string{"resources-finalizer.argocd.argoproj.io/background"}, - syncPolicy: &argoappsv1.ApplicationSetSyncPolicy{ + syncPolicy: &argoappsetv1.ApplicationSetSyncPolicy{ PreserveResourcesOnDeletion: true, }, expectedFinalizers: []string{"resources-finalizer.argocd.argoproj.io/background"}, @@ -769,7 +609,7 @@ func TestRenderTemplateParamsFinalizers(t *testing.T) { // Render the cloned application, into a new application render := Render{} - res, err := render.RenderTemplateParams(application, c.syncPolicy, params, true, nil) + res, err := render.RenderTemplateParams(application, c.syncPolicy, params, true) assert.Nil(t, err) assert.ElementsMatch(t, res.Finalizers, c.expectedFinalizers) @@ -783,27 +623,27 @@ func TestRenderTemplateParamsFinalizers(t *testing.T) { func TestCheckInvalidGenerators(t *testing.T) { scheme := runtime.NewScheme() - err := argoappsv1.AddToScheme(scheme) + err := argoappsetv1.AddToScheme(scheme) assert.Nil(t, err) err = argoappsv1.AddToScheme(scheme) assert.Nil(t, err) for _, c := range []struct { testName string - appSet argoappsv1.ApplicationSet + appSet argoappsetv1.ApplicationSet expectedMsg string }{ { testName: "invalid generator, without annotation", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "test-app-set", Namespace: "namespace", }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { - List: &argoappsv1.ListGenerator{}, + List: &argoappsetv1.ListGenerator{}, Clusters: nil, Git: nil, }, @@ -815,7 +655,7 @@ func TestCheckInvalidGenerators(t *testing.T) { { List: nil, Clusters: nil, - Git: &argoappsv1.GitGenerator{}, + Git: &argoappsetv1.GitGenerator{}, }, }, }, @@ -824,7 +664,7 @@ func TestCheckInvalidGenerators(t *testing.T) { }, { testName: "invalid generator, with annotation", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "test-app-set", Namespace: "namespace", @@ -841,10 +681,10 @@ func TestCheckInvalidGenerators(t *testing.T) { }`, }, }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { - List: &argoappsv1.ListGenerator{}, + List: &argoappsetv1.ListGenerator{}, Clusters: nil, Git: nil, }, @@ -856,7 +696,7 @@ func TestCheckInvalidGenerators(t *testing.T) { { List: nil, Clusters: nil, - Git: &argoappsv1.GitGenerator{}, + Git: &argoappsetv1.GitGenerator{}, }, { List: nil, @@ -887,20 +727,20 @@ func TestCheckInvalidGenerators(t *testing.T) { func TestInvalidGenerators(t *testing.T) { scheme := runtime.NewScheme() - err := argoappsv1.AddToScheme(scheme) + err := argoappsetv1.AddToScheme(scheme) assert.Nil(t, err) err = argoappsv1.AddToScheme(scheme) assert.Nil(t, err) for _, c := range []struct { testName string - appSet argoappsv1.ApplicationSet + appSet argoappsetv1.ApplicationSet expectedInvalid bool expectedNames map[string]bool }{ { testName: "valid generators, with annotation", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "name", Namespace: "namespace", @@ -916,22 +756,22 @@ func TestInvalidGenerators(t *testing.T) { }`, }, }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { - List: &argoappsv1.ListGenerator{}, + List: &argoappsetv1.ListGenerator{}, Clusters: nil, Git: nil, }, { List: nil, - Clusters: &argoappsv1.ClusterGenerator{}, + Clusters: &argoappsetv1.ClusterGenerator{}, Git: nil, }, { List: nil, Clusters: nil, - Git: &argoappsv1.GitGenerator{}, + Git: &argoappsetv1.GitGenerator{}, }, }, }, @@ -941,13 +781,13 @@ func TestInvalidGenerators(t *testing.T) { }, { testName: "invalid generators, no annotation", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "name", Namespace: "namespace", }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { List: nil, Clusters: nil, @@ -966,16 +806,16 @@ func TestInvalidGenerators(t *testing.T) { }, { testName: "valid and invalid generators, no annotation", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "name", Namespace: "namespace", }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { List: nil, - Clusters: &argoappsv1.ClusterGenerator{}, + Clusters: &argoappsetv1.ClusterGenerator{}, Git: nil, }, { @@ -986,7 +826,7 @@ func TestInvalidGenerators(t *testing.T) { { List: nil, Clusters: nil, - Git: &argoappsv1.GitGenerator{}, + Git: &argoappsetv1.GitGenerator{}, }, }, }, @@ -996,7 +836,7 @@ func TestInvalidGenerators(t *testing.T) { }, { testName: "valid and invalid generators, with annotation", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "name", Namespace: "namespace", @@ -1013,11 +853,11 @@ func TestInvalidGenerators(t *testing.T) { }`, }, }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { List: nil, - Clusters: &argoappsv1.ClusterGenerator{}, + Clusters: &argoappsetv1.ClusterGenerator{}, Git: nil, }, { @@ -1028,7 +868,7 @@ func TestInvalidGenerators(t *testing.T) { { List: nil, Clusters: nil, - Git: &argoappsv1.GitGenerator{}, + Git: &argoappsetv1.GitGenerator{}, }, { List: nil, @@ -1046,7 +886,7 @@ func TestInvalidGenerators(t *testing.T) { }, { testName: "invalid generator, annotation with missing spec", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "name", Namespace: "namespace", @@ -1055,8 +895,8 @@ func TestInvalidGenerators(t *testing.T) { }`, }, }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { List: nil, Clusters: nil, @@ -1070,7 +910,7 @@ func TestInvalidGenerators(t *testing.T) { }, { testName: "invalid generator, annotation with missing generators array", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "name", Namespace: "namespace", @@ -1081,8 +921,8 @@ func TestInvalidGenerators(t *testing.T) { }`, }, }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { List: nil, Clusters: nil, @@ -1096,7 +936,7 @@ func TestInvalidGenerators(t *testing.T) { }, { testName: "invalid generator, annotation with empty generators array", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "name", Namespace: "namespace", @@ -1109,8 +949,8 @@ func TestInvalidGenerators(t *testing.T) { }`, }, }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { List: nil, Clusters: nil, @@ -1124,7 +964,7 @@ func TestInvalidGenerators(t *testing.T) { }, { testName: "invalid generator, annotation with empty generator", - appSet: argoappsv1.ApplicationSet{ + appSet: argoappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "name", Namespace: "namespace", @@ -1138,8 +978,8 @@ func TestInvalidGenerators(t *testing.T) { }`, }, }, - Spec: argoappsv1.ApplicationSetSpec{ - Generators: []argoappsv1.ApplicationSetGenerator{ + Spec: argoappsetv1.ApplicationSetSpec{ + Generators: []argoappsetv1.ApplicationSetGenerator{ { List: nil, Clusters: nil, @@ -1184,92 +1024,3 @@ func TestNormalizeBitbucketBasePath(t *testing.T) { assert.Equal(t, c.expectedBasePath, result, c.testName) } } - -func TestGetTLSConfig(t *testing.T) { - // certParsed, err := tls.X509KeyPair(test.Cert, test.PrivateKey) - // require.NoError(t, err) - - temppath := t.TempDir() - cert := ` ------BEGIN CERTIFICATE----- -MIIFvTCCA6WgAwIBAgIUGrTmW3qc39zqnE08e3qNDhUkeWswDQYJKoZIhvcNAQEL -BQAwbjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAklMMRAwDgYDVQQHDAdDaGljYWdv -MRQwEgYDVQQKDAtDYXBvbmUsIEluYzEQMA4GA1UECwwHU3BlY09wczEYMBYGA1UE -AwwPZm9vLmV4YW1wbGUuY29tMB4XDTE5MDcwODEzNTUwNVoXDTIwMDcwNzEzNTUw -NVowbjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAklMMRAwDgYDVQQHDAdDaGljYWdv -MRQwEgYDVQQKDAtDYXBvbmUsIEluYzEQMA4GA1UECwwHU3BlY09wczEYMBYGA1UE -AwwPZm9vLmV4YW1wbGUuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC -AgEA3csSO13w7qQXKeSLNcpeuAe6wAjXYbRkRl6ariqzTEDcFTKmy2QiXJTKoEGn -bvwxq0T91var7rxY88SGL/qi8Zmo0tVSR0XvKSKcghFIkQOTyDmVgMPZGCvixt4q -gQ7hUVSk4KkFmtcqBVuvnzI1d/DKfZAGKdmGcfRpuAsnVhac3swP0w4Tl1BFrK9U -vuIkz4KwXG77s5oB8rMUnyuLasLsGNpvpvXhkcQRhp6vpcCO2bS7kOTTelAPIucw -P37qkOEdZdiWCLrr57dmhg6tmcVlmBMg6JtmfLxn2HQd9ZrCKlkWxMk5NYs6CAW5 -kgbDZUWQTAsnHeoJKbcgtPkIbxDRxNpPukFMtbA4VEWv1EkODXy9FyEKDOI/PV6K -/80oLkgCIhCkP2mvwSFheU0RHTuZ0o0vVolP5TEOq5iufnDN4wrxqb12o//XLRc0 -RiLqGVVxhFdyKCjVxcLfII9AAp5Tse4PMh6bf6jDfB3OMvGkhMbJWhKXdR2NUTl0 -esKawMPRXIn5g3oBdNm8kyRsTTnvB567pU8uNSmA8j3jxfGCPynI8JdiwKQuW/+P -WgLIflgxqAfG85dVVOsFmF9o5o24dDslvv9yHnHH102c6ijPCg1EobqlyFzqqxOD -Wf2OPjIkzoTH+O27VRugnY/maIU1nshNO7ViRX5zIxEUtNMCAwEAAaNTMFEwHQYD -VR0OBBYEFNY4gDLgPBidogkmpO8nq5yAq5g+MB8GA1UdIwQYMBaAFNY4gDLgPBid -ogkmpO8nq5yAq5g+MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIB -AJ0WGioNtGNg3m6ywpmxNThorQD5ZvDMlmZlDVk78E2wfNyMhwbVhKhlAnONv0wv -kmsGjibY75nRZ+EK9PxSJ644841fryQXQ+bli5fhr7DW3uTKwaRsnzETJXRJuljq -6+c6Zyg1/mqwnyx7YvPgVh3w496DYx/jm6Fm1IEq3BzOmn6H/gGPq3gbURzEqI3h -P+kC2vJa8RZWrpa05Xk/Q1QUkErDX9vJghb9z3+GgirISZQzqWRghII/znv3NOE6 -zoIgaaWNFn8KPeBVpUoboH+IhpgibsnbTbI0G7AMtFq6qm3kn/4DZ2N2tuh1G2tT -zR2Fh7hJbU7CrqxANrgnIoHG/nLSvzE24ckLb0Vj69uGQlwnZkn9fz6F7KytU+Az -NoB2rjufaB0GQi1azdboMvdGSOxhSCAR8otWT5yDrywCqVnEvjw0oxKmuRduNe2/ -6AcG6TtK2/K+LHuhymiAwZM2qE6VD2odvb+tCzDkZOIeoIz/JcVlNpXE9FuVl250 -9NWvugeghq7tUv81iJ8ninBefJ4lUfxAehTPQqX+zXcfxgjvMRCi/ig73nLyhmjx -r2AaraPFgrprnxUibP4L7jxdr+iiw5bWN9/B81PodrS7n5TNtnfnpZD6X6rThqOP -xO7Tr5lAo74vNUkF2EHNaI28/RGnJPm2TIxZqy4rNH6L ------END CERTIFICATE----- -` - - rootCAPath := path.Join(temppath, "foo.example.com") - err := os.WriteFile(rootCAPath, []byte(cert), 0666) - if err != nil { - panic(err) - } - - certPool := x509.NewCertPool() - ok := certPool.AppendCertsFromPEM([]byte(cert)) - assert.True(t, ok) - - testCases := []struct { - name string - scmRootCAPath string - insecure bool - validateCertInTlsConfig bool - }{ - { - name: "Insecure mode configured, SCM Root CA Path not set", - scmRootCAPath: "", - insecure: true, - validateCertInTlsConfig: false, - }, - { - name: "SCM Root CA Path set, Insecure mode set to false", - scmRootCAPath: rootCAPath, - insecure: false, - validateCertInTlsConfig: true, - }, - { - name: "SCM Root CA Path set, Insecure mode set to true", - scmRootCAPath: rootCAPath, - insecure: true, - validateCertInTlsConfig: true, - }, - } - - for _, testCase := range testCases { - t.Run(testCase.name, func(t *testing.T) { - tlsConfig := GetTlsConfig(testCase.scmRootCAPath, testCase.insecure) - assert.Equal(t, testCase.insecure, tlsConfig.InsecureSkipVerify) - if testCase.validateCertInTlsConfig { - assert.NotNil(t, tlsConfig) - assert.True(t, tlsConfig.RootCAs.Equal(certPool)) - } - }) - } -} diff --git a/applicationset/webhook/webhook.go b/applicationset/webhook/webhook.go index ed48997db813e..72f6dde38b069 100644 --- a/applicationset/webhook/webhook.go +++ b/applicationset/webhook/webhook.go @@ -19,9 +19,9 @@ import ( "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" argosettings "github.com/argoproj/argo-cd/v2/util/settings" - "github.com/go-playground/webhooks/v6/github" - "github.com/go-playground/webhooks/v6/gitlab" log "github.com/sirupsen/logrus" + "gopkg.in/go-playground/webhooks.v5/github" + "gopkg.in/go-playground/webhooks.v5/gitlab" ) type WebhookHandler struct { @@ -98,7 +98,6 @@ func (h *WebhookHandler) HandleEvent(payload interface{}) { // check if the ApplicationSet uses any generator that is relevant to the payload shouldRefresh = shouldRefreshGitGenerator(gen.Git, gitGenInfo) || shouldRefreshPRGenerator(gen.PullRequest, prGenInfo) || - shouldRefreshPluginGenerator(gen.Plugin) || h.shouldRefreshMatrixGenerator(gen.Matrix, &appSet, gitGenInfo, prGenInfo) || h.shouldRefreshMergeGenerator(gen.Merge, &appSet, gitGenInfo, prGenInfo) if shouldRefresh { @@ -288,10 +287,6 @@ func shouldRefreshGitGenerator(gen *v1alpha1.GitGenerator, info *gitGeneratorInf return true } -func shouldRefreshPluginGenerator(gen *v1alpha1.PluginGenerator) bool { - return gen != nil -} - func genRevisionHasChanged(gen *v1alpha1.GitGenerator, revision string, touchedHead bool) bool { targetRev := parseRevision(gen.Revision) if targetRev == "HEAD" || targetRev == "" { // revision is head @@ -422,7 +417,6 @@ func (h *WebhookHandler) shouldRefreshMatrixGenerator(gen *v1alpha1.MatrixGenera SCMProvider: g0.SCMProvider, ClusterDecisionResource: g0.ClusterDecisionResource, PullRequest: g0.PullRequest, - Plugin: g0.Plugin, Matrix: matrixGenerator0, Merge: mergeGenerator0, } @@ -477,7 +471,6 @@ func (h *WebhookHandler) shouldRefreshMatrixGenerator(gen *v1alpha1.MatrixGenera SCMProvider: g1.SCMProvider, ClusterDecisionResource: g1.ClusterDecisionResource, PullRequest: g1.PullRequest, - Plugin: g1.Plugin, Matrix: matrixGenerator1, Merge: mergeGenerator1, } @@ -485,7 +478,7 @@ func (h *WebhookHandler) shouldRefreshMatrixGenerator(gen *v1alpha1.MatrixGenera // Interpolate second child generator with params from first child generator, if there are any params if len(params) != 0 { for _, p := range params { - tempInterpolatedGenerator, err := generators.InterpolateGenerator(requestedGenerator1, p, appSet.Spec.GoTemplate, appSet.Spec.GoTemplateOptions) + tempInterpolatedGenerator, err := generators.InterpolateGenerator(requestedGenerator1, p, appSet.Spec.GoTemplate) interpolatedGenerator := &tempInterpolatedGenerator if err != nil { log.Error(err) @@ -495,7 +488,6 @@ func (h *WebhookHandler) shouldRefreshMatrixGenerator(gen *v1alpha1.MatrixGenera // Check all interpolated child generators if shouldRefreshGitGenerator(interpolatedGenerator.Git, gitGenInfo) || shouldRefreshPRGenerator(interpolatedGenerator.PullRequest, prGenInfo) || - shouldRefreshPluginGenerator(interpolatedGenerator.Plugin) || h.shouldRefreshMatrixGenerator(interpolatedGenerator.Matrix, appSet, gitGenInfo, prGenInfo) || h.shouldRefreshMergeGenerator(requestedGenerator1.Merge, appSet, gitGenInfo, prGenInfo) { return true @@ -506,7 +498,6 @@ func (h *WebhookHandler) shouldRefreshMatrixGenerator(gen *v1alpha1.MatrixGenera // First child generator didn't return any params, just check the second child generator return shouldRefreshGitGenerator(requestedGenerator1.Git, gitGenInfo) || shouldRefreshPRGenerator(requestedGenerator1.PullRequest, prGenInfo) || - shouldRefreshPluginGenerator(requestedGenerator1.Plugin) || h.shouldRefreshMatrixGenerator(requestedGenerator1.Matrix, appSet, gitGenInfo, prGenInfo) || h.shouldRefreshMergeGenerator(requestedGenerator1.Merge, appSet, gitGenInfo, prGenInfo) } @@ -562,7 +553,7 @@ func refreshApplicationSet(c client.Client, appSet *v1alpha1.ApplicationSet) err return retry.RetryOnConflict(retry.DefaultBackoff, func() error { err := c.Get(context.Background(), types.NamespacedName{Name: appSet.Name, Namespace: appSet.Namespace}, appSet) if err != nil { - return fmt.Errorf("error getting ApplicationSet: %w", err) + return err } if appSet.Annotations == nil { appSet.Annotations = map[string]string{} diff --git a/applicationset/webhook/webhook_test.go b/applicationset/webhook/webhook_test.go index 2d683762d7170..1ef16bb35ff8d 100644 --- a/applicationset/webhook/webhook_test.go +++ b/applicationset/webhook/webhook_test.go @@ -15,33 +15,34 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" corev1 "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" kubefake "k8s.io/client-go/kubernetes/fake" "sigs.k8s.io/controller-runtime/pkg/client/fake" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - "github.com/argoproj/argo-cd/v2/applicationset/generators" "github.com/argoproj/argo-cd/v2/applicationset/services/scm_provider" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + argoprojiov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" argosettings "github.com/argoproj/argo-cd/v2/util/settings" + apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" ) type generatorMock struct { mock.Mock } -func (g *generatorMock) GetTemplate(appSetGenerator *v1alpha1.ApplicationSetGenerator) *v1alpha1.ApplicationSetTemplate { - return &v1alpha1.ApplicationSetTemplate{} +func (g *generatorMock) GetTemplate(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator) *argoprojiov1alpha1.ApplicationSetTemplate { + return &argoprojiov1alpha1.ApplicationSetTemplate{} } -func (g *generatorMock) GenerateParams(appSetGenerator *v1alpha1.ApplicationSetGenerator, _ *v1alpha1.ApplicationSet) ([]map[string]interface{}, error) { +func (g *generatorMock) GenerateParams(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator, _ *argoprojiov1alpha1.ApplicationSet) ([]map[string]interface{}, error) { return []map[string]interface{}{}, nil } -func (g *generatorMock) GetRequeueAfter(appSetGenerator *v1alpha1.ApplicationSetGenerator) time.Duration { +func (g *generatorMock) GetRequeueAfter(appSetGenerator *argoprojiov1alpha1.ApplicationSetGenerator) time.Duration { d, _ := time.ParseDuration("10s") return d } @@ -61,7 +62,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-GitHub-Event", headerValue: "push", payloadFile: "github-commit-event.json", - effectedAppSets: []string{"git-github", "matrix-git-github", "merge-git-github", "matrix-scm-git-github", "matrix-nested-git-github", "merge-nested-git-github", "plugin", "matrix-pull-request-github-plugin"}, + effectedAppSets: []string{"git-github", "matrix-git-github", "merge-git-github", "matrix-scm-git-github", "matrix-nested-git-github", "merge-nested-git-github"}, expectedStatusCode: http.StatusOK, expectedRefresh: true, }, @@ -70,7 +71,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-GitHub-Event", headerValue: "push", payloadFile: "github-commit-branch-event.json", - effectedAppSets: []string{"git-github", "plugin", "matrix-pull-request-github-plugin"}, + effectedAppSets: []string{"git-github"}, expectedStatusCode: http.StatusOK, expectedRefresh: true, }, @@ -79,7 +80,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-GitHub-Event", headerValue: "ping", payloadFile: "github-ping-event.json", - effectedAppSets: []string{"git-github", "plugin"}, + effectedAppSets: []string{"git-github"}, expectedStatusCode: http.StatusOK, expectedRefresh: false, }, @@ -88,7 +89,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-Gitlab-Event", headerValue: "Push Hook", payloadFile: "gitlab-event.json", - effectedAppSets: []string{"git-gitlab", "plugin", "matrix-pull-request-github-plugin"}, + effectedAppSets: []string{"git-gitlab"}, expectedStatusCode: http.StatusOK, expectedRefresh: true, }, @@ -97,7 +98,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-Random-Event", headerValue: "Push Hook", payloadFile: "gitlab-event.json", - effectedAppSets: []string{"git-gitlab", "plugin"}, + effectedAppSets: []string{"git-gitlab"}, expectedStatusCode: http.StatusBadRequest, expectedRefresh: false, }, @@ -106,7 +107,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-Random-Event", headerValue: "Push Hook", payloadFile: "invalid-event.json", - effectedAppSets: []string{"git-gitlab", "plugin"}, + effectedAppSets: []string{"git-gitlab"}, expectedStatusCode: http.StatusBadRequest, expectedRefresh: false, }, @@ -115,7 +116,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-GitHub-Event", headerValue: "pull_request", payloadFile: "github-pull-request-opened-event.json", - effectedAppSets: []string{"pull-request-github", "matrix-pull-request-github", "matrix-scm-pull-request-github", "merge-pull-request-github", "plugin", "matrix-pull-request-github-plugin"}, + effectedAppSets: []string{"pull-request-github", "matrix-pull-request-github", "matrix-scm-pull-request-github", "merge-pull-request-github"}, expectedStatusCode: http.StatusOK, expectedRefresh: true, }, @@ -124,7 +125,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-GitHub-Event", headerValue: "pull_request", payloadFile: "github-pull-request-assigned-event.json", - effectedAppSets: []string{"pull-request-github", "matrix-pull-request-github", "matrix-scm-pull-request-github", "merge-pull-request-github", "plugin", "matrix-pull-request-github-plugin"}, + effectedAppSets: []string{"pull-request-github", "matrix-pull-request-github", "matrix-scm-pull-request-github", "merge-pull-request-github"}, expectedStatusCode: http.StatusOK, expectedRefresh: false, }, @@ -133,7 +134,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-Gitlab-Event", headerValue: "Merge Request Hook", payloadFile: "gitlab-merge-request-open-event.json", - effectedAppSets: []string{"pull-request-gitlab", "plugin", "matrix-pull-request-github-plugin"}, + effectedAppSets: []string{"pull-request-gitlab"}, expectedStatusCode: http.StatusOK, expectedRefresh: true, }, @@ -142,7 +143,7 @@ func TestWebhookHandler(t *testing.T) { headerKey: "X-Gitlab-Event", headerValue: "Merge Request Hook", payloadFile: "gitlab-merge-request-approval-event.json", - effectedAppSets: []string{"pull-request-gitlab", "plugin"}, + effectedAppSets: []string{"pull-request-gitlab"}, expectedStatusCode: http.StatusOK, expectedRefresh: false, }, @@ -163,13 +164,11 @@ func TestWebhookHandler(t *testing.T) { fakeAppWithGitGenerator("git-gitlab", namespace, "https://gitlab/group/name"), fakeAppWithGithubPullRequestGenerator("pull-request-github", namespace, "Codertocat", "Hello-World"), fakeAppWithGitlabPullRequestGenerator("pull-request-gitlab", namespace, "100500"), - fakeAppWithPluginGenerator("plugin", namespace), fakeAppWithMatrixAndGitGenerator("matrix-git-github", namespace, "https://github.com/org/repo"), fakeAppWithMatrixAndPullRequestGenerator("matrix-pull-request-github", namespace, "Codertocat", "Hello-World"), fakeAppWithMatrixAndScmWithGitGenerator("matrix-scm-git-github", namespace, "org"), fakeAppWithMatrixAndScmWithPullRequestGenerator("matrix-scm-pull-request-github", namespace, "Codertocat"), fakeAppWithMatrixAndNestedGitGenerator("matrix-nested-git-github", namespace, "https://github.com/org/repo"), - fakeAppWithMatrixAndPullRequestGeneratorWithPluginGenerator("matrix-pull-request-github-plugin", namespace, "Codertocat", "Hello-World", "plugin-cm"), fakeAppWithMergeAndGitGenerator("merge-git-github", namespace, "https://github.com/org/repo"), fakeAppWithMergeAndPullRequestGenerator("merge-pull-request-github", namespace, "Codertocat", "Hello-World"), fakeAppWithMergeAndNestedGitGenerator("merge-nested-git-github", namespace, "https://github.com/org/repo"), @@ -217,7 +216,6 @@ func mockGenerators() map[string]generators.Generator { // generatorMockList := generatorMock{} generatorMockGit := &generatorMock{} generatorMockPR := &generatorMock{} - generatorMockPlugin := &generatorMock{} mockSCMProvider := &scm_provider.MockProvider{ Repos: []*scm_provider.Repository{ { @@ -243,7 +241,6 @@ func mockGenerators() map[string]generators.Generator { "Git": generatorMockGit, "SCMProvider": generatorMockSCM, "PullRequest": generatorMockPR, - "Plugin": generatorMockPlugin, } nestedGenerators := map[string]generators.Generator{ @@ -251,7 +248,6 @@ func mockGenerators() map[string]generators.Generator { "Git": terminalMockGenerators["Git"], "SCMProvider": terminalMockGenerators["SCMProvider"], "PullRequest": terminalMockGenerators["PullRequest"], - "Plugin": terminalMockGenerators["Plugin"], "Matrix": generators.NewMatrixGenerator(terminalMockGenerators), "Merge": generators.NewMergeGenerator(terminalMockGenerators), } @@ -261,21 +257,20 @@ func mockGenerators() map[string]generators.Generator { "Git": terminalMockGenerators["Git"], "SCMProvider": terminalMockGenerators["SCMProvider"], "PullRequest": terminalMockGenerators["PullRequest"], - "Plugin": terminalMockGenerators["Plugin"], "Matrix": generators.NewMatrixGenerator(nestedGenerators), "Merge": generators.NewMergeGenerator(nestedGenerators), } } func TestGenRevisionHasChanged(t *testing.T) { - assert.True(t, genRevisionHasChanged(&v1alpha1.GitGenerator{}, "master", true)) - assert.False(t, genRevisionHasChanged(&v1alpha1.GitGenerator{}, "master", false)) + assert.True(t, genRevisionHasChanged(&argoprojiov1alpha1.GitGenerator{}, "master", true)) + assert.False(t, genRevisionHasChanged(&argoprojiov1alpha1.GitGenerator{}, "master", false)) - assert.True(t, genRevisionHasChanged(&v1alpha1.GitGenerator{Revision: "dev"}, "dev", true)) - assert.False(t, genRevisionHasChanged(&v1alpha1.GitGenerator{Revision: "dev"}, "master", false)) + assert.True(t, genRevisionHasChanged(&argoprojiov1alpha1.GitGenerator{Revision: "dev"}, "dev", true)) + assert.False(t, genRevisionHasChanged(&argoprojiov1alpha1.GitGenerator{Revision: "dev"}, "master", false)) - assert.True(t, genRevisionHasChanged(&v1alpha1.GitGenerator{Revision: "refs/heads/dev"}, "dev", true)) - assert.False(t, genRevisionHasChanged(&v1alpha1.GitGenerator{Revision: "refs/heads/dev"}, "master", false)) + assert.True(t, genRevisionHasChanged(&argoprojiov1alpha1.GitGenerator{Revision: "refs/heads/dev"}, "dev", true)) + assert.False(t, genRevisionHasChanged(&argoprojiov1alpha1.GitGenerator{Revision: "refs/heads/dev"}, "master", false)) } func fakeAppWithGitGenerator(name, namespace, repo string) *v1alpha1.ApplicationSet { @@ -297,17 +292,17 @@ func fakeAppWithGitGenerator(name, namespace, repo string) *v1alpha1.Application } } -func fakeAppWithGitlabPullRequestGenerator(name, namespace, projectId string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ +func fakeAppWithGitlabPullRequestGenerator(name, namespace, projectId string) *argoprojiov1alpha1.ApplicationSet { + return &argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ + Spec: argoprojiov1alpha1.ApplicationSetSpec{ + Generators: []argoprojiov1alpha1.ApplicationSetGenerator{ { - PullRequest: &v1alpha1.PullRequestGenerator{ - GitLab: &v1alpha1.PullRequestGeneratorGitLab{ + PullRequest: &argoprojiov1alpha1.PullRequestGenerator{ + GitLab: &argoprojiov1alpha1.PullRequestGeneratorGitLab{ Project: projectId, }, }, @@ -317,8 +312,8 @@ func fakeAppWithGitlabPullRequestGenerator(name, namespace, projectId string) *v } } -func fakeAppWithGithubPullRequestGenerator(name, namespace, owner, repo string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ +func fakeAppWithGithubPullRequestGenerator(name, namespace, owner, repo string) *argoprojiov1alpha1.ApplicationSet { + return &argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, @@ -350,10 +345,10 @@ func fakeAppWithMatrixAndGitGenerator(name, namespace, repo string) *v1alpha1.Ap Matrix: &v1alpha1.MatrixGenerator{ Generators: []v1alpha1.ApplicationSetNestedGenerator{ { - List: &v1alpha1.ListGenerator{}, + List: &argoprojiov1alpha1.ListGenerator{}, }, { - Git: &v1alpha1.GitGenerator{ + Git: &argoprojiov1alpha1.GitGenerator{ RepoURL: repo, }, }, @@ -377,11 +372,11 @@ func fakeAppWithMatrixAndPullRequestGenerator(name, namespace, owner, repo strin Matrix: &v1alpha1.MatrixGenerator{ Generators: []v1alpha1.ApplicationSetNestedGenerator{ { - List: &v1alpha1.ListGenerator{}, + List: &argoprojiov1alpha1.ListGenerator{}, }, { - PullRequest: &v1alpha1.PullRequestGenerator{ - Github: &v1alpha1.PullRequestGeneratorGithub{ + PullRequest: &argoprojiov1alpha1.PullRequestGenerator{ + Github: &argoprojiov1alpha1.PullRequestGeneratorGithub{ Owner: owner, Repo: repo, }, @@ -395,27 +390,27 @@ func fakeAppWithMatrixAndPullRequestGenerator(name, namespace, owner, repo strin } } -func fakeAppWithMatrixAndScmWithGitGenerator(name, namespace, owner string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ +func fakeAppWithMatrixAndScmWithGitGenerator(name, namespace, owner string) *argoprojiov1alpha1.ApplicationSet { + return &argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ + Spec: argoprojiov1alpha1.ApplicationSetSpec{ + Generators: []argoprojiov1alpha1.ApplicationSetGenerator{ { - Matrix: &v1alpha1.MatrixGenerator{ - Generators: []v1alpha1.ApplicationSetNestedGenerator{ + Matrix: &argoprojiov1alpha1.MatrixGenerator{ + Generators: []argoprojiov1alpha1.ApplicationSetNestedGenerator{ { - SCMProvider: &v1alpha1.SCMProviderGenerator{ + SCMProvider: &argoprojiov1alpha1.SCMProviderGenerator{ CloneProtocol: "ssh", - Github: &v1alpha1.SCMProviderGeneratorGithub{ + Github: &argoprojiov1alpha1.SCMProviderGeneratorGithub{ Organization: owner, }, }, }, { - Git: &v1alpha1.GitGenerator{ + Git: &argoprojiov1alpha1.GitGenerator{ RepoURL: "{{ url }}", }, }, @@ -427,28 +422,28 @@ func fakeAppWithMatrixAndScmWithGitGenerator(name, namespace, owner string) *v1a } } -func fakeAppWithMatrixAndScmWithPullRequestGenerator(name, namespace, owner string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ +func fakeAppWithMatrixAndScmWithPullRequestGenerator(name, namespace, owner string) *argoprojiov1alpha1.ApplicationSet { + return &argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ + Spec: argoprojiov1alpha1.ApplicationSetSpec{ + Generators: []argoprojiov1alpha1.ApplicationSetGenerator{ { - Matrix: &v1alpha1.MatrixGenerator{ - Generators: []v1alpha1.ApplicationSetNestedGenerator{ + Matrix: &argoprojiov1alpha1.MatrixGenerator{ + Generators: []argoprojiov1alpha1.ApplicationSetNestedGenerator{ { - SCMProvider: &v1alpha1.SCMProviderGenerator{ + SCMProvider: &argoprojiov1alpha1.SCMProviderGenerator{ CloneProtocol: "https", - Github: &v1alpha1.SCMProviderGeneratorGithub{ + Github: &argoprojiov1alpha1.SCMProviderGeneratorGithub{ Organization: owner, }, }, }, { - PullRequest: &v1alpha1.PullRequestGenerator{ - Github: &v1alpha1.PullRequestGeneratorGithub{ + PullRequest: &argoprojiov1alpha1.PullRequestGenerator{ + Github: &argoprojiov1alpha1.PullRequestGeneratorGithub{ Owner: "{{ organization }}", Repo: "{{ repository }}", }, @@ -462,19 +457,19 @@ func fakeAppWithMatrixAndScmWithPullRequestGenerator(name, namespace, owner stri } } -func fakeAppWithMatrixAndNestedGitGenerator(name, namespace, repo string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ +func fakeAppWithMatrixAndNestedGitGenerator(name, namespace, repo string) *argoprojiov1alpha1.ApplicationSet { + return &argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ + Spec: argoprojiov1alpha1.ApplicationSetSpec{ + Generators: []argoprojiov1alpha1.ApplicationSetGenerator{ { - Matrix: &v1alpha1.MatrixGenerator{ - Generators: []v1alpha1.ApplicationSetNestedGenerator{ + Matrix: &argoprojiov1alpha1.MatrixGenerator{ + Generators: []argoprojiov1alpha1.ApplicationSetNestedGenerator{ { - List: &v1alpha1.ListGenerator{}, + List: &argoprojiov1alpha1.ListGenerator{}, }, { Matrix: &apiextensionsv1.JSON{ @@ -506,8 +501,8 @@ func fakeAppWithMatrixAndNestedGitGenerator(name, namespace, repo string) *v1alp } } -func fakeAppWithMergeAndGitGenerator(name, namespace, repo string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ +func fakeAppWithMergeAndGitGenerator(name, namespace, repo string) *argoprojiov1alpha1.ApplicationSet { + return &argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, @@ -557,22 +552,22 @@ func fakeAppWithMergeAndPullRequestGenerator(name, namespace, owner, repo string } } -func fakeAppWithMergeAndNestedGitGenerator(name, namespace, repo string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ +func fakeAppWithMergeAndNestedGitGenerator(name, namespace, repo string) *argoprojiov1alpha1.ApplicationSet { + return &argoprojiov1alpha1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ + Spec: argoprojiov1alpha1.ApplicationSetSpec{ + Generators: []argoprojiov1alpha1.ApplicationSetGenerator{ { - Merge: &v1alpha1.MergeGenerator{ + Merge: &argoprojiov1alpha1.MergeGenerator{ MergeKeys: []string{ "server", }, - Generators: []v1alpha1.ApplicationSetNestedGenerator{ + Generators: []argoprojiov1alpha1.ApplicationSetNestedGenerator{ { - List: &v1alpha1.ListGenerator{}, + List: &argoprojiov1alpha1.ListGenerator{}, }, { Merge: &apiextensionsv1.JSON{ @@ -599,66 +594,12 @@ func fakeAppWithMergeAndNestedGitGenerator(name, namespace, repo string) *v1alph } } -func fakeAppWithPluginGenerator(name, namespace string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: namespace, - }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Plugin: &v1alpha1.PluginGenerator{ - ConfigMapRef: v1alpha1.PluginConfigMapRef{ - Name: "test", - }, - }, - }, - }, - }, - } -} - -func fakeAppWithMatrixAndPullRequestGeneratorWithPluginGenerator(name, namespace, owner, repo, configmapName string) *v1alpha1.ApplicationSet { - return &v1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: namespace, - }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Matrix: &v1alpha1.MatrixGenerator{ - Generators: []v1alpha1.ApplicationSetNestedGenerator{ - { - PullRequest: &v1alpha1.PullRequestGenerator{ - Github: &v1alpha1.PullRequestGeneratorGithub{ - Owner: owner, - Repo: repo, - }, - }, - }, - { - Plugin: &v1alpha1.PluginGenerator{ - ConfigMapRef: v1alpha1.PluginConfigMapRef{ - Name: configmapName, - }, - }, - }, - }, - }, - }, - }, - }, - } -} - func newFakeClient(ns string) *kubefake.Clientset { s := runtime.NewScheme() s.AddKnownTypes(v1alpha1.SchemeGroupVersion, &v1alpha1.ApplicationSet{}) return kubefake.NewSimpleClientset(&corev1.ConfigMap{ObjectMeta: metav1.ObjectMeta{Name: "argocd-cm", Namespace: ns, Labels: map[string]string{ "app.kubernetes.io/part-of": "argocd", - }}}, &corev1.Secret{ + }}}, &v1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: common.ArgoCDSecretName, Namespace: ns, diff --git a/assets/embed.go b/assets/embed.go index ac148cafd3de6..8095b0f282df3 100644 --- a/assets/embed.go +++ b/assets/embed.go @@ -3,6 +3,5 @@ package assets import "embed" // Embedded contains embedded assets -// //go:embed * var Embedded embed.FS diff --git a/assets/swagger.json b/assets/swagger.json index c7d0c00267c81..8a50e59c8b1e8 100644 --- a/assets/swagger.json +++ b/assets/swagger.json @@ -401,11 +401,6 @@ "type": "boolean", "name": "validate", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -467,11 +462,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -533,11 +523,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -664,11 +649,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -757,11 +737,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -798,11 +773,6 @@ "type": "string", "name": "namespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -915,11 +885,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -970,11 +935,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1011,11 +971,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1129,11 +1084,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1204,11 +1154,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1281,11 +1226,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1355,11 +1295,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1421,11 +1356,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1493,11 +1423,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1559,11 +1484,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1582,56 +1502,6 @@ } } }, - "/api/v1/applications/{name}/revisions/{revision}/chartdetails": { - "get": { - "tags": [ - "ApplicationService" - ], - "summary": "Get the chart metadata (description, maintainers, home) for a specific revision of the application", - "operationId": "ApplicationService_RevisionChartDetails", - "parameters": [ - { - "type": "string", - "description": "the application's name", - "name": "name", - "in": "path", - "required": true - }, - { - "type": "string", - "description": "the revision of the app", - "name": "revision", - "in": "path", - "required": true - }, - { - "type": "string", - "description": "the application's namespace.", - "name": "appNamespace", - "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/v1alpha1ChartDetails" - } - }, - "default": { - "description": "An unexpected error response.", - "schema": { - "$ref": "#/definitions/runtimeError" - } - } - } - } - }, "/api/v1/applications/{name}/revisions/{revision}/metadata": { "get": { "tags": [ @@ -1659,11 +1529,6 @@ "description": "the application's namespace.", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1752,11 +1617,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1832,11 +1692,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -1878,12 +1733,6 @@ "description": "the selector to restrict returned list to applications only with matched labels.", "name": "selector", "in": "query" - }, - { - "type": "string", - "description": "The application set namespace. Default empty is argocd control plane namespace.", - "name": "appsetNamespace", - "in": "query" } ], "responses": { @@ -1952,12 +1801,6 @@ "name": "name", "in": "path", "required": true - }, - { - "type": "string", - "description": "The application set namespace. Default empty is argocd control plane namespace.", - "name": "appsetNamespace", - "in": "query" } ], "responses": { @@ -1987,12 +1830,6 @@ "name": "name", "in": "path", "required": true - }, - { - "type": "string", - "description": "The application set namespace. Default empty is argocd control plane namespace.", - "name": "appsetNamespace", - "in": "query" } ], "responses": { @@ -3933,11 +3770,6 @@ "type": "string", "name": "appNamespace", "in": "query" - }, - { - "type": "string", - "name": "project", - "in": "query" } ], "responses": { @@ -4103,9 +3935,6 @@ }, "name": { "type": "string" - }, - "project": { - "type": "string" } } }, @@ -4135,9 +3964,6 @@ }, "patchType": { "type": "string" - }, - "project": { - "type": "string" } } }, @@ -4168,9 +3994,6 @@ "name": { "type": "string" }, - "project": { - "type": "string" - }, "prune": { "type": "boolean" } @@ -4201,9 +4024,6 @@ "name": { "type": "string" }, - "project": { - "type": "string" - }, "prune": { "type": "boolean" }, @@ -4502,7 +4322,6 @@ "type": "boolean" }, "configManagementPlugins": { - "description": "Deprecated: use sidecar plugins instead.", "type": "array", "items": { "$ref": "#/definitions/v1alpha1ConfigManagementPlugin" @@ -5088,17 +4907,6 @@ } } }, - "runtimeRawExtension": { - "description": "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned\nstruct, and Object in your internal struct. You also need to register your\nvarious plugin types.\n\n// Internal package:\ntype MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.Object `json:\"myPlugin\"`\n}\ntype PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// External package:\ntype MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n}\ntype PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// On the wire, the JSON will look something like this:\n{\n\t\"kind\":\"MyAPIObject\",\n\t\"apiVersion\":\"v1\",\n\t\"myPlugin\": {\n\t\t\"kind\":\"PluginA\",\n\t\t\"aOption\":\"foo\",\n\t},\n}\n\nSo what happens? Decode first uses json or yaml to unmarshal the serialized data into\nyour external MyAPIObject. That causes the raw JSON to be stored, but not unpacked.\nThe next step is to copy (using pkg/conversion) into the internal struct. The runtime\npackage's DefaultScheme has conversion functions installed which will unpack the\nJSON stored in RawExtension, turning it into the correct object type, and storing it\nin the Object. (TODO: In the case where the object is of an unknown type, a\nruntime.Unknown object will be created and stored.)\n\n+k8s:deepcopy-gen=true\n+protobuf=true\n+k8s:openapi-gen=true", - "type": "object", - "properties": { - "raw": { - "description": "Raw is the underlying serialization of this object.\n\nTODO: Determine how to detect ContentType and ContentEncoding of 'Raw' data.", - "type": "string", - "format": "byte" - } - } - }, "runtimeStreamError": { "type": "object", "properties": { @@ -5654,8 +5462,19 @@ }, "v1Time": { "description": "Time is a wrapper around time.Time which supports correct\nmarshaling to YAML and JSON. Wrappers are provided for many\nof the factory methods that the time package offers.\n\n+protobuf.options.marshal=false\n+protobuf.as=Timestamp\n+protobuf.options.(gogoproto.goproto_stringer)=false", - "type": "string", - "format": "date-time" + "type": "object", + "properties": { + "nanos": { + "description": "Non-negative fractions of a second at nanosecond resolution. Negative\nsecond values with fractions must still have non-negative nanos values\nthat count forward in time. Must be from 0 to 999,999,999\ninclusive. This field may be limited in precision depending on context.", + "type": "integer", + "format": "int32" + }, + "seconds": { + "description": "Represents seconds of UTC time since Unix epoch\n1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to\n9999-12-31T23:59:59Z inclusive.", + "type": "string", + "format": "int64" + } + } }, "v1alpha1AWSAuthConfig": { "type": "object", @@ -5821,7 +5640,7 @@ }, "v1alpha1ApplicationCondition": { "type": "object", - "title": "ApplicationCondition contains details about an application condition, which is usually an error or warning", + "title": "ApplicationCondition contains details about an application condition, which is usally an error or warning", "properties": { "lastTransitionTime": { "$ref": "#/definitions/v1Time" @@ -5841,16 +5660,16 @@ "title": "ApplicationDestination holds information about the application's destination", "properties": { "name": { - "description": "Name is an alternate way of specifying the target cluster by its symbolic name. This must be set if Server is not set.", - "type": "string" + "type": "string", + "title": "Name is an alternate way of specifying the target cluster by its symbolic name" }, "namespace": { "type": "string", "title": "Namespace specifies the target namespace for the application's resources.\nThe namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace" }, "server": { - "description": "Server specifies the URL of the target cluster's Kubernetes control plane API. This must be set if Name is not set.", - "type": "string" + "type": "string", + "title": "Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API" } } }, @@ -5984,9 +5803,6 @@ "merge": { "$ref": "#/definitions/v1alpha1MergeGenerator" }, - "plugin": { - "$ref": "#/definitions/v1alpha1PluginGenerator" - }, "pullRequest": { "$ref": "#/definitions/v1alpha1PullRequestGenerator" }, @@ -6035,9 +5851,6 @@ "merge": { "$ref": "#/definitions/v1JSON" }, - "plugin": { - "$ref": "#/definitions/v1alpha1PluginGenerator" - }, "pullRequest": { "$ref": "#/definitions/v1alpha1PullRequestGenerator" }, @@ -6078,10 +5891,6 @@ "description": "ApplicationSetSpec represents a class of application set state.", "type": "object", "properties": { - "applyNestedSelectors": { - "type": "boolean", - "title": "ApplyNestedSelectors enables selectors defined within the generators of two level-nested matrix or merge generators" - }, "generators": { "type": "array", "items": { @@ -6091,12 +5900,6 @@ "goTemplate": { "type": "boolean" }, - "goTemplateOptions": { - "type": "array", - "items": { - "type": "string" - } - }, "preservedFields": { "$ref": "#/definitions/v1alpha1ApplicationPreservedFields" }, @@ -6146,10 +5949,6 @@ "description": "ApplicationSetSyncPolicy configures how generated Applications will relate to their\nApplicationSet.", "type": "object", "properties": { - "applicationsSync": { - "type": "string", - "title": "ApplicationsSync represents the policy applied on the generated applications. Possible values are create-only, create-update, create-delete, sync\n+kubebuilder:validation:Optional\n+kubebuilder:validation:Enum=create-only;create-update;create-delete;sync" - }, "preserveResourcesOnDeletion": { "description": "PreserveResourcesOnDeletion will preserve resources on deletion. If PreserveResourcesOnDeletion is set to true, these Applications will not be deleted.", "type": "boolean" @@ -6300,10 +6099,7 @@ }, "values": { "type": "string", - "title": "Values specifies Helm values to be passed to helm template, typically defined as a block. ValuesObject takes precedence over Values, so use one or the other.\n+patchStrategy=replace" - }, - "valuesObject": { - "$ref": "#/definitions/runtimeRawExtension" + "title": "Values specifies Helm values to be passed to helm template, typically defined as a block" }, "version": { "type": "string", @@ -6504,10 +6300,6 @@ "$ref": "#/definitions/v1alpha1ApplicationCondition" } }, - "controllerNamespace": { - "type": "string", - "title": "ControllerNamespace indicates the namespace in which the application controller is located" - }, "health": { "$ref": "#/definitions/v1alpha1HealthStatus" }, @@ -6648,35 +6440,6 @@ } } }, - "v1alpha1BearerTokenBitbucketCloud": { - "description": "BearerTokenBitbucketCloud defines the Bearer token for BitBucket AppToken auth.", - "type": "object", - "properties": { - "tokenRef": { - "$ref": "#/definitions/v1alpha1SecretRef" - } - } - }, - "v1alpha1ChartDetails": { - "type": "object", - "title": "ChartDetails contains helm chart metadata for a specific version", - "properties": { - "description": { - "type": "string" - }, - "home": { - "type": "string", - "title": "The URL of this projects home page, e.g. \"http://example.com\"" - }, - "maintainers": { - "type": "array", - "title": "List of maintainer details, name and email, e.g. [\"John Doe \"]", - "items": { - "type": "string" - } - } - } - }, "v1alpha1Cluster": { "type": "object", "title": "Cluster is the definition of a cluster resource", @@ -6873,13 +6636,6 @@ "destination": { "$ref": "#/definitions/v1alpha1ApplicationDestination" }, - "ignoreDifferences": { - "type": "array", - "title": "IgnoreDifferences is a reference to the application's ignored differences used for comparison", - "items": { - "$ref": "#/definitions/v1alpha1ResourceIgnoreDifferences" - } - }, "source": { "$ref": "#/definitions/v1alpha1ApplicationSource" }, @@ -7038,13 +6794,6 @@ }, "template": { "$ref": "#/definitions/v1alpha1ApplicationSetTemplate" - }, - "values": { - "type": "object", - "title": "Values contains key/value pairs which are passed directly as parameters to the template", - "additionalProperties": { - "type": "string" - } } } }, @@ -7482,54 +7231,6 @@ } } }, - "v1alpha1PluginConfigMapRef": { - "type": "object", - "properties": { - "name": { - "type": "string", - "title": "Name of the ConfigMap" - } - } - }, - "v1alpha1PluginGenerator": { - "description": "PluginGenerator defines connection info specific to Plugin.", - "type": "object", - "properties": { - "configMapRef": { - "$ref": "#/definitions/v1alpha1PluginConfigMapRef" - }, - "input": { - "$ref": "#/definitions/v1alpha1PluginInput" - }, - "requeueAfterSeconds": { - "description": "RequeueAfterSeconds determines how long the ApplicationSet controller will wait before reconciling the ApplicationSet again.", - "type": "string", - "format": "int64" - }, - "template": { - "$ref": "#/definitions/v1alpha1ApplicationSetTemplate" - }, - "values": { - "description": "Values contains key/value pairs which are passed directly as parameters to the template. These values will not be\nsent as parameters to the plugin.", - "type": "object", - "additionalProperties": { - "type": "string" - } - } - } - }, - "v1alpha1PluginInput": { - "type": "object", - "properties": { - "parameters": { - "description": "Parameters contains the information to pass to the plugin. It is a map. The keys must be strings, and the\nvalues can be any type.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/v1JSON" - } - } - } - }, "v1alpha1ProjectRole": { "type": "object", "title": "ProjectRole represents a role that has access to a project", @@ -7569,12 +7270,6 @@ "description": "PullRequestGenerator defines a generator that scrapes a PullRequest API to find candidate pull requests.", "type": "object", "properties": { - "azuredevops": { - "$ref": "#/definitions/v1alpha1PullRequestGeneratorAzureDevOps" - }, - "bitbucket": { - "$ref": "#/definitions/v1alpha1PullRequestGeneratorBitbucket" - }, "bitbucketServer": { "$ref": "#/definitions/v1alpha1PullRequestGeneratorBitbucketServer" }, @@ -7604,64 +7299,8 @@ } } }, - "v1alpha1PullRequestGeneratorAzureDevOps": { - "description": "PullRequestGeneratorAzureDevOps defines connection info specific to AzureDevOps.", - "type": "object", - "properties": { - "api": { - "description": "The Azure DevOps API URL to talk to. If blank, use https://dev.azure.com/.", - "type": "string" - }, - "labels": { - "type": "array", - "title": "Labels is used to filter the PRs that you want to target", - "items": { - "type": "string" - } - }, - "organization": { - "description": "Azure DevOps org to scan. Required.", - "type": "string" - }, - "project": { - "description": "Azure DevOps project name to scan. Required.", - "type": "string" - }, - "repo": { - "description": "Azure DevOps repo name to scan. Required.", - "type": "string" - }, - "tokenRef": { - "$ref": "#/definitions/v1alpha1SecretRef" - } - } - }, - "v1alpha1PullRequestGeneratorBitbucket": { - "description": "PullRequestGeneratorBitbucket defines connection info specific to Bitbucket.", - "type": "object", - "properties": { - "api": { - "description": "The Bitbucket REST API URL to talk to. If blank, uses https://api.bitbucket.org/2.0.", - "type": "string" - }, - "basicAuth": { - "$ref": "#/definitions/v1alpha1BasicAuthBitbucketServer" - }, - "bearerToken": { - "$ref": "#/definitions/v1alpha1BearerTokenBitbucketCloud" - }, - "owner": { - "description": "Workspace to scan. Required.", - "type": "string" - }, - "repo": { - "description": "Repo name to scan. Required.", - "type": "string" - } - } - }, "v1alpha1PullRequestGeneratorBitbucketServer": { - "description": "PullRequestGeneratorBitbucketServer defines connection info specific to BitbucketServer.", + "description": "PullRequestGenerator defines connection info specific to BitbucketServer.", "type": "object", "properties": { "api": { @@ -7687,9 +7326,6 @@ "properties": { "branchMatch": { "type": "string" - }, - "targetBranchMatch": { - "type": "string" } } }, @@ -7701,10 +7337,6 @@ "description": "The GitLab API URL to talk to. If blank, uses https://gitlab.com/.", "type": "string" }, - "insecure": { - "type": "boolean", - "title": "Skips validating the SCM provider's TLS certificate - useful for self-signed certificates.; default: false" - }, "labels": { "type": "array", "title": "Labels is used to filter the MRs that you want to target", @@ -7726,7 +7358,7 @@ } }, "v1alpha1PullRequestGeneratorGitea": { - "description": "PullRequestGeneratorGitea defines connection info specific to Gitea.", + "description": "PullRequestGenerator defines connection info specific to Gitea.", "type": "object", "properties": { "api": { @@ -8025,12 +7657,6 @@ "disabled": { "type": "boolean" }, - "displayName": { - "type": "string" - }, - "iconClass": { - "type": "string" - }, "name": { "type": "string" }, @@ -8212,15 +7838,13 @@ "$ref": "#/definitions/v1alpha1ResourceRef" } }, + "resourceRef": { + "$ref": "#/definitions/v1alpha1ResourceRef" + }, "resourceVersion": { "type": "string" } - }, - "allOf": [ - { - "$ref": "#/definitions/v1alpha1ResourceRef" - } - ] + } }, "v1alpha1ResourceOverride": { "type": "object", @@ -8235,9 +7859,6 @@ "ignoreDifferences": { "$ref": "#/definitions/v1alpha1OverrideIgnoreDiff" }, - "ignoreResourceUpdates": { - "$ref": "#/definitions/v1alpha1OverrideIgnoreDiff" - }, "knownTypeFields": { "type": "array", "items": { @@ -8440,9 +8061,6 @@ "description": "SCMProviderGenerator defines a generator that scrapes a SCMaaS API to find candidate repos.", "type": "object", "properties": { - "awsCodeCommit": { - "$ref": "#/definitions/v1alpha1SCMProviderGeneratorAWSCodeCommit" - }, "azureDevOps": { "$ref": "#/definitions/v1alpha1SCMProviderGeneratorAzureDevOps" }, @@ -8479,38 +8097,6 @@ }, "template": { "$ref": "#/definitions/v1alpha1ApplicationSetTemplate" - }, - "values": { - "type": "object", - "title": "Values contains key/value pairs which are passed directly as parameters to the template", - "additionalProperties": { - "type": "string" - } - } - } - }, - "v1alpha1SCMProviderGeneratorAWSCodeCommit": { - "description": "SCMProviderGeneratorAWSCodeCommit defines connection info specific to AWS CodeCommit.", - "type": "object", - "properties": { - "allBranches": { - "description": "Scan all branches instead of just the default branch.", - "type": "boolean" - }, - "region": { - "description": "Region provides the AWS region to discover repos.\nif not provided, AppSet controller will infer the current region from environment.", - "type": "string" - }, - "role": { - "description": "Role provides the AWS IAM role to assume, for cross-account repo discovery\nif not provided, AppSet controller will use its pod/node identity to discover.", - "type": "string" - }, - "tagFilters": { - "type": "array", - "title": "TagFilters provides the tag filter(s) for repo discovery", - "items": { - "$ref": "#/definitions/v1alpha1TagFilter" - } } } }, @@ -8679,24 +8265,12 @@ "description": "Gitlab group to scan. Required. You can use either the project id (recommended) or the full namespaced path.", "type": "string" }, - "includeSharedProjects": { - "type": "boolean", - "title": "When recursing through subgroups, also include shared Projects (true) or scan only the subgroups under same path (false). Defaults to \"true\"" - }, "includeSubgroups": { "type": "boolean", "title": "Recurse through subgroups (true) or scan only the base group (false). Defaults to \"false\"" }, - "insecure": { - "type": "boolean", - "title": "Skips validating the SCM provider's TLS certificate - useful for self-signed certificates.; default: false" - }, "tokenRef": { "$ref": "#/definitions/v1alpha1SecretRef" - }, - "topic": { - "description": "Filter repos list based on Gitlab Topic.", - "type": "string" } } }, @@ -8803,9 +8377,6 @@ "type": "object", "title": "SyncOperationResult represent result of sync operation", "properties": { - "managedNamespaceMetadata": { - "$ref": "#/definitions/v1alpha1ManagedNamespaceMetadata" - }, "resources": { "type": "array", "title": "Resources contains a list of sync result items for each individual resource in a sync operation", @@ -8872,7 +8443,7 @@ }, "selfHeal": { "type": "boolean", - "title": "SelfHeal specifies whether to revert resources back to their desired state upon modification in the cluster (default: false)" + "title": "SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)" } } }, @@ -9007,17 +8578,6 @@ } } }, - "v1alpha1TagFilter": { - "type": "object", - "properties": { - "key": { - "type": "string" - }, - "value": { - "type": "string" - } - } - }, "versionVersionMessage": { "type": "object", "title": "VersionMessage represents version of the Argo CD API server", @@ -9028,9 +8588,6 @@ "Compiler": { "type": "string" }, - "ExtraBuildInfo": { - "type": "string" - }, "GitCommit": { "type": "string" }, diff --git a/cmd/argocd-application-controller/commands/argocd_application_controller.go b/cmd/argocd-application-controller/commands/argocd_application_controller.go index e32b2deee5d47..597cfd0e33495 100644 --- a/cmd/argocd-application-controller/commands/argocd_application_controller.go +++ b/cmd/argocd-application-controller/commands/argocd_application_controller.go @@ -23,7 +23,6 @@ import ( cacheutil "github.com/argoproj/argo-cd/v2/util/cache" appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate" "github.com/argoproj/argo-cd/v2/util/cli" - "github.com/argoproj/argo-cd/v2/util/db" "github.com/argoproj/argo-cd/v2/util/env" "github.com/argoproj/argo-cd/v2/util/errors" kubeutil "github.com/argoproj/argo-cd/v2/util/kube" @@ -56,14 +55,13 @@ func NewCommand() *cobra.Command { metricsCacheExpiration time.Duration metricsAplicationLabels []string kubectlParallelismLimit int64 - cacheSource func() (*appstatecache.Cache, error) + cacheSrc func() (*appstatecache.Cache, error) redisClient *redis.Client repoServerPlaintext bool repoServerStrictTLS bool otlpAddress string applicationNamespaces []string persistResourceHealth bool - shardingAlgorithm string ) var command = cobra.Command{ Use: cliName, @@ -126,7 +124,7 @@ func NewCommand() *cobra.Command { repoClientset := apiclient.NewRepoServerClientset(repoServerAddress, repoServerTimeoutSeconds, tlsConfig) - cache, err := cacheSource() + cache, err := cacheSrc() errors.CheckError(err) cache.Cache.SetClient(cacheutil.NewTwoLevelClient(cache.Cache.GetClient(), 10*time.Minute)) @@ -136,7 +134,7 @@ func NewCommand() *cobra.Command { appController.InvalidateProjectsCache() })) kubectl := kubeutil.NewKubectl() - clusterFilter := getClusterFilter(kubeClient, settingsMgr, shardingAlgorithm) + clusterFilter := getClusterFilter() appController, err = controller.NewApplicationController( namespace, settingsMgr, @@ -154,8 +152,7 @@ func NewCommand() *cobra.Command { kubectlParallelismLimit, persistResourceHealth, clusterFilter, - applicationNamespaces, - ) + applicationNamespaces) errors.CheckError(err) cacheutil.CollectMetrics(redisClient, appController.GetMetricsServer()) @@ -198,14 +195,13 @@ func NewCommand() *cobra.Command { command.Flags().StringVar(&otlpAddress, "otlp-address", env.StringFromEnv("ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS", ""), "OpenTelemetry collector address to send traces to") command.Flags().StringSliceVar(&applicationNamespaces, "application-namespaces", env.StringsFromEnv("ARGOCD_APPLICATION_NAMESPACES", []string{}, ","), "List of additional namespaces that applications are allowed to be reconciled from") command.Flags().BoolVar(&persistResourceHealth, "persist-resource-health", env.ParseBoolFromEnv("ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH", true), "Enables storing the managed resources health in the Application CRD") - command.Flags().StringVar(&shardingAlgorithm, "sharding-method", env.StringFromEnv(common.EnvControllerShardingAlgorithm, common.DefaultShardingAlgorithm), "Enables choice of sharding method. Supported sharding methods are : [legacy, round-robin] ") - cacheSource = appstatecache.AddCacheFlagsToCmd(&command, func(client *redis.Client) { + cacheSrc = appstatecache.AddCacheFlagsToCmd(&command, func(client *redis.Client) { redisClient = client }) return &command } -func getClusterFilter(kubeClient *kubernetes.Clientset, settingsMgr *settings.SettingsManager, shardingAlgorithm string) sharding.ClusterFilterFunction { +func getClusterFilter() func(cluster *v1alpha1.Cluster) bool { replicas := env.ParseNumFromEnv(common.EnvControllerReplicas, 0, 0, math.MaxInt32) shard := env.ParseNumFromEnv(common.EnvControllerShard, -1, -math.MaxInt32, math.MaxInt32) var clusterFilter func(cluster *v1alpha1.Cluster) bool @@ -216,10 +212,7 @@ func getClusterFilter(kubeClient *kubernetes.Clientset, settingsMgr *settings.Se errors.CheckError(err) } log.Infof("Processing clusters from shard %d", shard) - db := db.NewDB(settingsMgr.GetNamespace(), settingsMgr, kubeClient) - log.Infof("Using filter function: %s", shardingAlgorithm) - distributionFunction := sharding.GetDistributionFunction(db, shardingAlgorithm) - clusterFilter = sharding.GetClusterFilter(distributionFunction, shard) + clusterFilter = sharding.GetClusterFilter(replicas, shard) } else { log.Info("Processing all cluster shards") } diff --git a/cmd/argocd-applicationset-controller/commands/applicationset_controller.go b/cmd/argocd-applicationset-controller/commands/applicationset_controller.go index a8bc6451eeb0e..6067a3d52aa48 100644 --- a/cmd/argocd-applicationset-controller/commands/applicationset_controller.go +++ b/cmd/argocd-applicationset-controller/commands/applicationset_controller.go @@ -2,7 +2,6 @@ package command import ( "fmt" - "math" "net/http" "os" "time" @@ -10,9 +9,7 @@ import ( "github.com/argoproj/pkg/stats" "k8s.io/apimachinery/pkg/runtime" ctrl "sigs.k8s.io/controller-runtime" - - "github.com/argoproj/argo-cd/v2/reposerver/apiclient" - "github.com/argoproj/argo-cd/v2/util/tls" + "sigs.k8s.io/controller-runtime/pkg/cache" "github.com/argoproj/argo-cd/v2/applicationset/controllers" "github.com/argoproj/argo-cd/v2/applicationset/generators" @@ -20,6 +17,7 @@ import ( "github.com/argoproj/argo-cd/v2/applicationset/webhook" cmdutil "github.com/argoproj/argo-cd/v2/cmd/util" "github.com/argoproj/argo-cd/v2/common" + "github.com/argoproj/argo-cd/v2/reposerver/askpass" "github.com/argoproj/argo-cd/v2/util/env" "github.com/argoproj/argo-cd/v2/util/github_app" @@ -40,29 +38,24 @@ import ( argosettings "github.com/argoproj/argo-cd/v2/util/settings" ) -var gitSubmoduleEnabled = env.ParseBoolFromEnv(common.EnvGitSubmoduleEnabled, true) +// TODO: load this using Cobra. +func getSubmoduleEnabled() bool { + return env.ParseBoolFromEnv(common.EnvGitSubmoduleEnabled, true) +} func NewCommand() *cobra.Command { var ( - clientConfig clientcmd.ClientConfig - metricsAddr string - probeBindAddr string - webhookAddr string - enableLeaderElection bool - applicationSetNamespaces []string - argocdRepoServer string - policy string - enablePolicyOverride bool - debugLog bool - dryRun bool - enableProgressiveSyncs bool - enableNewGitFileGlobbing bool - repoServerPlaintext bool - repoServerStrictTLS bool - repoServerTimeoutSeconds int - maxConcurrentReconciliations int - scmRootCAPath string - allowedScmProviders []string + clientConfig clientcmd.ClientConfig + metricsAddr string + probeBindAddr string + webhookAddr string + enableLeaderElection bool + namespace string + argocdRepoServer string + policy string + debugLog bool + dryRun bool + enableProgressiveSyncs bool ) scheme := runtime.NewScheme() _ = clientgoscheme.AddToScheme(scheme) @@ -75,8 +68,6 @@ func NewCommand() *cobra.Command { vers := common.GetVersion() namespace, _, err := clientConfig.Namespace() - applicationSetNamespaces = append(applicationSetNamespaces, namespace) - errors.CheckError(err) vers.LogStartupInfo( "ArgoCD ApplicationSet Controller", @@ -89,81 +80,58 @@ func NewCommand() *cobra.Command { cli.SetLogLevel(cmdutil.LogLevel) restConfig, err := clientConfig.ClientConfig() - errors.CheckError(err) + if err != nil { + return err + } restConfig.UserAgent = fmt.Sprintf("argocd-applicationset-controller/%s (%s)", vers.Version, vers.Platform) policyObj, exists := utils.Policies[policy] if !exists { - log.Error("Policy value can be: sync, create-only, create-update, create-delete, default value: sync") - os.Exit(1) - } - - // By default watch all namespace - var watchedNamespace string = "" - - // If the applicationset-namespaces contains only one namespace it corresponds to the current namespace - if len(applicationSetNamespaces) == 1 { - watchedNamespace = (applicationSetNamespaces)[0] - } else if len(allowedScmProviders) == 0 { - log.Error("When enabling applicationset in any namespace using applicationset-namespaces, allowed-scm-providers is required") + log.Info("Policy value can be: sync, create-only, create-update, create-delete") os.Exit(1) } mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{ - Scheme: scheme, - MetricsBindAddress: metricsAddr, - Namespace: watchedNamespace, + Scheme: scheme, + MetricsBindAddress: metricsAddr, + // Our cache and thus watches and client queries are restricted to the namespace we're running in. This assumes + // the applicationset controller is in the same namespace as argocd, which should be the same namespace of + // all cluster Secrets and Applications we interact with. + NewCache: cache.MultiNamespacedCacheBuilder([]string{namespace}), HealthProbeBindAddress: probeBindAddr, Port: 9443, LeaderElection: enableLeaderElection, LeaderElectionID: "58ac56fa.applicationsets.argoproj.io", DryRunClient: dryRun, }) - if err != nil { log.Error(err, "unable to start manager") os.Exit(1) } dynamicClient, err := dynamic.NewForConfig(mgr.GetConfig()) - errors.CheckError(err) + if err != nil { + return err + } k8sClient, err := kubernetes.NewForConfig(mgr.GetConfig()) - errors.CheckError(err) - + if err != nil { + return err + } argoSettingsMgr := argosettings.NewSettingsManager(ctx, k8sClient, namespace) appSetConfig := appclientset.NewForConfigOrDie(mgr.GetConfig()) argoCDDB := db.NewDB(namespace, argoSettingsMgr, k8sClient) + askPassServer := askpass.NewServer() scmAuth := generators.SCMAuthProviders{ GitHubApps: github_app.NewAuthCredentials(argoCDDB.(db.RepoCredsDB)), } - - tlsConfig := apiclient.TLSConfiguration{ - DisableTLS: repoServerPlaintext, - StrictValidation: repoServerPlaintext, - } - - if !repoServerPlaintext && repoServerStrictTLS { - pool, err := tls.LoadX509CertPool( - fmt.Sprintf("%s/reposerver/tls/tls.crt", env.StringFromEnv(common.EnvAppConfigPath, common.DefaultAppConfigPath)), - fmt.Sprintf("%s/reposerver/tls/ca.crt", env.StringFromEnv(common.EnvAppConfigPath, common.DefaultAppConfigPath)), - ) - errors.CheckError(err) - tlsConfig.Certificates = pool - } - - repoClientset := apiclient.NewRepoServerClientset(argocdRepoServer, repoServerTimeoutSeconds, tlsConfig) - argoCDService, err := services.NewArgoCDService(argoCDDB, gitSubmoduleEnabled, repoClientset, enableNewGitFileGlobbing) - errors.CheckError(err) - terminalGenerators := map[string]generators.Generator{ "List": generators.NewListGenerator(), "Clusters": generators.NewClusterGenerator(mgr.GetClient(), ctx, k8sClient, namespace), - "Git": generators.NewGitGenerator(argoCDService), - "SCMProvider": generators.NewSCMProviderGenerator(mgr.GetClient(), scmAuth, scmRootCAPath, allowedScmProviders), + "Git": generators.NewGitGenerator(services.NewArgoCDService(argoCDDB, askPassServer, getSubmoduleEnabled())), + "SCMProvider": generators.NewSCMProviderGenerator(mgr.GetClient(), scmAuth), "ClusterDecisionResource": generators.NewDuckTypeGenerator(ctx, dynamicClient, k8sClient, namespace), - "PullRequest": generators.NewPullRequestGenerator(mgr.GetClient(), scmAuth, scmRootCAPath, allowedScmProviders), - "Plugin": generators.NewPluginGenerator(mgr.GetClient(), ctx, k8sClient, namespace), + "PullRequest": generators.NewPullRequestGenerator(mgr.GetClient(), scmAuth), } nestedGenerators := map[string]generators.Generator{ @@ -173,7 +141,6 @@ func NewCommand() *cobra.Command { "SCMProvider": terminalGenerators["SCMProvider"], "ClusterDecisionResource": terminalGenerators["ClusterDecisionResource"], "PullRequest": terminalGenerators["PullRequest"], - "Plugin": terminalGenerators["Plugin"], "Matrix": generators.NewMatrixGenerator(terminalGenerators), "Merge": generators.NewMergeGenerator(terminalGenerators), } @@ -185,7 +152,6 @@ func NewCommand() *cobra.Command { "SCMProvider": terminalGenerators["SCMProvider"], "ClusterDecisionResource": terminalGenerators["ClusterDecisionResource"], "PullRequest": terminalGenerators["PullRequest"], - "Plugin": terminalGenerators["Plugin"], "Matrix": generators.NewMatrixGenerator(nestedGenerators), "Merge": generators.NewMergeGenerator(nestedGenerators), } @@ -199,22 +165,19 @@ func NewCommand() *cobra.Command { startWebhookServer(webhookHandler, webhookAddr) } + go func() { errors.CheckError(askPassServer.Run(askpass.SocketPath)) }() if err = (&controllers.ApplicationSetReconciler{ - Generators: topLevelGenerators, - Client: mgr.GetClient(), - Scheme: mgr.GetScheme(), - Recorder: mgr.GetEventRecorderFor("applicationset-controller"), - Renderer: &utils.Render{}, - Policy: policyObj, - EnablePolicyOverride: enablePolicyOverride, - ArgoAppClientset: appSetConfig, - KubeClientset: k8sClient, - ArgoDB: argoCDDB, - ArgoCDNamespace: namespace, - ApplicationSetNamespaces: applicationSetNamespaces, - EnableProgressiveSyncs: enableProgressiveSyncs, - SCMRootCAPath: scmRootCAPath, - }).SetupWithManager(mgr, enableProgressiveSyncs, maxConcurrentReconciliations); err != nil { + Generators: topLevelGenerators, + Client: mgr.GetClient(), + Scheme: mgr.GetScheme(), + Recorder: mgr.GetEventRecorderFor("applicationset-controller"), + Renderer: &utils.Render{}, + Policy: policyObj, + ArgoAppClientset: appSetConfig, + KubeClientset: k8sClient, + ArgoDB: argoCDDB, + EnableProgressiveSyncs: enableProgressiveSyncs, + }).SetupWithManager(mgr, enableProgressiveSyncs); err != nil { log.Error(err, "unable to create controller", "controller", "ApplicationSet") os.Exit(1) } @@ -235,22 +198,14 @@ func NewCommand() *cobra.Command { command.Flags().BoolVar(&enableLeaderElection, "enable-leader-election", env.ParseBoolFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION", false), "Enable leader election for controller manager. "+ "Enabling this will ensure there is only one active controller manager.") - command.Flags().StringSliceVar(&applicationSetNamespaces, "applicationset-namespaces", env.StringsFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES", []string{}, ","), "Argo CD applicationset namespaces") + command.Flags().StringVar(&namespace, "namespace", env.StringFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE", ""), "Argo CD repo namespace (default: argocd)") command.Flags().StringVar(&argocdRepoServer, "argocd-repo-server", env.StringFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER", common.DefaultRepoServerAddr), "Argo CD repo server address") - command.Flags().StringVar(&policy, "policy", env.StringFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_POLICY", ""), "Modify how application is synced between the generator and the cluster. Default is 'sync' (create & update & delete), options: 'create-only', 'create-update' (no deletion), 'create-delete' (no update)") - command.Flags().BoolVar(&enablePolicyOverride, "enable-policy-override", env.ParseBoolFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE", policy == ""), "For security reason if 'policy' is set, it is not possible to override it at applicationSet level. 'allow-policy-override' allows user to define their own policy") + command.Flags().StringVar(&policy, "policy", env.StringFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_POLICY", "sync"), "Modify how application is synced between the generator and the cluster. Default is 'sync' (create & update & delete), options: 'create-only', 'create-update' (no deletion), 'create-delete' (no update)") command.Flags().BoolVar(&debugLog, "debug", env.ParseBoolFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG", false), "Print debug logs. Takes precedence over loglevel") command.Flags().StringVar(&cmdutil.LogFormat, "logformat", env.StringFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT", "text"), "Set the logging format. One of: text|json") command.Flags().StringVar(&cmdutil.LogLevel, "loglevel", env.StringFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL", "info"), "Set the logging level. One of: debug|info|warn|error") - command.Flags().StringSliceVar(&allowedScmProviders, "allowed-scm-providers", env.StringsFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS", []string{}, ","), "The list of allowed scm providers. (Default: Empty = all)") command.Flags().BoolVar(&dryRun, "dry-run", env.ParseBoolFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN", false), "Enable dry run mode") command.Flags().BoolVar(&enableProgressiveSyncs, "enable-progressive-syncs", env.ParseBoolFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS", false), "Enable use of the experimental progressive syncs feature.") - command.Flags().BoolVar(&enableNewGitFileGlobbing, "enable-new-git-file-globbing", env.ParseBoolFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING", false), "Enable new globbing in Git files generator.") - command.Flags().BoolVar(&repoServerPlaintext, "repo-server-plaintext", env.ParseBoolFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT", false), "Disable TLS on connections to repo server") - command.Flags().BoolVar(&repoServerStrictTLS, "repo-server-strict-tls", env.ParseBoolFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS", false), "Whether to use strict validation of the TLS cert presented by the repo server") - command.Flags().IntVar(&repoServerTimeoutSeconds, "repo-server-timeout-seconds", env.ParseNumFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS", 60, 0, math.MaxInt64), "Repo server RPC call timeout seconds.") - command.Flags().IntVar(&maxConcurrentReconciliations, "concurrent-reconciliations", env.ParseNumFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS", 10, 1, 100), "Max concurrent reconciliations limit for the controller") - command.Flags().StringVar(&scmRootCAPath, "scm-root-ca-path", env.StringFromEnv("ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH", ""), "Provide Root CA Path for self-signed TLS Certificates") return &command } diff --git a/cmd/argocd-cmp-server/commands/argocd_cmp_server.go b/cmd/argocd-cmp-server/commands/argocd_cmp_server.go index ff016522e47db..2b7bae66d6ed0 100644 --- a/cmd/argocd-cmp-server/commands/argocd_cmp_server.go +++ b/cmd/argocd-cmp-server/commands/argocd_cmp_server.go @@ -30,7 +30,7 @@ func NewCommand() *cobra.Command { var command = cobra.Command{ Use: cliName, Short: "Run ArgoCD ConfigManagementPlugin Server", - Long: "ArgoCD ConfigManagementPlugin Server is an internal service which runs as sidecar container in reposerver deployment. The following configuration options are available:", + Long: "ArgoCD ConfigManagementPlugin Server is an internal service which runs as sidecar container in reposerver deployment. It can be configured by following options.", DisableAutoGenTag: true, RunE: func(c *cobra.Command, args []string) error { ctx := c.Context() diff --git a/cmd/argocd-dex/commands/argocd_dex.go b/cmd/argocd-dex/commands/argocd_dex.go index 2b070ec895e41..7d9f04c31f553 100644 --- a/cmd/argocd-dex/commands/argocd_dex.go +++ b/cmd/argocd-dex/commands/argocd_dex.go @@ -8,11 +8,11 @@ import ( "github.com/argoproj/argo-cd/v2/common" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" "k8s.io/client-go/kubernetes" "k8s.io/client-go/tools/clientcmd" - "sigs.k8s.io/yaml" cmdutil "github.com/argoproj/argo-cd/v2/cmd/util" "github.com/argoproj/argo-cd/v2/util/cli" diff --git a/cmd/argocd-k8s-auth/commands/argocd_k8s_auth.go b/cmd/argocd-k8s-auth/commands/argocd_k8s_auth.go index ce0f3ee3a2f49..410364e6429df 100644 --- a/cmd/argocd-k8s-auth/commands/argocd_k8s_auth.go +++ b/cmd/argocd-k8s-auth/commands/argocd_k8s_auth.go @@ -20,7 +20,6 @@ func NewCommand() *cobra.Command { command.AddCommand(newAWSCommand()) command.AddCommand(newGCPCommand()) - command.AddCommand(newAzureCommand()) return command } diff --git a/cmd/argocd-k8s-auth/commands/azure.go b/cmd/argocd-k8s-auth/commands/azure.go deleted file mode 100644 index bc45bbacef48b..0000000000000 --- a/cmd/argocd-k8s-auth/commands/azure.go +++ /dev/null @@ -1,43 +0,0 @@ -package commands - -import ( - "os" - - "github.com/Azure/kubelogin/pkg/token" - "github.com/spf13/cobra" - - "github.com/argoproj/argo-cd/v2/util/errors" -) - -var ( - envServerApplicationID = "AAD_SERVER_APPLICATION_ID" - envEnvironmentName = "AAD_ENVIRONMENT_NAME" -) - -const ( - DEFAULT_AAD_SERVER_APPLICATION_ID = "6dae42f8-4368-4678-94ff-3960e28e3630" -) - -func newAzureCommand() *cobra.Command { - o := token.NewOptions() - //we'll use default of WorkloadIdentityLogin for the login flow - o.LoginMethod = token.WorkloadIdentityLogin - o.ServerID = DEFAULT_AAD_SERVER_APPLICATION_ID - var command = &cobra.Command{ - Use: "azure", - Run: func(c *cobra.Command, args []string) { - o.UpdateFromEnv() - if v, ok := os.LookupEnv(envServerApplicationID); ok { - o.ServerID = v - } - if v, ok := os.LookupEnv(envEnvironmentName); ok { - o.Environment = v - } - plugin, err := token.New(&o) - errors.CheckError(err) - err = plugin.Do() - errors.CheckError(err) - }, - } - return command -} diff --git a/cmd/argocd-notification/commands/controller.go b/cmd/argocd-notification/commands/controller.go index 3bcd721ef4b89..f9494ea966313 100644 --- a/cmd/argocd-notification/commands/controller.go +++ b/cmd/argocd-notification/commands/controller.go @@ -74,26 +74,26 @@ func NewCommand() *cobra.Command { restConfig, err := clientConfig.ClientConfig() if err != nil { - return fmt.Errorf("failed to create REST client config: %w", err) + return err } restConfig.UserAgent = fmt.Sprintf("argocd-notifications-controller/%s (%s)", vers.Version, vers.Platform) dynamicClient, err := dynamic.NewForConfig(restConfig) if err != nil { - return fmt.Errorf("failed to create dynamic client: %w", err) + return err } k8sClient, err := kubernetes.NewForConfig(restConfig) if err != nil { - return fmt.Errorf("failed to create Kubernetes client: %w", err) + return err } if namespace == "" { namespace, _, err = clientConfig.Namespace() if err != nil { - return fmt.Errorf("failed to determine controller's host namespace: %w", err) + return err } } level, err := log.ParseLevel(logLevel) if err != nil { - return fmt.Errorf("failed to parse log level: %w", err) + return err } log.SetLevel(level) @@ -105,7 +105,7 @@ func NewCommand() *cobra.Command { log.SetFormatter(&log.TextFormatter{ForceColors: true}) } default: - return fmt.Errorf("unknown log format '%s'", logFormat) + return fmt.Errorf("Unknown log format '%s'", logFormat) } tlsConfig := apiclient.TLSConfiguration{ @@ -118,14 +118,14 @@ func NewCommand() *cobra.Command { fmt.Sprintf("%s/reposerver/tls/ca.crt", env.StringFromEnv(common.EnvAppConfigPath, common.DefaultAppConfigPath)), ) if err != nil { - return fmt.Errorf("failed to load repo-server certificate pool: %w", err) + return err } tlsConfig.Certificates = pool } repoClientset := apiclient.NewRepoServerClientset(argocdRepoServer, 5, tlsConfig) argocdService, err := service.NewArgoCDService(k8sClient, namespace, repoClientset) if err != nil { - return fmt.Errorf("failed to initialize Argo CD service: %w", err) + return err } defer argocdService.Close() @@ -141,7 +141,7 @@ func NewCommand() *cobra.Command { ctrl := notificationscontroller.NewController(k8sClient, dynamicClient, argocdService, namespace, appLabelSelector, registry, secretName, configMapName) err = ctrl.Init(ctx) if err != nil { - return fmt.Errorf("failed to initialize controller: %w", err) + return err } go ctrl.Run(ctx, processorsCount) @@ -153,8 +153,8 @@ func NewCommand() *cobra.Command { command.Flags().IntVar(&processorsCount, "processors-count", 1, "Processors count.") command.Flags().StringVar(&appLabelSelector, "app-label-selector", "", "App label selector.") command.Flags().StringVar(&namespace, "namespace", "", "Namespace which controller handles. Current namespace if empty.") - command.Flags().StringVar(&logLevel, "loglevel", env.StringFromEnv("ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL", "info"), "Set the logging level. One of: debug|info|warn|error") - command.Flags().StringVar(&logFormat, "logformat", env.StringFromEnv("ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT", "text"), "Set the logging format. One of: text|json") + command.Flags().StringVar(&logLevel, "loglevel", "info", "Set the logging level. One of: debug|info|warn|error") + command.Flags().StringVar(&logFormat, "logformat", "text", "Set the logging format. One of: text|json") command.Flags().IntVar(&metricsPort, "metrics-port", defaultMetricsPort, "Metrics port") command.Flags().StringVar(&argocdRepoServer, "argocd-repo-server", common.DefaultRepoServerAddr, "Argo CD repo server address") command.Flags().BoolVar(&argocdRepoServerPlaintext, "argocd-repo-server-plaintext", false, "Use a plaintext client (non-TLS) to connect to repository server") diff --git a/cmd/argocd-repo-server/commands/argocd_repo_server.go b/cmd/argocd-repo-server/commands/argocd_repo_server.go index e33aa65139b71..bf6a8840f2b17 100644 --- a/cmd/argocd-repo-server/commands/argocd_repo_server.go +++ b/cmd/argocd-repo-server/commands/argocd_repo_server.go @@ -5,6 +5,7 @@ import ( "math" "net" "net/http" + "os" "time" "github.com/argoproj/pkg/stats" @@ -35,24 +36,43 @@ import ( const ( // CLIName is the name of the CLI - cliName = "argocd-repo-server" -) + cliName = "argocd-repo-server" + gnuPGSourcePath = "/app/config/gpg/source" -var ( - gnuPGSourcePath = env.StringFromEnv(common.EnvGPGDataPath, "/app/config/gpg/source") - pauseGenerationAfterFailedGenerationAttempts = env.ParseNumFromEnv(common.EnvPauseGenerationAfterFailedAttempts, 3, 0, math.MaxInt32) - pauseGenerationOnFailureForMinutes = env.ParseNumFromEnv(common.EnvPauseGenerationMinutes, 60, 0, math.MaxInt32) - pauseGenerationOnFailureForRequests = env.ParseNumFromEnv(common.EnvPauseGenerationRequests, 0, 0, math.MaxInt32) - gitSubmoduleEnabled = env.ParseBoolFromEnv(common.EnvGitSubmoduleEnabled, true) + defaultPauseGenerationAfterFailedGenerationAttempts = 3 + defaultPauseGenerationOnFailureForMinutes = 60 + defaultPauseGenerationOnFailureForRequests = 0 ) +func getGnuPGSourcePath() string { + if path := os.Getenv("ARGOCD_GPG_DATA_PATH"); path != "" { + return path + } else { + return gnuPGSourcePath + } +} + +func getPauseGenerationAfterFailedGenerationAttempts() int { + return env.ParseNumFromEnv(common.EnvPauseGenerationAfterFailedAttempts, defaultPauseGenerationAfterFailedGenerationAttempts, 0, math.MaxInt32) +} + +func getPauseGenerationOnFailureForMinutes() int { + return env.ParseNumFromEnv(common.EnvPauseGenerationMinutes, defaultPauseGenerationOnFailureForMinutes, 0, math.MaxInt32) +} + +func getPauseGenerationOnFailureForRequests() int { + return env.ParseNumFromEnv(common.EnvPauseGenerationRequests, defaultPauseGenerationOnFailureForRequests, 0, math.MaxInt32) +} + +func getSubmoduleEnabled() bool { + return env.ParseBoolFromEnv(common.EnvGitSubmoduleEnabled, true) +} + func NewCommand() *cobra.Command { var ( parallelismLimit int64 listenPort int - listenHost string metricsPort int - metricsHost string otlpAddress string cacheSrc func() (*reposervercache.Cache, error) tlsConfigCustomizer tls.ConfigCustomizer @@ -107,10 +127,10 @@ func NewCommand() *cobra.Command { cacheutil.CollectMetrics(redisClient, metricsServer) server, err := reposerver.NewServer(metricsServer, cache, tlsConfigCustomizer, repository.RepoServerInitConstants{ ParallelismLimit: parallelismLimit, - PauseGenerationAfterFailedGenerationAttempts: pauseGenerationAfterFailedGenerationAttempts, - PauseGenerationOnFailureForMinutes: pauseGenerationOnFailureForMinutes, - PauseGenerationOnFailureForRequests: pauseGenerationOnFailureForRequests, - SubmoduleEnabled: gitSubmoduleEnabled, + PauseGenerationAfterFailedGenerationAttempts: getPauseGenerationAfterFailedGenerationAttempts(), + PauseGenerationOnFailureForMinutes: getPauseGenerationOnFailureForMinutes(), + PauseGenerationOnFailureForRequests: getPauseGenerationOnFailureForRequests(), + SubmoduleEnabled: getSubmoduleEnabled(), MaxCombinedDirectoryManifestsSize: maxCombinedDirectoryManifestsQuantity, CMPTarExcludedGlobs: cmpTarExcludedGlobs, AllowOutOfBoundsSymlinks: allowOutOfBoundsSymlinks, @@ -130,7 +150,7 @@ func NewCommand() *cobra.Command { } grpc := server.CreateGRPC() - listener, err := net.Listen("tcp", fmt.Sprintf("%s:%d", listenHost, listenPort)) + listener, err := net.Listen("tcp", fmt.Sprintf(":%d", listenPort)) errors.CheckError(err) healthz.ServeHealthCheck(http.DefaultServeMux, func(r *http.Request) error { @@ -156,7 +176,7 @@ func NewCommand() *cobra.Command { return nil }) http.Handle("/metrics", metricsServer.GetHandler()) - go func() { errors.CheckError(http.ListenAndServe(fmt.Sprintf("%s:%d", metricsHost, metricsPort), nil)) }() + go func() { errors.CheckError(http.ListenAndServe(fmt.Sprintf(":%d", metricsPort), nil)) }() go func() { errors.CheckError(askPassServer.Run(askpass.SocketPath)) }() if gpg.IsGPGEnabled() { @@ -164,12 +184,12 @@ func NewCommand() *cobra.Command { err = gpg.InitializeGnuPG() errors.CheckError(err) - log.Infof("Populating GnuPG keyring with keys from %s", gnuPGSourcePath) - added, removed, err := gpg.SyncKeyRingFromDirectory(gnuPGSourcePath) + log.Infof("Populating GnuPG keyring with keys from %s", getGnuPGSourcePath()) + added, removed, err := gpg.SyncKeyRingFromDirectory(getGnuPGSourcePath()) errors.CheckError(err) log.Infof("Loaded %d (and removed %d) keys from keyring", len(added), len(removed)) - go func() { errors.CheckError(reposerver.StartGPGWatcher(gnuPGSourcePath)) }() + go func() { errors.CheckError(reposerver.StartGPGWatcher(getGnuPGSourcePath())) }() } log.Infof("argocd-repo-server is listening on %s", listener.Addr()) @@ -181,12 +201,13 @@ func NewCommand() *cobra.Command { return nil }, } + if cmdutil.LogFormat == "" { + cmdutil.LogFormat = os.Getenv("ARGOCD_REPO_SERVER_LOGLEVEL") + } command.Flags().StringVar(&cmdutil.LogFormat, "logformat", env.StringFromEnv("ARGOCD_REPO_SERVER_LOGFORMAT", "text"), "Set the logging format. One of: text|json") command.Flags().StringVar(&cmdutil.LogLevel, "loglevel", env.StringFromEnv("ARGOCD_REPO_SERVER_LOGLEVEL", "info"), "Set the logging level. One of: debug|info|warn|error") command.Flags().Int64Var(¶llelismLimit, "parallelismlimit", int64(env.ParseNumFromEnv("ARGOCD_REPO_SERVER_PARALLELISM_LIMIT", 0, 0, math.MaxInt32)), "Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit.") - command.Flags().StringVar(&listenHost, "address", env.StringFromEnv("ARGOCD_REPO_SERVER_LISTEN_ADDRESS", common.DefaultAddressRepoServer), "Listen on given address for incoming connections") command.Flags().IntVar(&listenPort, "port", common.DefaultPortRepoServer, "Listen on given port for incoming connections") - command.Flags().StringVar(&metricsHost, "metrics-address", env.StringFromEnv("ARGOCD_REPO_SERVER_METRICS_LISTEN_ADDRESS", common.DefaultAddressRepoServerMetrics), "Listen on given address for metrics") command.Flags().IntVar(&metricsPort, "metrics-port", common.DefaultPortRepoServerMetrics, "Start metrics server on given port") command.Flags().StringVar(&otlpAddress, "otlp-address", env.StringFromEnv("ARGOCD_REPO_SERVER_OTLP_ADDRESS", ""), "OpenTelemetry collector address to send traces to") command.Flags().BoolVar(&disableTLS, "disable-tls", env.ParseBoolFromEnv("ARGOCD_REPO_SERVER_DISABLE_TLS", false), "Disable TLS on the gRPC endpoint") diff --git a/cmd/argocd-server/commands/argocd_server.go b/cmd/argocd-server/commands/argocd_server.go index 89f116f7b8d30..76c93c678bead 100644 --- a/cmd/argocd-server/commands/argocd_server.go +++ b/cmd/argocd-server/commands/argocd_server.go @@ -35,18 +35,21 @@ const ( ) var ( - failureRetryCount = env.ParseNumFromEnv(failureRetryCountEnv, 0, 0, 10) - failureRetryPeriodMilliSeconds = env.ParseNumFromEnv(failureRetryPeriodMilliSecondsEnv, 100, 0, 1000) + failureRetryCount = 0 + failureRetryPeriodMilliSeconds = 100 ) +func init() { + failureRetryCount = env.ParseNumFromEnv(failureRetryCountEnv, failureRetryCount, 0, 10) + failureRetryPeriodMilliSeconds = env.ParseNumFromEnv(failureRetryPeriodMilliSecondsEnv, failureRetryPeriodMilliSeconds, 0, 1000) +} + // NewCommand returns a new instance of an argocd command func NewCommand() *cobra.Command { var ( redisClient *redis.Client insecure bool - listenHost string listenPort int - metricsHost string metricsPort int otlpAddress string glogLevel int @@ -164,9 +167,7 @@ func NewCommand() *cobra.Command { argoCDOpts := server.ArgoCDServerOpts{ Insecure: insecure, ListenPort: listenPort, - ListenHost: listenHost, MetricsPort: metricsPort, - MetricsHost: metricsHost, Namespace: namespace, BaseHRef: baseHRef, RootPath: rootPath, @@ -223,11 +224,9 @@ func NewCommand() *cobra.Command { command.Flags().StringVar(&repoServerAddress, "repo-server", env.StringFromEnv("ARGOCD_SERVER_REPO_SERVER", common.DefaultRepoServerAddr), "Repo server address") command.Flags().StringVar(&dexServerAddress, "dex-server", env.StringFromEnv("ARGOCD_SERVER_DEX_SERVER", common.DefaultDexServerAddr), "Dex server address") command.Flags().BoolVar(&disableAuth, "disable-auth", env.ParseBoolFromEnv("ARGOCD_SERVER_DISABLE_AUTH", false), "Disable client authentication") - command.Flags().BoolVar(&enableGZip, "enable-gzip", env.ParseBoolFromEnv("ARGOCD_SERVER_ENABLE_GZIP", true), "Enable GZIP compression") + command.Flags().BoolVar(&enableGZip, "enable-gzip", env.ParseBoolFromEnv("ARGOCD_SERVER_ENABLE_GZIP", false), "Enable GZIP compression") command.AddCommand(cli.NewVersionCmd(cliName)) - command.Flags().StringVar(&listenHost, "address", env.StringFromEnv("ARGOCD_SERVER_LISTEN_ADDRESS", common.DefaultAddressAPIServer), "Listen on given address") command.Flags().IntVar(&listenPort, "port", common.DefaultPortAPIServer, "Listen on given port") - command.Flags().StringVar(&metricsHost, env.StringFromEnv("ARGOCD_SERVER_METRICS_LISTEN_ADDRESS", "metrics-address"), common.DefaultAddressAPIServerMetrics, "Listen for metrics on given address") command.Flags().IntVar(&metricsPort, "metrics-port", common.DefaultPortArgoCDAPIServerMetrics, "Start metrics on given port") command.Flags().StringVar(&otlpAddress, "otlp-address", env.StringFromEnv("ARGOCD_SERVER_OTLP_ADDRESS", ""), "OpenTelemetry collector address to send traces to") command.Flags().IntVar(&repoServerTimeoutSeconds, "repo-server-timeout-seconds", env.ParseNumFromEnv("ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS", 60, 0, math.MaxInt64), "Repo server RPC call timeout seconds.") diff --git a/cmd/argocd/commands/account.go b/cmd/argocd/commands/account.go index 2f73dd796f89f..948687efb377e 100644 --- a/cmd/argocd/commands/account.go +++ b/cmd/argocd/commands/account.go @@ -11,10 +11,10 @@ import ( "time" timeutil "github.com/argoproj/pkg/time" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" "golang.org/x/term" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/headless" argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" @@ -130,9 +130,9 @@ has appropriate RBAC permissions to change other accounts. }, } - command.Flags().StringVar(¤tPassword, "current-password", "", "Password of the currently logged on user") - command.Flags().StringVar(&newPassword, "new-password", "", "New password you want to update to") - command.Flags().StringVar(&account, "account", "", "An account name that should be updated. Defaults to current user account") + command.Flags().StringVar(¤tPassword, "current-password", "", "password of the currently logged on user") + command.Flags().StringVar(&newPassword, "new-password", "", "new password you want to update to") + command.Flags().StringVar(&account, "account", "", "an account name that should be updated. Defaults to current user account") return command } diff --git a/cmd/argocd/commands/admin/admin.go b/cmd/argocd/commands/admin/admin.go index 92cad10479d68..21190f93f15ad 100644 --- a/cmd/argocd/commands/admin/admin.go +++ b/cmd/argocd/commands/admin/admin.go @@ -3,6 +3,7 @@ package admin import ( "reflect" + "github.com/ghodss/yaml" "github.com/spf13/cobra" apiv1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" @@ -11,11 +12,9 @@ import ( "k8s.io/client-go/dynamic" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" - "sigs.k8s.io/yaml" cmdutil "github.com/argoproj/argo-cd/v2/cmd/util" "github.com/argoproj/argo-cd/v2/common" - argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" "github.com/argoproj/argo-cd/v2/util/errors" "github.com/argoproj/argo-cd/v2/util/settings" @@ -36,7 +35,7 @@ var ( ) // NewAdminCommand returns a new instance of an argocd command -func NewAdminCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { +func NewAdminCommand() *cobra.Command { var ( pathOpts = clientcmd.NewDefaultPathOptions() ) @@ -50,10 +49,10 @@ func NewAdminCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { }, } - command.AddCommand(NewClusterCommand(clientOpts, pathOpts)) + command.AddCommand(NewClusterCommand(pathOpts)) command.AddCommand(NewProjectsCommand()) command.AddCommand(NewSettingsCommand()) - command.AddCommand(NewAppCommand(clientOpts)) + command.AddCommand(NewAppCommand()) command.AddCommand(NewRepoCommand()) command.AddCommand(NewImportCommand()) command.AddCommand(NewExportCommand()) diff --git a/cmd/argocd/commands/admin/app.go b/cmd/argocd/commands/admin/app.go index fbceb436f8609..e2e2103e75439 100644 --- a/cmd/argocd/commands/admin/app.go +++ b/cmd/argocd/commands/admin/app.go @@ -9,6 +9,7 @@ import ( "sort" "time" + "github.com/ghodss/yaml" "github.com/spf13/cobra" apiv1 "k8s.io/api/core/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -17,18 +18,15 @@ import ( "k8s.io/client-go/kubernetes" kubecache "k8s.io/client-go/tools/cache" "k8s.io/client-go/tools/clientcmd" - "sigs.k8s.io/yaml" cmdutil "github.com/argoproj/argo-cd/v2/cmd/util" - "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/controller" "github.com/argoproj/argo-cd/v2/controller/cache" "github.com/argoproj/argo-cd/v2/controller/metrics" - argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned" appinformers "github.com/argoproj/argo-cd/v2/pkg/client/informers/externalversions" - reposerverclient "github.com/argoproj/argo-cd/v2/reposerver/apiclient" + argocdclient "github.com/argoproj/argo-cd/v2/reposerver/apiclient" "github.com/argoproj/argo-cd/v2/util/argo" cacheutil "github.com/argoproj/argo-cd/v2/util/cache" appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate" @@ -41,7 +39,7 @@ import ( "github.com/argoproj/argo-cd/v2/util/settings" ) -func NewAppCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { +func NewAppCommand() *cobra.Command { var command = &cobra.Command{ Use: "app", Short: "Manage applications configuration", @@ -51,7 +49,7 @@ func NewAppCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { } command.AddCommand(NewGenAppSpecCommand()) - command.AddCommand(NewReconcileCommand(clientOpts)) + command.AddCommand(NewReconcileCommand()) command.AddCommand(NewDiffReconcileResults()) return command } @@ -195,14 +193,14 @@ func diffReconcileResults(res1 reconcileResults, res2 reconcileResults) error { for k, v := range resMap1 { firstUn, err := toUnstructured(v) if err != nil { - return fmt.Errorf("error converting first resource to unstructured: %w", err) + return err } var secondUn *unstructured.Unstructured second, ok := resMap2[k] if ok { secondUn, err = toUnstructured(second) if err != nil { - return fmt.Errorf("error converting second resource to unstructured: %w", err) + return err } delete(resMap2, k) } @@ -226,7 +224,7 @@ func diffReconcileResults(res1 reconcileResults, res2 reconcileResults) error { return nil } -func NewReconcileCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { +func NewReconcileCommand() *cobra.Command { var ( clientConfig clientcmd.ClientConfig selector string @@ -261,12 +259,11 @@ func NewReconcileCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command if repoServerAddress == "" { printLine("Repo server is not provided, trying to port-forward to argocd-repo-server pod.") overrides := clientcmd.ConfigOverrides{} - repoServerPodLabelSelector := common.LabelKeyAppName + "=" + clientOpts.RepoServerName - repoServerPort, err := kubeutil.PortForward(8081, namespace, &overrides, repoServerPodLabelSelector) + repoServerPort, err := kubeutil.PortForward(8081, namespace, &overrides, "app.kubernetes.io/name=argocd-repo-server") errors.CheckError(err) repoServerAddress = fmt.Sprintf("localhost:%d", repoServerPort) } - repoServerClient := reposerverclient.NewRepoServerClientset(repoServerAddress, 60, reposerverclient.TLSConfiguration{DisableTLS: false, StrictValidation: false}) + repoServerClient := argocdclient.NewRepoServerClientset(repoServerAddress, 60, argocdclient.TLSConfiguration{DisableTLS: false, StrictValidation: false}) appClientset := appclientset.NewForConfigOrDie(cfg) kubeClientset := kubernetes.NewForConfigOrDie(cfg) @@ -331,7 +328,7 @@ func reconcileApplications( kubeClientset kubernetes.Interface, appClientset appclientset.Interface, namespace string, - repoServerClient reposerverclient.Clientset, + repoServerClient argocdclient.Clientset, selector string, createLiveStateCache func(argoDB db.ArgoDB, appInformer kubecache.SharedIndexInformer, settingsMgr *settings.SettingsManager, server *metrics.MetricsServer) cache.LiveStateCache, ) ([]appReconcileResult, error) { diff --git a/cmd/argocd/commands/admin/backup.go b/cmd/argocd/commands/admin/backup.go index 49e0615c64ba4..6847bf7f309c3 100644 --- a/cmd/argocd/commands/admin/backup.go +++ b/cmd/argocd/commands/admin/backup.go @@ -7,6 +7,7 @@ import ( "os" "github.com/argoproj/gitops-engine/pkg/utils/kube" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" apierr "k8s.io/apimachinery/pkg/api/errors" @@ -14,7 +15,6 @@ import ( "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/client-go/dynamic" "k8s.io/client-go/tools/clientcmd" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application" @@ -132,6 +132,7 @@ func NewImportCommand() *cobra.Command { errors.CheckError(err) config.QPS = 100 config.Burst = 50 + errors.CheckError(err) namespace, _, err := clientConfig.Namespace() errors.CheckError(err) acdClients := newArgoCDClientsets(config, namespace) diff --git a/cmd/argocd/commands/admin/cluster.go b/cmd/argocd/commands/admin/cluster.go index 1bc1417fead4d..dd5833a21b048 100644 --- a/cmd/argocd/commands/admin/cluster.go +++ b/cmd/argocd/commands/admin/cluster.go @@ -19,12 +19,10 @@ import ( "k8s.io/client-go/kubernetes/fake" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" - "k8s.io/utils/pointer" cmdutil "github.com/argoproj/argo-cd/v2/cmd/util" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/controller/sharding" - argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned" "github.com/argoproj/argo-cd/v2/util/argo" @@ -40,7 +38,7 @@ import ( "github.com/argoproj/argo-cd/v2/util/text/label" ) -func NewClusterCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clientcmd.PathOptions) *cobra.Command { +func NewClusterCommand(pathOpts *clientcmd.PathOptions) *cobra.Command { var command = &cobra.Command{ Use: "cluster", Short: "Manage clusters configuration", @@ -51,8 +49,8 @@ func NewClusterCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clientc command.AddCommand(NewClusterConfig()) command.AddCommand(NewGenClusterConfigCommand(pathOpts)) - command.AddCommand(NewClusterStatsCommand(clientOpts)) - command.AddCommand(NewClusterShardsCommand(clientOpts)) + command.AddCommand(NewClusterStatsCommand()) + command.AddCommand(NewClusterShardsCommand()) namespacesCommand := NewClusterNamespacesCommand() namespacesCommand.AddCommand(NewClusterEnableNamespacedMode()) namespacesCommand.AddCommand(NewClusterDisableNamespacedMode()) @@ -69,7 +67,7 @@ type ClusterWithInfo struct { Namespaces []string } -func loadClusters(ctx context.Context, kubeClient *kubernetes.Clientset, appClient *versioned.Clientset, replicas int, namespace string, portForwardRedis bool, cacheSrc func() (*appstatecache.Cache, error), shard int, redisName string, redisHaProxyName string) ([]ClusterWithInfo, error) { +func loadClusters(ctx context.Context, kubeClient *kubernetes.Clientset, appClient *versioned.Clientset, replicas int, namespace string, portForwardRedis bool, cacheSrc func() (*appstatecache.Cache, error), shard int) ([]ClusterWithInfo, error) { settingsMgr := settings.NewSettingsManager(ctx, kubeClient, namespace) argoDB := db.NewDB(namespace, settingsMgr, kubeClient) @@ -80,10 +78,8 @@ func loadClusters(ctx context.Context, kubeClient *kubernetes.Clientset, appClie var cache *appstatecache.Cache if portForwardRedis { overrides := clientcmd.ConfigOverrides{} - redisHaProxyPodLabelSelector := common.LabelKeyAppName + "=" + redisHaProxyName - redisPodLabelSelector := common.LabelKeyAppName + "=" + redisName port, err := kubeutil.PortForward(6379, namespace, &overrides, - redisHaProxyPodLabelSelector, redisPodLabelSelector) + "app.kubernetes.io/name=argocd-redis-ha-haproxy", "app.kubernetes.io/name=argocd-redis") if err != nil { return nil, err } @@ -119,13 +115,10 @@ func loadClusters(ctx context.Context, kubeClient *kubernetes.Clientset, appClie } batch := clustersList.Items[batchStart:batchEnd] _ = kube.RunAllAsync(len(batch), func(i int) error { - clusterShard := 0 cluster := batch[i] + clusterShard := 0 if replicas > 0 { - distributionFunction := sharding.GetDistributionFunction(argoDB, common.DefaultShardingAlgorithm) - distributionFunction(&cluster) - cluster.Shard = pointer.Int64Ptr(int64(clusterShard)) - log.Infof("Cluster with uid: %s will be processed by shard %d", cluster.ID, clusterShard) + clusterShard = sharding.GetShardByID(cluster.ID, replicas) } if shard != -1 && clusterShard != shard { @@ -149,17 +142,16 @@ func loadClusters(ctx context.Context, kubeClient *kubernetes.Clientset, appClie return clusters, nil } -func getControllerReplicas(ctx context.Context, kubeClient *kubernetes.Clientset, namespace string, appControllerName string) (int, error) { - appControllerPodLabelSelector := common.LabelKeyAppName + "=" + appControllerName +func getControllerReplicas(ctx context.Context, kubeClient *kubernetes.Clientset, namespace string) (int, error) { controllerPods, err := kubeClient.CoreV1().Pods(namespace).List(ctx, v1.ListOptions{ - LabelSelector: appControllerPodLabelSelector}) + LabelSelector: "app.kubernetes.io/name=argocd-application-controller"}) if err != nil { return 0, err } return len(controllerPods.Items), nil } -func NewClusterShardsCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { +func NewClusterShardsCommand() *cobra.Command { var ( shard int replicas int @@ -183,14 +175,14 @@ func NewClusterShardsCommand(clientOpts *argocdclient.ClientOptions) *cobra.Comm appClient := versioned.NewForConfigOrDie(clientCfg) if replicas == 0 { - replicas, err = getControllerReplicas(ctx, kubeClient, namespace, clientOpts.AppControllerName) + replicas, err = getControllerReplicas(ctx, kubeClient, namespace) errors.CheckError(err) } if replicas == 0 { return } - clusters, err := loadClusters(ctx, kubeClient, appClient, replicas, namespace, portForwardRedis, cacheSrc, shard, clientOpts.RedisName, clientOpts.RedisHaProxyName) + clusters, err := loadClusters(ctx, kubeClient, appClient, replicas, namespace, portForwardRedis, cacheSrc, shard) errors.CheckError(err) if len(clusters) == 0 { return @@ -437,7 +429,7 @@ func NewClusterDisableNamespacedMode() *cobra.Command { return &command } -func NewClusterStatsCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { +func NewClusterStatsCommand() *cobra.Command { var ( shard int replicas int @@ -461,10 +453,10 @@ func NewClusterStatsCommand(clientOpts *argocdclient.ClientOptions) *cobra.Comma kubeClient := kubernetes.NewForConfigOrDie(clientCfg) appClient := versioned.NewForConfigOrDie(clientCfg) if replicas == 0 { - replicas, err = getControllerReplicas(ctx, kubeClient, namespace, clientOpts.AppControllerName) + replicas, err = getControllerReplicas(ctx, kubeClient, namespace) errors.CheckError(err) } - clusters, err := loadClusters(ctx, kubeClient, appClient, replicas, namespace, portForwardRedis, cacheSrc, shard, clientOpts.RedisName, clientOpts.RedisHaProxyName) + clusters, err := loadClusters(ctx, kubeClient, appClient, replicas, namespace, portForwardRedis, cacheSrc, shard) errors.CheckError(err) w := tabwriter.NewWriter(os.Stdout, 0, 0, 2, ' ', 0) diff --git a/cmd/argocd/commands/admin/dashboard.go b/cmd/argocd/commands/admin/dashboard.go index 52a14a42d7a63..d4460265c0e58 100644 --- a/cmd/argocd/commands/admin/dashboard.go +++ b/cmd/argocd/commands/admin/dashboard.go @@ -35,7 +35,7 @@ func NewDashboardCommand() *cobra.Command { } initialize.InitCommand(cmd) cmd.Flags().IntVar(&port, "port", common.DefaultPortAPIServer, "Listen on given port") - cmd.Flags().StringVar(&address, "address", common.DefaultAddressAdminDashboard, "Listen on given address") - cmd.Flags().StringVar(&compressionStr, "redis-compress", env.StringFromEnv("REDIS_COMPRESSION", string(cache.RedisCompressionGZip)), "Enable this if the application controller is configured with redis compression enabled. (possible values: gzip, none)") + cmd.Flags().StringVar(&address, "address", common.DefaultAddressAPIServer, "Listen on given address") + cmd.Flags().StringVar(&compressionStr, "redis-compress", env.StringFromEnv("REDIS_COMPRESSION", string(cache.RedisCompressionNone)), "Enable this if the application controller is configured with redis compression enabled. (possible values: none, gzip)") return cmd } diff --git a/cmd/argocd/commands/admin/generatespec_utils.go b/cmd/argocd/commands/admin/generatespec_utils.go index f9d902111a5d1..1a7eb8c99a694 100644 --- a/cmd/argocd/commands/admin/generatespec_utils.go +++ b/cmd/argocd/commands/admin/generatespec_utils.go @@ -8,8 +8,8 @@ import ( "os" "github.com/argoproj/gitops-engine/pkg/utils/kube" + "github.com/ghodss/yaml" v1 "k8s.io/api/core/v1" - "sigs.k8s.io/yaml" ioutil "github.com/argoproj/argo-cd/v2/util/io" ) diff --git a/cmd/argocd/commands/admin/project_allowlist.go b/cmd/argocd/commands/admin/project_allowlist.go index 57b855251daa9..727b0742f04cc 100644 --- a/cmd/argocd/commands/admin/project_allowlist.go +++ b/cmd/argocd/commands/admin/project_allowlist.go @@ -7,6 +7,7 @@ import ( "os" "strings" + "github.com/ghodss/yaml" "github.com/spf13/cobra" rbacv1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -15,7 +16,6 @@ import ( "k8s.io/client-go/discovery" "k8s.io/client-go/kubernetes/scheme" "k8s.io/client-go/tools/clientcmd" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/util/errors" diff --git a/cmd/argocd/commands/admin/settings.go b/cmd/argocd/commands/admin/settings.go index 795f82a1192ab..af758067b53d9 100644 --- a/cmd/argocd/commands/admin/settings.go +++ b/cmd/argocd/commands/admin/settings.go @@ -12,6 +12,7 @@ import ( "text/tabwriter" healthutil "github.com/argoproj/gitops-engine/pkg/health" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" corev1 "k8s.io/api/core/v1" @@ -20,7 +21,6 @@ import ( "k8s.io/client-go/kubernetes" "k8s.io/client-go/kubernetes/fake" "k8s.io/client-go/tools/clientcmd" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" @@ -233,6 +233,13 @@ var validatorsByGroup = map[string]settingValidator{ _, err := manager.GetGoogleAnalytics() return "", err }), + "plugins": func(manager *settings.SettingsManager) (string, error) { + plugins, err := manager.GetConfigManagementPlugins() + if err != nil { + return "", err + } + return fmt.Sprintf("%d plugins", len(plugins)), nil + }, "kustomize": func(manager *settings.SettingsManager) (string, error) { opts, err := manager.GetKustomizeSettings() if err != nil { @@ -349,7 +356,6 @@ func NewResourceOverridesCommand(cmdCtx commandContext) *cobra.Command { }, } command.AddCommand(NewResourceIgnoreDifferencesCommand(cmdCtx)) - command.AddCommand(NewResourceIgnoreResourceUpdatesCommand(cmdCtx)) command.AddCommand(NewResourceActionListCommand(cmdCtx)) command.AddCommand(NewResourceActionRunCommand(cmdCtx)) command.AddCommand(NewResourceHealthCommand(cmdCtx)) @@ -381,31 +387,6 @@ func executeResourceOverrideCommand(ctx context.Context, cmdCtx commandContext, callback(res, override, overrides) } -func executeIgnoreResourceUpdatesOverrideCommand(ctx context.Context, cmdCtx commandContext, args []string, callback func(res unstructured.Unstructured, override v1alpha1.ResourceOverride, overrides map[string]v1alpha1.ResourceOverride)) { - data, err := os.ReadFile(args[0]) - errors.CheckError(err) - - res := unstructured.Unstructured{} - errors.CheckError(yaml.Unmarshal(data, &res)) - - settingsManager, err := cmdCtx.createSettingsManager(ctx) - errors.CheckError(err) - - overrides, err := settingsManager.GetIgnoreResourceUpdatesOverrides() - errors.CheckError(err) - gvk := res.GroupVersionKind() - key := gvk.Kind - if gvk.Group != "" { - key = fmt.Sprintf("%s/%s", gvk.Group, gvk.Kind) - } - override, hasOverride := overrides[key] - if !hasOverride { - _, _ = fmt.Printf("No overrides configured for '%s/%s'\n", gvk.Group, gvk.Kind) - return - } - callback(res, override, overrides) -} - func NewResourceIgnoreDifferencesCommand(cmdCtx commandContext) *cobra.Command { var command = &cobra.Command{ Use: "ignore-differences RESOURCE_YAML_PATH", @@ -456,52 +437,6 @@ argocd admin settings resource-overrides ignore-differences ./deploy.yaml --argo return command } -func NewResourceIgnoreResourceUpdatesCommand(cmdCtx commandContext) *cobra.Command { - var command = &cobra.Command{ - Use: "ignore-resource-updates RESOURCE_YAML_PATH", - Short: "Renders fields excluded from resource updates", - Long: "Renders ignored fields using the 'ignoreResourceUpdates' setting specified in the 'resource.customizations' field of 'argocd-cm' ConfigMap", - Example: ` -argocd admin settings resource-overrides ignore-resource-updates ./deploy.yaml --argocd-cm-path ./argocd-cm.yaml`, - Run: func(c *cobra.Command, args []string) { - ctx := c.Context() - - if len(args) < 1 { - c.HelpFunc()(c, args) - os.Exit(1) - } - - executeIgnoreResourceUpdatesOverrideCommand(ctx, cmdCtx, args, func(res unstructured.Unstructured, override v1alpha1.ResourceOverride, overrides map[string]v1alpha1.ResourceOverride) { - gvk := res.GroupVersionKind() - if len(override.IgnoreResourceUpdates.JSONPointers) == 0 && len(override.IgnoreResourceUpdates.JQPathExpressions) == 0 { - _, _ = fmt.Printf("Ignore resource updates are not configured for '%s/%s'\n", gvk.Group, gvk.Kind) - return - } - - normalizer, err := normalizers.NewIgnoreNormalizer(nil, overrides) - errors.CheckError(err) - - normalizedRes := res.DeepCopy() - logs := collectLogs(func() { - errors.CheckError(normalizer.Normalize(normalizedRes)) - }) - if logs != "" { - _, _ = fmt.Println(logs) - } - - if reflect.DeepEqual(&res, normalizedRes) { - _, _ = fmt.Printf("No fields are ignored by ignoreResourceUpdates settings: \n%s\n", override.IgnoreResourceUpdates) - return - } - - _, _ = fmt.Printf("Following fields are ignored:\n\n") - _ = cli.PrintDiff(res.GetName(), &res, normalizedRes) - }) - }, - } - return command -} - func NewResourceHealthCommand(cmdCtx commandContext) *cobra.Command { var command = &cobra.Command{ Use: "health RESOURCE_YAML_PATH", @@ -610,26 +545,13 @@ argocd admin settings resource-overrides action run /tmp/deploy.yaml restart --a modifiedRes, err := luaVM.ExecuteResourceAction(&res, action.ActionLua) errors.CheckError(err) - for _, impactedResource := range modifiedRes { - result := impactedResource.UnstructuredObj - switch impactedResource.K8SOperation { - // No default case since a not supported operation would have failed upon unmarshaling earlier - case lua.PatchOperation: - if reflect.DeepEqual(&res, modifiedRes) { - _, _ = fmt.Printf("No fields had been changed by action: \n%s\n", action.Name) - return - } - - _, _ = fmt.Printf("Following fields have been changed:\n\n") - _ = cli.PrintDiff(res.GetName(), &res, result) - case lua.CreateOperation: - yamlBytes, err := yaml.Marshal(impactedResource.UnstructuredObj) - errors.CheckError(err) - fmt.Println("Following resource was created:") - fmt.Println(bytes.NewBuffer(yamlBytes).String()) - } + if reflect.DeepEqual(&res, modifiedRes) { + _, _ = fmt.Printf("No fields had been changed by action: \n%s\n", action.Name) + return } + _, _ = fmt.Printf("Following fields have been changed:\n\n") + _ = cli.PrintDiff(res.GetName(), &res, modifiedRes) }) }, } diff --git a/cmd/argocd/commands/admin/settings_rbac.go b/cmd/argocd/commands/admin/settings_rbac.go index 8d94feeaad466..ae7377f126cf1 100644 --- a/cmd/argocd/commands/admin/settings_rbac.go +++ b/cmd/argocd/commands/admin/settings_rbac.go @@ -6,13 +6,13 @@ import ( "os" "strings" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" corev1 "k8s.io/api/core/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" "k8s.io/client-go/tools/clientcmd" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/server/rbacpolicy" @@ -23,40 +23,38 @@ import ( // Provide a mapping of short-hand resource names to their RBAC counterparts var resourceMap map[string]string = map[string]string{ - "account": rbacpolicy.ResourceAccounts, - "app": rbacpolicy.ResourceApplications, - "apps": rbacpolicy.ResourceApplications, - "application": rbacpolicy.ResourceApplications, - "applicationsets": rbacpolicy.ResourceApplicationSets, - "cert": rbacpolicy.ResourceCertificates, - "certs": rbacpolicy.ResourceCertificates, - "certificate": rbacpolicy.ResourceCertificates, - "cluster": rbacpolicy.ResourceClusters, - "gpgkey": rbacpolicy.ResourceGPGKeys, - "key": rbacpolicy.ResourceGPGKeys, - "log": rbacpolicy.ResourceLogs, - "logs": rbacpolicy.ResourceLogs, - "exec": rbacpolicy.ResourceExec, - "proj": rbacpolicy.ResourceProjects, - "projs": rbacpolicy.ResourceProjects, - "project": rbacpolicy.ResourceProjects, - "repo": rbacpolicy.ResourceRepositories, - "repos": rbacpolicy.ResourceRepositories, - "repository": rbacpolicy.ResourceRepositories, + "account": rbacpolicy.ResourceAccounts, + "app": rbacpolicy.ResourceApplications, + "apps": rbacpolicy.ResourceApplications, + "application": rbacpolicy.ResourceApplications, + "cert": rbacpolicy.ResourceCertificates, + "certs": rbacpolicy.ResourceCertificates, + "certificate": rbacpolicy.ResourceCertificates, + "cluster": rbacpolicy.ResourceClusters, + "gpgkey": rbacpolicy.ResourceGPGKeys, + "key": rbacpolicy.ResourceGPGKeys, + "log": rbacpolicy.ResourceLogs, + "logs": rbacpolicy.ResourceLogs, + "exec": rbacpolicy.ResourceExec, + "proj": rbacpolicy.ResourceProjects, + "projs": rbacpolicy.ResourceProjects, + "project": rbacpolicy.ResourceProjects, + "repo": rbacpolicy.ResourceRepositories, + "repos": rbacpolicy.ResourceRepositories, + "repository": rbacpolicy.ResourceRepositories, } // List of allowed RBAC resources var validRBACResources map[string]bool = map[string]bool{ - rbacpolicy.ResourceAccounts: true, - rbacpolicy.ResourceApplications: true, - rbacpolicy.ResourceApplicationSets: true, - rbacpolicy.ResourceCertificates: true, - rbacpolicy.ResourceClusters: true, - rbacpolicy.ResourceGPGKeys: true, - rbacpolicy.ResourceLogs: true, - rbacpolicy.ResourceExec: true, - rbacpolicy.ResourceProjects: true, - rbacpolicy.ResourceRepositories: true, + rbacpolicy.ResourceAccounts: true, + rbacpolicy.ResourceApplications: true, + rbacpolicy.ResourceCertificates: true, + rbacpolicy.ResourceClusters: true, + rbacpolicy.ResourceGPGKeys: true, + rbacpolicy.ResourceLogs: true, + rbacpolicy.ResourceExec: true, + rbacpolicy.ResourceProjects: true, + rbacpolicy.ResourceRepositories: true, } // List of allowed RBAC actions @@ -295,9 +293,11 @@ func getPolicyFromConfigMap(cm *corev1.ConfigMap) (string, string, string) { if !ok { userPolicy = "" } - defaultRole, ok = cm.Data[rbac.ConfigMapPolicyDefaultKey] - if !ok { - defaultRole = "" + if defaultRole == "" { + defaultRole, ok = cm.Data[rbac.ConfigMapPolicyDefaultKey] + if !ok { + defaultRole = "" + } } return userPolicy, defaultRole, cm.Data[rbac.ConfigMapMatchModeKey] diff --git a/cmd/argocd/commands/admin/settings_rbac_test.go b/cmd/argocd/commands/admin/settings_rbac_test.go index a4b4b437e114c..49cd6b73ffb50 100644 --- a/cmd/argocd/commands/admin/settings_rbac_test.go +++ b/cmd/argocd/commands/admin/settings_rbac_test.go @@ -107,22 +107,6 @@ func Test_PolicyFromK8s(t *testing.T) { ok := checkPolicy("role:user", "get", "certificates", ".*", assets.BuiltinPolicyCSV, uPol, "role:readonly", "regex", true) require.False(t, ok) }) - t.Run("get logs", func(t *testing.T) { - ok := checkPolicy("role:test", "get", "logs", "*/*", assets.BuiltinPolicyCSV, uPol, dRole, "", true) - require.True(t, ok) - }) - t.Run("create exec", func(t *testing.T) { - ok := checkPolicy("role:test", "create", "exec", "*/*", assets.BuiltinPolicyCSV, uPol, dRole, "", true) - require.True(t, ok) - }) - t.Run("create applicationsets", func(t *testing.T) { - ok := checkPolicy("role:user", "create", "applicationsets", "*/*", assets.BuiltinPolicyCSV, uPol, dRole, "", true) - require.True(t, ok) - }) - t.Run("delete applicationsets", func(t *testing.T) { - ok := checkPolicy("role:user", "delete", "applicationsets", "*/*", assets.BuiltinPolicyCSV, uPol, dRole, "", true) - require.True(t, ok) - }) } func Test_PolicyFromK8sUsingRegex(t *testing.T) { @@ -132,12 +116,7 @@ func Test_PolicyFromK8sUsingRegex(t *testing.T) { p, role:user, clusters, get, .+, allow p, role:user, clusters, get, https://kubernetes.*, deny p, role:user, applications, get, .*, allow -p, role:user, applications, create, .*/.*, allow -p, role:user, applicationsets, create, .*/.*, allow -p, role:user, applicationsets, delete, .*/.*, allow -p, role:user, logs, get, .*/.*, allow -p, role:user, exec, create, .*/.*, allow -` +p, role:user, applications, create, .*/.*, allow` kubeclientset := fake.NewSimpleClientset(&v1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ @@ -183,20 +162,4 @@ p, role:, certificates, get, .*, allow` ok := checkPolicy("role:user", "get", "certificates", ".+", builtInPolicy, uPol, dRole, "glob", true) require.False(t, ok) }) - t.Run("get logs via glob match mode", func(t *testing.T) { - ok := checkPolicy("role:user", "get", "logs", ".*/.*", builtInPolicy, uPol, dRole, "glob", true) - require.True(t, ok) - }) - t.Run("create exec", func(t *testing.T) { - ok := checkPolicy("role:user", "create", "exec", ".*/.*", builtInPolicy, uPol, dRole, "regex", true) - require.True(t, ok) - }) - t.Run("create applicationsets", func(t *testing.T) { - ok := checkPolicy("role:user", "create", "applicationsets", ".*/.*", builtInPolicy, uPol, dRole, "regex", true) - require.True(t, ok) - }) - t.Run("delete applicationsets", func(t *testing.T) { - ok := checkPolicy("role:user", "delete", "applicationsets", ".*/.*", builtInPolicy, uPol, dRole, "regex", true) - require.True(t, ok) - }) } diff --git a/cmd/argocd/commands/admin/settings_test.go b/cmd/argocd/commands/admin/settings_test.go index 55c1c8c767012..696387d0e01fc 100644 --- a/cmd/argocd/commands/admin/settings_test.go +++ b/cmd/argocd/commands/admin/settings_test.go @@ -151,6 +151,13 @@ clientSecret: aaaabbbbccccddddeee`, }, containsSummary: "Dex is configured ('url' field is missing)", }, + "Plugins_ValidConfig": { + validator: "plugins", + data: map[string]string{ + "configManagementPlugins": `[{"name": "test1"}, {"name": "test2"}]`, + }, + containsSummary: "2 plugins", + }, "Kustomize_ModifiedOptions": { validator: "kustomize", containsSummary: "default options", @@ -226,17 +233,6 @@ spec: replicas: 0` ) -const ( - testCronJobYAML = `apiVersion: batch/v1 -kind: CronJob -metadata: - name: hello - namespace: test-ns - uid: "123" -spec: - schedule: "* * * * *"` -) - func tempFile(content string) (string, io.Closer, error) { f, err := os.CreateTemp("", "*.yaml") if err != nil { @@ -346,12 +342,6 @@ func TestResourceOverrideAction(t *testing.T) { } defer utils.Close(closer) - cronJobFile, closer, err := tempFile(testCronJobYAML) - if !assert.NoError(t, err) { - return - } - defer utils.Close(closer) - t.Run("NoActions", func(t *testing.T) { cmd := NewResourceOverridesCommand(newCmdContext(map[string]string{ "resource.customizations": `apps/Deployment: {}`})) @@ -364,7 +354,7 @@ func TestResourceOverrideAction(t *testing.T) { assert.Contains(t, out, "Actions are not configured") }) - t.Run("OldStyleActionConfigured", func(t *testing.T) { + t.Run("ActionConfigured", func(t *testing.T) { cmd := NewResourceOverridesCommand(newCmdContext(map[string]string{ "resource.customizations": `apps/Deployment: actions: | @@ -398,50 +388,4 @@ restart false resume false `) }) - - t.Run("NewStyleActionConfigured", func(t *testing.T) { - cmd := NewResourceOverridesCommand(newCmdContext(map[string]string{ - "resource.customizations": `batch/CronJob: - actions: | - discovery.lua: | - actions = {} - actions["create-a-job"] = {["disabled"] = false} - return actions - definitions: - - name: test - action.lua: | - job1 = {} - job1.apiVersion = "batch/v1" - job1.kind = "Job" - job1.metadata = {} - job1.metadata.name = "hello-1" - job1.metadata.namespace = "obj.metadata.namespace" - impactedResource1 = {} - impactedResource1.operation = "create" - impactedResource1.resource = job1 - result = {} - result[1] = impactedResource1 - return result -`})) - out, err := captureStdout(func() { - cmd.SetArgs([]string{"run-action", cronJobFile, "test"}) - err := cmd.Execute() - assert.NoError(t, err) - }) - assert.NoError(t, err) - assert.Contains(t, out, "resource was created:") - assert.Contains(t, out, "hello-1") - - out, err = captureStdout(func() { - cmd.SetArgs([]string{"list-actions", cronJobFile}) - err := cmd.Execute() - assert.NoError(t, err) - }) - - assert.NoError(t, err) - assert.Contains(t, out, "NAME") - assert.Contains(t, out, "ENABLED") - assert.Contains(t, out, "create-a-job") - assert.Contains(t, out, "false") - }) } diff --git a/cmd/argocd/commands/admin/testdata/rbac/argocd-rbac-cm.yaml b/cmd/argocd/commands/admin/testdata/rbac/argocd-rbac-cm.yaml index bf947fb8b7110..06cb30e8df665 100644 --- a/cmd/argocd/commands/admin/testdata/rbac/argocd-rbac-cm.yaml +++ b/cmd/argocd/commands/admin/testdata/rbac/argocd-rbac-cm.yaml @@ -8,8 +8,6 @@ data: p, role:user, applications, create, */*, allow p, role:user, applications, delete, *, allow p, role:user, applications, delete, */guestbook, deny - p, role:user, applicationsets, create, */*, allow - p, role:user, applicationsets, delete, */*, allow p, role:user, logs, get, */*, allow g, test, role:user policy.default: role:unknown diff --git a/cmd/argocd/commands/admin/testdata/rbac/policy.csv b/cmd/argocd/commands/admin/testdata/rbac/policy.csv index b18d0904f5f60..a92060ec3b4fe 100644 --- a/cmd/argocd/commands/admin/testdata/rbac/policy.csv +++ b/cmd/argocd/commands/admin/testdata/rbac/policy.csv @@ -5,8 +5,6 @@ p, role:user, applications, get, *, allow p, role:user, applications, create, */*, allow p, role:user, applications, delete, *, allow p, role:user, applications, delete, */guestbook, deny -p, role:user, applicationsets, create, */*, allow -p, role:user, applicationsets, delete, */*, allow p, role:test, certificates, get, *, allow p, role:test, logs, get, */*, allow p, role:test, exec, create, */*, allow diff --git a/cmd/argocd/commands/app.go b/cmd/argocd/commands/app.go index d0da5e1781e76..84b5c7c8b17f7 100644 --- a/cmd/argocd/commands/app.go +++ b/cmd/argocd/commands/app.go @@ -19,6 +19,7 @@ import ( "github.com/argoproj/gitops-engine/pkg/sync/hook" "github.com/argoproj/gitops-engine/pkg/sync/ignore" "github.com/argoproj/gitops-engine/pkg/utils/kube" + "github.com/ghodss/yaml" grpc_retry "github.com/grpc-ecosystem/go-grpc-middleware/retry" "github.com/mattn/go-isatty" log "github.com/sirupsen/logrus" @@ -29,16 +30,17 @@ import ( "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/utils/pointer" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/headless" cmdutil "github.com/argoproj/argo-cd/v2/cmd/util" "github.com/argoproj/argo-cd/v2/controller" argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" "github.com/argoproj/argo-cd/v2/pkg/apiclient/application" + applicationpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/application" clusterpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/cluster" projectpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/project" "github.com/argoproj/argo-cd/v2/pkg/apiclient/settings" + settingspkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/settings" argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" repoapiclient "github.com/argoproj/argo-cd/v2/reposerver/apiclient" "github.com/argoproj/argo-cd/v2/reposerver/repository" @@ -155,14 +157,14 @@ func NewApplicationCreateCommand(clientOpts *argocdclient.ClientOptions) *cobra. } conn, appIf := argocdClient.NewApplicationClientOrDie() defer argoio.Close(conn) - appCreateRequest := application.ApplicationCreateRequest{ + appCreateRequest := applicationpkg.ApplicationCreateRequest{ Application: app, Upsert: &upsert, Validate: &appOpts.Validate, } // Get app before creating to see if it is being updated or no change - existing, err := appIf.Get(ctx, &application.ApplicationQuery{Name: &app.Name}) + existing, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{Name: &app.Name}) unwrappedError := grpc.UnwrapGRPCStatus(err).Code() // As part of the fix for CVE-2022-41354, the API will return Permission Denied when an app does not exist. if unwrappedError != codes.NotFound && unwrappedError != codes.PermissionDenied { @@ -282,8 +284,8 @@ func NewApplicationGetCommand(clientOpts *argocdclient.ClientOptions) *cobra.Com conn, appIf := acdClient.NewApplicationClientOrDie() defer argoio.Close(conn) - appName, appNs := argo.ParseFromQualifiedName(args[0], "") - app, err := appIf.Get(ctx, &application.ApplicationQuery{ + appName, appNs := argo.ParseAppQualifiedName(args[0], "") + app, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{ Name: &appName, Refresh: getRefreshType(refresh, hardRefresh), AppNamespace: &appNs, @@ -366,12 +368,12 @@ func NewApplicationLogsCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co acdClient := headless.NewClientOrDie(clientOpts, c) conn, appIf := acdClient.NewApplicationClientOrDie() defer argoio.Close(conn) - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") retry := true for retry { retry = false - stream, err := appIf.PodLogs(ctx, &application.ApplicationPodLogsQuery{ + stream, err := appIf.PodLogs(ctx, &applicationpkg.ApplicationPodLogsQuery{ Name: &appName, Group: &group, Namespace: pointer.String(namespace), @@ -546,7 +548,7 @@ func appURLDefault(acdClient argocdclient.Client, appName string) string { func appURL(ctx context.Context, acdClient argocdclient.Client, appName string) string { conn, settingsIf := acdClient.NewSettingsClientOrDie() defer argoio.Close(conn) - argoSettings, err := settingsIf.Get(ctx, &settings.SettingsQuery{}) + argoSettings, err := settingsIf.Get(ctx, &settingspkg.SettingsQuery{}) errors.CheckError(err) if argoSettings.URL != "" { @@ -610,11 +612,11 @@ func NewApplicationSetCommand(clientOpts *argocdclient.ClientOptions) *cobra.Com c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") argocdClient := headless.NewClientOrDie(clientOpts, c) conn, appIf := argocdClient.NewApplicationClientOrDie() defer argoio.Close(conn) - app, err := appIf.Get(ctx, &application.ApplicationQuery{Name: &appName, AppNamespace: &appNs}) + app, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{Name: &appName, AppNamespace: &appNs}) errors.CheckError(err) visited := cmdutil.SetAppSpecOptions(c.Flags(), &app.Spec, &appOpts) @@ -625,7 +627,7 @@ func NewApplicationSetCommand(clientOpts *argocdclient.ClientOptions) *cobra.Com } setParameterOverrides(app, appOpts.Parameters) - _, err = appIf.UpdateSpec(ctx, &application.ApplicationUpdateSpecRequest{ + _, err = appIf.UpdateSpec(ctx, &applicationpkg.ApplicationUpdateSpecRequest{ Name: &app.Name, Spec: &app.Spec, Validate: &appOpts.Validate, @@ -688,10 +690,10 @@ func NewApplicationUnsetCommand(clientOpts *argocdclient.ClientOptions) *cobra.C c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) - app, err := appIf.Get(ctx, &application.ApplicationQuery{Name: &appName, AppNamespace: &appNs}) + app, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{Name: &appName, AppNamespace: &appNs}) errors.CheckError(err) source := app.Spec.GetSource() @@ -705,7 +707,7 @@ func NewApplicationUnsetCommand(clientOpts *argocdclient.ClientOptions) *cobra.C } cmdutil.SetAppSpecOptions(c.Flags(), &app.Spec, &appOpts) - _, err = appIf.UpdateSpec(ctx, &application.ApplicationUpdateSpecRequest{ + _, err = appIf.UpdateSpec(ctx, &applicationpkg.ApplicationUpdateSpecRequest{ Name: &app.Name, Spec: &app.Spec, Validate: &appOpts.Validate, @@ -794,11 +796,9 @@ func unset(source *argoappv1.ApplicationSource, opts unsetOpts) (updated bool, n } } } - if opts.valuesLiteral && !source.Helm.ValuesIsEmpty() { - err := source.Helm.SetValuesString("") - if err == nil { - updated = true - } + if opts.valuesLiteral && source.Helm.Values != "" { + source.Helm.Values = "" + updated = true } for _, valuesFile := range opts.valuesFiles { specValueFiles := source.Helm.ValueFiles @@ -846,9 +846,9 @@ func targetObjects(resources []*argoappv1.ResourceDiff) ([]*unstructured.Unstruc return objs, nil } -func getLocalObjects(ctx context.Context, app *argoappv1.Application, proj *argoappv1.AppProject, local, localRepoRoot, appLabelKey, kubeVersion string, apiVersions []string, kustomizeOptions *argoappv1.KustomizeOptions, - trackingMethod string) []*unstructured.Unstructured { - manifestStrings := getLocalObjectsString(ctx, app, proj, local, localRepoRoot, appLabelKey, kubeVersion, apiVersions, kustomizeOptions, trackingMethod) +func getLocalObjects(ctx context.Context, app *argoappv1.Application, local, localRepoRoot, appLabelKey, kubeVersion string, apiVersions []string, kustomizeOptions *argoappv1.KustomizeOptions, + configManagementPlugins []*argoappv1.ConfigManagementPlugin, trackingMethod string) []*unstructured.Unstructured { + manifestStrings := getLocalObjectsString(ctx, app, local, localRepoRoot, appLabelKey, kubeVersion, apiVersions, kustomizeOptions, configManagementPlugins, trackingMethod) objs := make([]*unstructured.Unstructured, len(manifestStrings)) for i := range manifestStrings { obj := unstructured.Unstructured{} @@ -859,21 +859,20 @@ func getLocalObjects(ctx context.Context, app *argoappv1.Application, proj *argo return objs } -func getLocalObjectsString(ctx context.Context, app *argoappv1.Application, proj *argoappv1.AppProject, local, localRepoRoot, appLabelKey, kubeVersion string, apiVersions []string, kustomizeOptions *argoappv1.KustomizeOptions, - trackingMethod string) []string { +func getLocalObjectsString(ctx context.Context, app *argoappv1.Application, local, localRepoRoot, appLabelKey, kubeVersion string, apiVersions []string, kustomizeOptions *argoappv1.KustomizeOptions, + configManagementPlugins []*argoappv1.ConfigManagementPlugin, trackingMethod string) []string { source := app.Spec.GetSource() res, err := repository.GenerateManifests(ctx, local, localRepoRoot, source.TargetRevision, &repoapiclient.ManifestRequest{ - Repo: &argoappv1.Repository{Repo: source.RepoURL}, - AppLabelKey: appLabelKey, - AppName: app.Name, - Namespace: app.Spec.Destination.Namespace, - ApplicationSource: &source, - KustomizeOptions: kustomizeOptions, - KubeVersion: kubeVersion, - ApiVersions: apiVersions, - TrackingMethod: trackingMethod, - ProjectName: proj.Name, - ProjectSourceRepos: proj.Spec.SourceRepos, + Repo: &argoappv1.Repository{Repo: source.RepoURL}, + AppLabelKey: appLabelKey, + AppName: app.Name, + Namespace: app.Spec.Destination.Namespace, + ApplicationSource: &source, + KustomizeOptions: kustomizeOptions, + KubeVersion: kubeVersion, + ApiVersions: apiVersions, + Plugins: configManagementPlugins, + TrackingMethod: trackingMethod, }, true, &git.NoopCredsStore{}, resource.MustParse("0"), nil) errors.CheckError(err) @@ -943,23 +942,23 @@ func NewApplicationDiffCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co clientset := headless.NewClientOrDie(clientOpts, c) conn, appIf := clientset.NewApplicationClientOrDie() defer argoio.Close(conn) - appName, appNs := argo.ParseFromQualifiedName(args[0], "") - app, err := appIf.Get(ctx, &application.ApplicationQuery{ + appName, appNs := argo.ParseAppQualifiedName(args[0], "") + app, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{ Name: &appName, Refresh: getRefreshType(refresh, hardRefresh), AppNamespace: &appNs, }) errors.CheckError(err) - resources, err := appIf.ManagedResources(ctx, &application.ResourcesQuery{ApplicationName: &appName, AppNamespace: &appNs}) + resources, err := appIf.ManagedResources(ctx, &applicationpkg.ResourcesQuery{ApplicationName: &appName, AppNamespace: &appNs}) errors.CheckError(err) conn, settingsIf := clientset.NewSettingsClientOrDie() defer argoio.Close(conn) - argoSettings, err := settingsIf.Get(ctx, &settings.SettingsQuery{}) + argoSettings, err := settingsIf.Get(ctx, &settingspkg.SettingsQuery{}) errors.CheckError(err) diffOption := &DifferenceOption{} if revision != "" { - q := application.ApplicationManifestQuery{ + q := applicationpkg.ApplicationManifestQuery{ Name: &appName, Revision: &revision, AppNamespace: &appNs, @@ -991,8 +990,7 @@ func NewApplicationDiffCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co diffOption.cluster = cluster } } - proj := getProject(c, clientOpts, ctx, app.Spec.Project) - foundDiffs := findandPrintDiff(ctx, app, proj.Project, resources, argoSettings, diffOption) + foundDiffs := findandPrintDiff(ctx, app, resources, argoSettings, appName, diffOption) if foundDiffs && exitCode { os.Exit(1) } @@ -1020,13 +1018,13 @@ type DifferenceOption struct { } // findandPrintDiff ... Prints difference between application current state and state stored in git or locally, returns boolean as true if difference is found else returns false -func findandPrintDiff(ctx context.Context, app *argoappv1.Application, proj *argoappv1.AppProject, resources *application.ManagedResourcesResponse, argoSettings *settings.Settings, diffOptions *DifferenceOption) bool { +func findandPrintDiff(ctx context.Context, app *argoappv1.Application, resources *applicationpkg.ManagedResourcesResponse, argoSettings *settingspkg.Settings, appName string, diffOptions *DifferenceOption) bool { var foundDiffs bool liveObjs, err := cmdutil.LiveObjects(resources.Items) errors.CheckError(err) items := make([]objKeyLiveTarget, 0) if diffOptions.local != "" { - localObjs := groupObjsByKey(getLocalObjects(ctx, app, proj, diffOptions.local, diffOptions.localRepoRoot, argoSettings.AppLabelKey, diffOptions.cluster.Info.ServerVersion, diffOptions.cluster.Info.APIVersions, argoSettings.KustomizeOptions, argoSettings.TrackingMethod), liveObjs, app.Spec.Destination.Namespace) + localObjs := groupObjsByKey(getLocalObjects(ctx, app, diffOptions.local, diffOptions.localRepoRoot, argoSettings.AppLabelKey, diffOptions.cluster.Info.ServerVersion, diffOptions.cluster.Info.APIVersions, argoSettings.KustomizeOptions, argoSettings.ConfigManagementPlugins, argoSettings.TrackingMethod), liveObjs, app.Spec.Destination.Namespace) items = groupObjsForDiff(resources, localObjs, items, argoSettings, app.InstanceName(argoSettings.ControllerNamespace), app.Spec.Destination.Namespace) } else if diffOptions.revision != "" { var unstructureds []*unstructured.Unstructured @@ -1187,8 +1185,8 @@ func NewApplicationDeleteCommand(clientOpts *argocdclient.ClientOptions) *cobra. } for _, appFullName := range appNames { - appName, appNs := argo.ParseFromQualifiedName(appFullName, "") - appDeleteReq := application.ApplicationDeleteRequest{ + appName, appNs := argo.ParseAppQualifiedName(appFullName, "") + appDeleteReq := applicationpkg.ApplicationDeleteRequest{ Name: &appName, AppNamespace: &appNs, } @@ -1299,7 +1297,7 @@ func NewApplicationListCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) - apps, err := appIf.List(ctx, &application.ApplicationQuery{ + apps, err := appIf.List(ctx, &applicationpkg.ApplicationQuery{ Selector: pointer.String(selector), AppNamespace: &appNamespace, }) @@ -1490,7 +1488,7 @@ func NewApplicationWaitCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co closer, appIf := acdClient.NewApplicationClientOrDie() defer argoio.Close(closer) if selector != "" { - list, err := appIf.List(ctx, &application.ApplicationQuery{Selector: pointer.String(selector)}) + list, err := appIf.List(ctx, &applicationpkg.ApplicationQuery{Selector: pointer.String(selector)}) errors.CheckError(err) for _, i := range list.Items { appNames = append(appNames, i.Name) @@ -1535,7 +1533,6 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co force bool replace bool serverSideApply bool - applyOutOfSyncOnly bool async bool retryLimit int64 retryBackoffDuration time.Duration @@ -1595,7 +1592,7 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co appNames := args if selector != "" || len(projects) > 0 { - list, err := appIf.List(ctx, &application.ApplicationQuery{Selector: pointer.String(selector), Projects: projects}) + list, err := appIf.List(ctx, &applicationpkg.ApplicationQuery{Selector: pointer.String(selector), Projects: projects}) errors.CheckError(err) // unlike list, we'd want to fail if nothing was found @@ -1616,10 +1613,10 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co } for _, appQualifiedName := range appNames { - appName, appNs := argo.ParseFromQualifiedName(appQualifiedName, "") + appName, appNs := argo.ParseAppQualifiedName(appQualifiedName, "") if len(selectedLabels) > 0 { - q := application.ApplicationManifestQuery{ + q := applicationpkg.ApplicationManifestQuery{ Name: &appName, AppNamespace: &appNs, Revision: &revision, @@ -1655,7 +1652,7 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co var localObjsStrings []string diffOption := &DifferenceOption{} - app, err := appIf.Get(ctx, &application.ApplicationQuery{ + app, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{ Name: &appName, AppNamespace: &appNs, }) @@ -1688,7 +1685,7 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co errors.CheckError(err) conn, settingsIf := acdClient.NewSettingsClientOrDie() - argoSettings, err := settingsIf.Get(ctx, &settings.SettingsQuery{}) + argoSettings, err := settingsIf.Get(ctx, &settingspkg.SettingsQuery{}) errors.CheckError(err) argoio.Close(conn) @@ -1697,17 +1694,15 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co cluster, err := clusterIf.Get(ctx, &clusterpkg.ClusterQuery{Name: app.Spec.Destination.Name, Server: app.Spec.Destination.Server}) errors.CheckError(err) argoio.Close(conn) - - proj := getProject(c, clientOpts, ctx, app.Spec.Project) - localObjsStrings = getLocalObjectsString(ctx, app, proj.Project, local, localRepoRoot, argoSettings.AppLabelKey, cluster.Info.ServerVersion, cluster.Info.APIVersions, argoSettings.KustomizeOptions, argoSettings.TrackingMethod) + localObjsStrings = getLocalObjectsString(ctx, app, local, localRepoRoot, argoSettings.AppLabelKey, cluster.Info.ServerVersion, cluster.Info.APIVersions, argoSettings.KustomizeOptions, argoSettings.ConfigManagementPlugins, argoSettings.TrackingMethod) errors.CheckError(err) diffOption.local = local diffOption.localRepoRoot = localRepoRoot diffOption.cluster = cluster } - syncOptionsFactory := func() *application.SyncOptions { - syncOptions := application.SyncOptions{} + syncOptionsFactory := func() *applicationpkg.SyncOptions { + syncOptions := applicationpkg.SyncOptions{} items := make([]string, 0) if replace { items = append(items, common.SyncOptionReplace) @@ -1715,9 +1710,6 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co if serverSideApply { items = append(items, common.SyncOptionServerSideApply) } - if applyOutOfSyncOnly { - items = append(items, common.SyncOptionApplyOutOfSyncOnly) - } if len(items) == 0 { // for prevent send even empty array if not need @@ -1727,7 +1719,7 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co return &syncOptions } - syncReq := application.ApplicationSyncRequest{ + syncReq := applicationpkg.ApplicationSyncRequest{ Name: &appName, AppNamespace: &appNs, DryRun: &dryRun, @@ -1760,20 +1752,18 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co } } if diffChanges { - resources, err := appIf.ManagedResources(ctx, &application.ResourcesQuery{ + resources, err := appIf.ManagedResources(ctx, &applicationpkg.ResourcesQuery{ ApplicationName: &appName, AppNamespace: &appNs, }) errors.CheckError(err) conn, settingsIf := acdClient.NewSettingsClientOrDie() defer argoio.Close(conn) - argoSettings, err := settingsIf.Get(ctx, &settings.SettingsQuery{}) + argoSettings, err := settingsIf.Get(ctx, &settingspkg.SettingsQuery{}) errors.CheckError(err) foundDiffs := false fmt.Printf("====== Previewing differences between live and desired state of application %s ======\n", appQualifiedName) - - proj := getProject(c, clientOpts, ctx, app.Spec.Project) - foundDiffs = findandPrintDiff(ctx, app, proj.Project, resources, argoSettings, diffOption) + foundDiffs = findandPrintDiff(ctx, app, resources, argoSettings, appQualifiedName, diffOption) if foundDiffs { if !diffChangesConfirm { yesno := cli.AskToProceed(fmt.Sprintf("Please review changes to application %s shown above. Do you want to continue the sync process? (y/n): ", appQualifiedName)) @@ -1822,7 +1812,6 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co command.Flags().BoolVar(&force, "force", false, "Use a force apply") command.Flags().BoolVar(&replace, "replace", false, "Use a kubectl create/replace instead apply") command.Flags().BoolVar(&serverSideApply, "server-side", false, "Use server-side apply while syncing the application") - command.Flags().BoolVar(&applyOutOfSyncOnly, "apply-out-of-sync-only", false, "Sync only out-of-sync resources") command.Flags().BoolVar(&async, "async", false, "Do not wait for application to sync before continuing") command.Flags().StringVar(&local, "local", "", "Path to a local directory. When this flag is present no git queries will be made") command.Flags().StringVar(&localRepoRoot, "local-repo-root", "/", "Path to the repository root. Used together with --local allows setting the repository root") @@ -1833,10 +1822,10 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co return command } -func getAppNamesBySelector(ctx context.Context, appIf application.ApplicationServiceClient, selector string) ([]string, error) { +func getAppNamesBySelector(ctx context.Context, appIf applicationpkg.ApplicationServiceClient, selector string) ([]string, error) { appNames := []string{} if selector != "" { - list, err := appIf.List(ctx, &application.ApplicationQuery{Selector: pointer.String(selector)}) + list, err := appIf.List(ctx, &applicationpkg.ApplicationQuery{Selector: pointer.String(selector)}) if err != nil { return []string{}, err } @@ -2024,14 +2013,14 @@ func waitOnApplicationStatus(ctx context.Context, acdClient argocdclient.Client, // time when the sync status lags behind when an operation completes refresh := false - appRealName, appNs := argo.ParseFromQualifiedName(appName, "") + appRealName, appNs := argo.ParseAppQualifiedName(appName, "") printFinalStatus := func(app *argoappv1.Application) *argoappv1.Application { var err error if refresh { conn, appClient := acdClient.NewApplicationClientOrDie() refreshType := string(argoappv1.RefreshTypeNormal) - app, err = appClient.Get(ctx, &application.ApplicationQuery{ + app, err = appClient.Get(ctx, &applicationpkg.ApplicationQuery{ Name: &appRealName, Refresh: &refreshType, AppNamespace: &appNs, @@ -2068,7 +2057,7 @@ func waitOnApplicationStatus(ctx context.Context, acdClient argocdclient.Client, prevStates := make(map[string]*resourceState) conn, appClient := acdClient.NewApplicationClientOrDie() defer argoio.Close(conn) - app, err := appClient.Get(ctx, &application.ApplicationQuery{ + app, err := appClient.Get(ctx, &applicationpkg.ApplicationQuery{ Name: &appRealName, AppNamespace: &appNs, }) @@ -2226,8 +2215,8 @@ func NewApplicationHistoryCommand(clientOpts *argocdclient.ClientOptions) *cobra } conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) - appName, appNs := argo.ParseFromQualifiedName(args[0], "") - app, err := appIf.Get(ctx, &application.ApplicationQuery{ + appName, appNs := argo.ParseAppQualifiedName(args[0], "") + app, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{ Name: &appName, AppNamespace: &appNs, }) @@ -2277,7 +2266,7 @@ func NewApplicationRollbackCommand(clientOpts *argocdclient.ClientOptions) *cobr c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") var err error depID := -1 if len(args) > 1 { @@ -2287,7 +2276,7 @@ func NewApplicationRollbackCommand(clientOpts *argocdclient.ClientOptions) *cobr acdClient := headless.NewClientOrDie(clientOpts, c) conn, appIf := acdClient.NewApplicationClientOrDie() defer argoio.Close(conn) - app, err := appIf.Get(ctx, &application.ApplicationQuery{ + app, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{ Name: &appName, AppNamespace: &appNs, }) @@ -2296,7 +2285,7 @@ func NewApplicationRollbackCommand(clientOpts *argocdclient.ClientOptions) *cobr depInfo, err := findRevisionHistory(app, int64(depID)) errors.CheckError(err) - _, err = appIf.Rollback(ctx, &application.ApplicationRollbackRequest{ + _, err = appIf.Rollback(ctx, &applicationpkg.ApplicationRollbackRequest{ Name: &appName, AppNamespace: &appNs, Id: pointer.Int64(depInfo.ID), @@ -2359,11 +2348,11 @@ func NewApplicationManifestsCommand(clientOpts *argocdclient.ClientOptions) *cob c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") clientset := headless.NewClientOrDie(clientOpts, c) conn, appIf := clientset.NewApplicationClientOrDie() defer argoio.Close(conn) - resources, err := appIf.ManagedResources(ctx, &application.ResourcesQuery{ + resources, err := appIf.ManagedResources(ctx, &applicationpkg.ResourcesQuery{ ApplicationName: &appName, AppNamespace: &appNs, }) @@ -2373,12 +2362,12 @@ func NewApplicationManifestsCommand(clientOpts *argocdclient.ClientOptions) *cob switch source { case "git": if local != "" { - app, err := appIf.Get(context.Background(), &application.ApplicationQuery{Name: &appName}) + app, err := appIf.Get(context.Background(), &applicationpkg.ApplicationQuery{Name: &appName}) errors.CheckError(err) settingsConn, settingsIf := clientset.NewSettingsClientOrDie() defer argoio.Close(settingsConn) - argoSettings, err := settingsIf.Get(context.Background(), &settings.SettingsQuery{}) + argoSettings, err := settingsIf.Get(context.Background(), &settingspkg.SettingsQuery{}) errors.CheckError(err) clusterConn, clusterIf := clientset.NewClusterClientOrDie() @@ -2386,10 +2375,9 @@ func NewApplicationManifestsCommand(clientOpts *argocdclient.ClientOptions) *cob cluster, err := clusterIf.Get(context.Background(), &clusterpkg.ClusterQuery{Name: app.Spec.Destination.Name, Server: app.Spec.Destination.Server}) errors.CheckError(err) - proj := getProject(c, clientOpts, ctx, app.Spec.Project) - unstructureds = getLocalObjects(context.Background(), app, proj.Project, local, localRepoRoot, argoSettings.AppLabelKey, cluster.ServerVersion, cluster.Info.APIVersions, argoSettings.KustomizeOptions, argoSettings.TrackingMethod) + unstructureds = getLocalObjects(context.Background(), app, local, localRepoRoot, argoSettings.AppLabelKey, cluster.ServerVersion, cluster.Info.APIVersions, argoSettings.KustomizeOptions, argoSettings.ConfigManagementPlugins, argoSettings.TrackingMethod) } else if revision != "" { - q := application.ApplicationManifestQuery{ + q := applicationpkg.ApplicationManifestQuery{ Name: &appName, AppNamespace: &appNs, Revision: pointer.String(revision), @@ -2442,10 +2430,10 @@ func NewApplicationTerminateOpCommand(clientOpts *argocdclient.ClientOptions) *c c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) - _, err := appIf.TerminateOperation(ctx, &application.OperationTerminateRequest{ + _, err := appIf.TerminateOperation(ctx, &applicationpkg.OperationTerminateRequest{ Name: &appName, AppNamespace: &appNs, }) @@ -2467,10 +2455,10 @@ func NewApplicationEditCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) - app, err := appIf.Get(ctx, &application.ApplicationQuery{ + app, err := appIf.Get(ctx, &applicationpkg.ApplicationQuery{ Name: &appName, AppNamespace: &appNs, }) @@ -2494,7 +2482,7 @@ func NewApplicationEditCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co var appOpts cmdutil.AppOptions cmdutil.SetAppSpecOptions(c.Flags(), &app.Spec, &appOpts) - _, err = appIf.UpdateSpec(ctx, &application.ApplicationUpdateSpecRequest{ + _, err = appIf.UpdateSpec(ctx, &applicationpkg.ApplicationUpdateSpecRequest{ Name: &appName, Spec: &updatedSpec, Validate: &appOpts.Validate, @@ -2529,11 +2517,11 @@ func NewApplicationPatchCommand(clientOpts *argocdclient.ClientOptions) *cobra.C c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) - patchedApp, err := appIf.Patch(ctx, &application.ApplicationPatchRequest{ + patchedApp, err := appIf.Patch(ctx, &applicationpkg.ApplicationPatchRequest{ Name: &appName, Patch: &patch, PatchType: &patchType, diff --git a/cmd/argocd/commands/app_actions.go b/cmd/argocd/commands/app_actions.go index 48a5e4ce58bed..ad3693c085749 100644 --- a/cmd/argocd/commands/app_actions.go +++ b/cmd/argocd/commands/app_actions.go @@ -10,10 +10,10 @@ import ( "github.com/argoproj/argo-cd/v2/cmd/util" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" "k8s.io/utils/pointer" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/headless" argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" @@ -66,7 +66,7 @@ func NewApplicationResourceActionsListCommand(clientOpts *argocdclient.ClientOpt c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer io.Close(conn) resources, err := getActionableResourcesForApplication(appIf, ctx, &appNs, &appName) @@ -152,7 +152,7 @@ func NewApplicationResourceActionsRunCommand(clientOpts *argocdclient.ClientOpti c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") actionName := args[1] conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() diff --git a/cmd/argocd/commands/app_resources.go b/cmd/argocd/commands/app_resources.go index 60ba6efff406e..02c1054b6372d 100644 --- a/cmd/argocd/commands/app_resources.go +++ b/cmd/argocd/commands/app_resources.go @@ -54,7 +54,7 @@ func NewApplicationPatchResourceCommand(clientOpts *argocdclient.ClientOptions) c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) @@ -116,7 +116,7 @@ func NewApplicationDeleteResourceCommand(clientOpts *argocdclient.ClientOptions) c.HelpFunc()(c, args) os.Exit(1) } - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) @@ -182,7 +182,7 @@ func NewApplicationListResourcesCommand(clientOpts *argocdclient.ClientOptions) os.Exit(1) } listAll := !c.Flag("orphaned").Changed - appName, appNs := argo.ParseFromQualifiedName(args[0], "") + appName, appNs := argo.ParseAppQualifiedName(args[0], "") conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationClientOrDie() defer argoio.Close(conn) appResourceTree, err := appIf.ResourceTree(ctx, &applicationpkg.ResourcesQuery{ diff --git a/cmd/argocd/commands/app_test.go b/cmd/argocd/commands/app_test.go index 0880fdc1c1ae5..179e84982b1d6 100644 --- a/cmd/argocd/commands/app_test.go +++ b/cmd/argocd/commands/app_test.go @@ -9,6 +9,7 @@ import ( argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" "github.com/argoproj/argo-cd/v2/pkg/apis/application" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/gitops-engine/pkg/health" "github.com/argoproj/gitops-engine/pkg/utils/kube" "github.com/google/go-cmp/cmp" @@ -16,7 +17,6 @@ import ( "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/intstr" ) @@ -307,8 +307,8 @@ func Test_groupObjsByKey(t *testing.T) { } expected := map[kube.ResourceKey]*unstructured.Unstructured{ - {Group: "", Kind: "Pod", Namespace: "default", Name: "pod-name"}: localObjs[0], - {Group: "apiextensions.k8s.io", Kind: "CustomResourceDefinition", Namespace: "", Name: "certificates.cert-manager.io"}: localObjs[1], + kube.ResourceKey{Group: "", Kind: "Pod", Namespace: "default", Name: "pod-name"}: localObjs[0], + kube.ResourceKey{Group: "apiextensions.k8s.io", Kind: "CustomResourceDefinition", Namespace: "", Name: "certificates.cert-manager.io"}: localObjs[1], } objByKey := groupObjsByKey(localObjs, liveObjs, "default") @@ -779,7 +779,7 @@ func Test_unset(t *testing.T) { }, }, PassCredentials: true, - ValuesObject: &runtime.RawExtension{Raw: []byte("some: yaml")}, + Values: "some: yaml", ValueFiles: []string{ "values-1.yaml", "values-2.yaml", @@ -865,9 +865,9 @@ func Test_unset(t *testing.T) { assert.False(t, updated) assert.False(t, nothingToUnset) - assert.Equal(t, "some: yaml", helmSource.Helm.ValuesString()) + assert.Equal(t, "some: yaml", helmSource.Helm.Values) updated, nothingToUnset = unset(helmSource, unsetOpts{valuesLiteral: true}) - assert.Equal(t, "", helmSource.Helm.ValuesString()) + assert.Equal(t, "", helmSource.Helm.Values) assert.True(t, updated) assert.False(t, nothingToUnset) updated, nothingToUnset = unset(helmSource, unsetOpts{valuesLiteral: true}) @@ -973,49 +973,49 @@ func TestFilterAppResources(t *testing.T) { } // Resource filters var ( - blankValues = v1alpha1.SyncOperationResource{ + blankValues = argoappv1.SyncOperationResource{ Group: "", Kind: "", Name: "", Namespace: "", Exclude: false} // *:*:* - includeAllResources = v1alpha1.SyncOperationResource{ + includeAllResources = argoappv1.SyncOperationResource{ Group: "*", Kind: "*", Name: "*", Namespace: "", Exclude: false} // !*:*:* - excludeAllResources = v1alpha1.SyncOperationResource{ + excludeAllResources = argoappv1.SyncOperationResource{ Group: "*", Kind: "*", Name: "*", Namespace: "", Exclude: true} // *:Service:* - includeAllServiceResources = v1alpha1.SyncOperationResource{ + includeAllServiceResources = argoappv1.SyncOperationResource{ Group: "*", Kind: "Service", Name: "*", Namespace: "", Exclude: false} // !*:Service:* - excludeAllServiceResources = v1alpha1.SyncOperationResource{ + excludeAllServiceResources = argoappv1.SyncOperationResource{ Group: "*", Kind: "Service", Name: "*", Namespace: "", Exclude: true} // apps:ReplicaSet:replicaSet-name1 - includeReplicaSet1Resource = v1alpha1.SyncOperationResource{ + includeReplicaSet1Resource = argoappv1.SyncOperationResource{ Group: "apps", Kind: "ReplicaSet", Name: "replicaSet-name1", Namespace: "", Exclude: false} // !apps:ReplicaSet:replicaSet-name2 - excludeReplicaSet2Resource = v1alpha1.SyncOperationResource{ + excludeReplicaSet2Resource = argoappv1.SyncOperationResource{ Group: "apps", Kind: "ReplicaSet", Name: "replicaSet-name2", @@ -1064,60 +1064,60 @@ func TestFilterAppResources(t *testing.T) { ) tests := []struct { testName string - selectedResources []*v1alpha1.SyncOperationResource - expectedResult []*v1alpha1.SyncOperationResource + selectedResources []*argoappv1.SyncOperationResource + expectedResult []*argoappv1.SyncOperationResource }{ - // --resource apps:ReplicaSet:replicaSet-name1 --resource *:Service:* + //--resource apps:ReplicaSet:replicaSet-name1 --resource *:Service:* {testName: "Include ReplicaSet replicaSet-name1 resouce and all service resources", - selectedResources: []*v1alpha1.SyncOperationResource{&includeAllServiceResources, &includeReplicaSet1Resource}, - expectedResult: []*v1alpha1.SyncOperationResource{&replicaSet1, &service1, &service2}, + selectedResources: []*argoappv1.SyncOperationResource{&includeAllServiceResources, &includeReplicaSet1Resource}, + expectedResult: []*argoappv1.SyncOperationResource{&replicaSet1, &service1, &service2}, }, - // --resource apps:ReplicaSet:replicaSet-name1 --resource !*:Service:* + //--resource apps:ReplicaSet:replicaSet-name1 --resource !*:Service:* {testName: "Include ReplicaSet replicaSet-name1 resouce and exclude all service resources", - selectedResources: []*v1alpha1.SyncOperationResource{&excludeAllServiceResources, &includeReplicaSet1Resource}, - expectedResult: []*v1alpha1.SyncOperationResource{&replicaSet1, &replicaSet2, &job, &deployment}, + selectedResources: []*argoappv1.SyncOperationResource{&excludeAllServiceResources, &includeReplicaSet1Resource}, + expectedResult: []*argoappv1.SyncOperationResource{&replicaSet1, &replicaSet2, &job, &deployment}, }, // --resource !apps:ReplicaSet:replicaSet-name2 --resource !*:Service:* {testName: "Exclude ReplicaSet replicaSet-name2 resouce and all service resources", - selectedResources: []*v1alpha1.SyncOperationResource{&excludeReplicaSet2Resource, &excludeAllServiceResources}, - expectedResult: []*v1alpha1.SyncOperationResource{&replicaSet1, &replicaSet2, &job, &service1, &service2, &deployment}, + selectedResources: []*argoappv1.SyncOperationResource{&excludeReplicaSet2Resource, &excludeAllServiceResources}, + expectedResult: []*argoappv1.SyncOperationResource{&replicaSet1, &replicaSet2, &job, &service1, &service2, &deployment}, }, // --resource !apps:ReplicaSet:replicaSet-name2 {testName: "Exclude ReplicaSet replicaSet-name2 resouce", - selectedResources: []*v1alpha1.SyncOperationResource{&excludeReplicaSet2Resource}, - expectedResult: []*v1alpha1.SyncOperationResource{&replicaSet1, &job, &service1, &service2, &deployment}, + selectedResources: []*argoappv1.SyncOperationResource{&excludeReplicaSet2Resource}, + expectedResult: []*argoappv1.SyncOperationResource{&replicaSet1, &job, &service1, &service2, &deployment}, }, // --resource apps:ReplicaSet:replicaSet-name1 {testName: "Include ReplicaSet replicaSet-name1 resouce", - selectedResources: []*v1alpha1.SyncOperationResource{&includeReplicaSet1Resource}, - expectedResult: []*v1alpha1.SyncOperationResource{&replicaSet1}, + selectedResources: []*argoappv1.SyncOperationResource{&includeReplicaSet1Resource}, + expectedResult: []*argoappv1.SyncOperationResource{&replicaSet1}, }, // --resource !*:Service:* {testName: "Exclude Service resouces", - selectedResources: []*v1alpha1.SyncOperationResource{&excludeAllServiceResources}, - expectedResult: []*v1alpha1.SyncOperationResource{&replicaSet1, &replicaSet2, &job, &deployment}, + selectedResources: []*argoappv1.SyncOperationResource{&excludeAllServiceResources}, + expectedResult: []*argoappv1.SyncOperationResource{&replicaSet1, &replicaSet2, &job, &deployment}, }, // --resource *:Service:* {testName: "Include Service resouces", - selectedResources: []*v1alpha1.SyncOperationResource{&includeAllServiceResources}, - expectedResult: []*v1alpha1.SyncOperationResource{&service1, &service2}, + selectedResources: []*argoappv1.SyncOperationResource{&includeAllServiceResources}, + expectedResult: []*argoappv1.SyncOperationResource{&service1, &service2}, }, // --resource !*:*:* {testName: "Exclude all resouces", - selectedResources: []*v1alpha1.SyncOperationResource{&excludeAllResources}, + selectedResources: []*argoappv1.SyncOperationResource{&excludeAllResources}, expectedResult: nil, }, // --resource *:*:* {testName: "Include all resouces", - selectedResources: []*v1alpha1.SyncOperationResource{&includeAllResources}, - expectedResult: []*v1alpha1.SyncOperationResource{&replicaSet1, &replicaSet2, &job, &service1, &service2, &deployment}, + selectedResources: []*argoappv1.SyncOperationResource{&includeAllResources}, + expectedResult: []*argoappv1.SyncOperationResource{&replicaSet1, &replicaSet2, &job, &service1, &service2, &deployment}, }, {testName: "No Filters", - selectedResources: []*v1alpha1.SyncOperationResource{&blankValues}, + selectedResources: []*argoappv1.SyncOperationResource{&blankValues}, expectedResult: nil, }, {testName: "Empty Filter", - selectedResources: []*v1alpha1.SyncOperationResource{}, + selectedResources: []*argoappv1.SyncOperationResource{}, expectedResult: nil, }, } @@ -1440,8 +1440,8 @@ func TestCheckResourceStatus(t *testing.T) { func Test_hasAppChanged(t *testing.T) { type args struct { - appReq *v1alpha1.Application - appRes *v1alpha1.Application + appReq *argoappv1.Application + appRes *argoappv1.Application upsert bool } tests := []struct { @@ -1503,16 +1503,16 @@ func Test_hasAppChanged(t *testing.T) { } } -func testApp(name, project string, labels map[string]string, annotations map[string]string, finalizers []string) *v1alpha1.Application { - return &v1alpha1.Application{ +func testApp(name, project string, labels map[string]string, annotations map[string]string, finalizers []string) *argoappv1.Application { + return &argoappv1.Application{ ObjectMeta: metav1.ObjectMeta{ Name: name, Labels: labels, Annotations: annotations, Finalizers: finalizers, }, - Spec: v1alpha1.ApplicationSpec{ - Source: &v1alpha1.ApplicationSource{ + Spec: argoappv1.ApplicationSpec{ + Source: &argoappv1.ApplicationSource{ RepoURL: "https://github.com/argoproj/argocd-example-apps.git", }, Project: project, diff --git a/cmd/argocd/commands/applicationset.go b/cmd/argocd/commands/applicationset.go index a328842a67bb5..8a60d0ea23361 100644 --- a/cmd/argocd/commands/applicationset.go +++ b/cmd/argocd/commands/applicationset.go @@ -16,7 +16,6 @@ import ( argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" "github.com/argoproj/argo-cd/v2/pkg/apiclient/applicationset" arogappsetv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - "github.com/argoproj/argo-cd/v2/util/argo" "github.com/argoproj/argo-cd/v2/util/cli" "github.com/argoproj/argo-cd/v2/util/errors" "github.com/argoproj/argo-cd/v2/util/grpc" @@ -77,10 +76,8 @@ func NewApplicationSetGetCommand(clientOpts *argocdclient.ClientOptions) *cobra. acdClient := headless.NewClientOrDie(clientOpts, c) conn, appIf := acdClient.NewApplicationSetClientOrDie() defer argoio.Close(conn) - - appSetName, appSetNs := argo.ParseFromQualifiedName(args[0], "") - - appSet, err := appIf.Get(ctx, &applicationset.ApplicationSetGetQuery{Name: appSetName, AppsetNamespace: appSetNs}) + appSetName := args[0] + appSet, err := appIf.Get(ctx, &applicationset.ApplicationSetGetQuery{Name: appSetName}) errors.CheckError(err) switch output { @@ -179,10 +176,9 @@ func NewApplicationSetCreateCommand(clientOpts *argocdclient.ClientOptions) *cob // NewApplicationSetListCommand returns a new instance of an `argocd appset list` command func NewApplicationSetListCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { var ( - output string - selector string - projects []string - appSetNamespace string + output string + selector string + projects []string ) var command = &cobra.Command{ Use: "list", @@ -196,7 +192,7 @@ func NewApplicationSetListCommand(clientOpts *argocdclient.ClientOptions) *cobra conn, appIf := headless.NewClientOrDie(clientOpts, c).NewApplicationSetClientOrDie() defer argoio.Close(conn) - appsets, err := appIf.List(ctx, &applicationset.ApplicationSetListQuery{Selector: selector, Projects: projects, AppsetNamespace: appSetNamespace}) + appsets, err := appIf.List(ctx, &applicationset.ApplicationSetListQuery{Selector: selector, Projects: projects}) errors.CheckError(err) appsetList := appsets.Items @@ -217,7 +213,6 @@ func NewApplicationSetListCommand(clientOpts *argocdclient.ClientOptions) *cobra command.Flags().StringVarP(&output, "output", "o", "wide", "Output format. One of: wide|name|json|yaml") command.Flags().StringVarP(&selector, "selector", "l", "", "List applicationsets by label") command.Flags().StringArrayVarP(&projects, "project", "p", []string{}, "Filter by project name") - command.Flags().StringVarP(&appSetNamespace, "appset-namespace", "N", "", "Only list applicationsets in namespace") return command } @@ -250,22 +245,18 @@ func NewApplicationSetDeleteCommand(clientOpts *argocdclient.ClientOptions) *cob if promptFlag.Changed && promptFlag.Value.String() == "true" { noPrompt = true } - for _, appSetQualifiedName := range args { - - appSetName, appSetNs := argo.ParseFromQualifiedName(appSetQualifiedName, "") - + for _, appsetName := range args { appsetDeleteReq := applicationset.ApplicationSetDeleteRequest{ - Name: appSetName, - AppsetNamespace: appSetNs, + Name: appsetName, } if isTerminal && !noPrompt { var lowercaseAnswer string if numOfApps == 1 { - lowercaseAnswer = cli.AskToProceedS("Are you sure you want to delete '" + appSetQualifiedName + "' and all its Applications? [y/n] ") + lowercaseAnswer = cli.AskToProceedS("Are you sure you want to delete '" + appsetName + "' and all its Applications? [y/n] ") } else { if !isConfirmAll { - lowercaseAnswer = cli.AskToProceedS("Are you sure you want to delete '" + appSetQualifiedName + "' and all its Applications? [y/n/A] where 'A' is to delete all specified ApplicationSets and their Applications without prompting") + lowercaseAnswer = cli.AskToProceedS("Are you sure you want to delete '" + appsetName + "' and all its Applications? [y/n/A] where 'A' is to delete all specified ApplicationSets and their Applications without prompting") if lowercaseAnswer == "a" || lowercaseAnswer == "all" { lowercaseAnswer = "y" isConfirmAll = true @@ -277,9 +268,9 @@ func NewApplicationSetDeleteCommand(clientOpts *argocdclient.ClientOptions) *cob if lowercaseAnswer == "y" || lowercaseAnswer == "yes" { _, err := appIf.Delete(ctx, &appsetDeleteReq) errors.CheckError(err) - fmt.Printf("applicationset '%s' deleted\n", appSetQualifiedName) + fmt.Printf("applicationset '%s' deleted\n", appsetName) } else { - fmt.Println("The command to delete '" + appSetQualifiedName + "' was cancelled.") + fmt.Println("The command to delete '" + appsetName + "' was cancelled.") } } else { _, err := appIf.Delete(ctx, &appsetDeleteReq) @@ -295,7 +286,7 @@ func NewApplicationSetDeleteCommand(clientOpts *argocdclient.ClientOptions) *cob // Print simple list of application names func printApplicationSetNames(apps []arogappsetv1.ApplicationSet) { for _, app := range apps { - fmt.Println(app.QualifiedName()) + fmt.Println(app.Name) } } @@ -303,12 +294,12 @@ func printApplicationSetNames(apps []arogappsetv1.ApplicationSet) { func printApplicationSetTable(apps []arogappsetv1.ApplicationSet, output *string) { w := tabwriter.NewWriter(os.Stdout, 0, 0, 2, ' ', 0) var fmtStr string - headers := []interface{}{"NAME", "PROJECT", "SYNCPOLICY", "CONDITIONS"} + headers := []interface{}{"NAME", "NAMESPACE", "PROJECT", "SYNCPOLICY", "CONDITIONS"} if *output == "wide" { - fmtStr = "%s\t%s\t%s\t%s\t%s\t%s\t%s\n" + fmtStr = "%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n" headers = append(headers, "REPO", "PATH", "TARGET") } else { - fmtStr = "%s\t%s\t%s\t%s\n" + fmtStr = "%s\t%s\t%s\t%s\t%s\n" } _, _ = fmt.Fprintf(w, fmtStr, headers...) for _, app := range apps { @@ -319,7 +310,8 @@ func printApplicationSetTable(apps []arogappsetv1.ApplicationSet, output *string } } vals := []interface{}{ - app.QualifiedName(), + app.ObjectMeta.Name, + app.ObjectMeta.Namespace, app.Spec.Template.Spec.Project, app.Spec.SyncPolicy, conditions, @@ -342,7 +334,7 @@ func getServerForAppSet(appSet *arogappsetv1.ApplicationSet) string { func printAppSetSummaryTable(appSet *arogappsetv1.ApplicationSet) { source := appSet.Spec.Template.Spec.GetSource() - fmt.Printf(printOpFmtStr, "Name:", appSet.QualifiedName()) + fmt.Printf(printOpFmtStr, "Name:", appSet.Name) fmt.Printf(printOpFmtStr, "Project:", appSet.Spec.Template.Spec.GetProject()) fmt.Printf(printOpFmtStr, "Server:", getServerForAppSet(appSet)) fmt.Printf(printOpFmtStr, "Namespace:", appSet.Spec.Template.Spec.Destination.Namespace) diff --git a/cmd/argocd/commands/applicationset_test.go b/cmd/argocd/commands/applicationset_test.go index 18e5f85feebbc..074c4d2b76bfc 100644 --- a/cmd/argocd/commands/applicationset_test.go +++ b/cmd/argocd/commands/applicationset_test.go @@ -6,27 +6,22 @@ import ( "testing" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + arogappsetv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) func TestPrintApplicationSetNames(t *testing.T) { output, _ := captureOutput(func() error { - appSet := &v1alpha1.ApplicationSet{ + appSet := &arogappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "test", }, } - appSet2 := &v1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "team-one", - Name: "test", - }, - } - printApplicationSetNames([]v1alpha1.ApplicationSet{*appSet, *appSet2}) + printApplicationSetNames([]arogappsetv1.ApplicationSet{*appSet, *appSet}) return nil }) - expectation := "test\nteam-one/test\n" + expectation := "test\ntest\n" if output != expectation { t.Fatalf("Incorrect print params output %q, should be %q", output, expectation) } @@ -34,143 +29,108 @@ func TestPrintApplicationSetNames(t *testing.T) { func TestPrintApplicationSetTable(t *testing.T) { output, err := captureOutput(func() error { - app := &v1alpha1.ApplicationSet{ + app := &arogappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "app-name", }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Git: &v1alpha1.GitGenerator{ - RepoURL: "https://github.com/argoproj/argo-cd.git", - Revision: "head", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { - Path: "applicationset/examples/git-generator-directory/cluster-addons/*", - }, - }, - }, - }, - }, - Template: v1alpha1.ApplicationSetTemplate{ - Spec: v1alpha1.ApplicationSpec{ - Project: "default", - }, - }, - }, - Status: v1alpha1.ApplicationSetStatus{ - Conditions: []v1alpha1.ApplicationSetCondition{ - { - Status: v1alpha1.ApplicationSetConditionStatusTrue, - Type: v1alpha1.ApplicationSetConditionResourcesUpToDate, - }, - }, - }, - } - - app2 := &v1alpha1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: "app-name", - Namespace: "team-two", - }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Git: &v1alpha1.GitGenerator{ + Spec: arogappsetv1.ApplicationSetSpec{ + Generators: []arogappsetv1.ApplicationSetGenerator{ + arogappsetv1.ApplicationSetGenerator{ + Git: &arogappsetv1.GitGenerator{ RepoURL: "https://github.com/argoproj/argo-cd.git", Revision: "head", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { + Directories: []arogappsetv1.GitDirectoryGeneratorItem{ + arogappsetv1.GitDirectoryGeneratorItem{ Path: "applicationset/examples/git-generator-directory/cluster-addons/*", }, }, }, }, }, - Template: v1alpha1.ApplicationSetTemplate{ + Template: arogappsetv1.ApplicationSetTemplate{ Spec: v1alpha1.ApplicationSpec{ Project: "default", }, }, }, - Status: v1alpha1.ApplicationSetStatus{ - Conditions: []v1alpha1.ApplicationSetCondition{ - { + Status: arogappsetv1.ApplicationSetStatus{ + Conditions: []arogappsetv1.ApplicationSetCondition{ + arogappsetv1.ApplicationSetCondition{ Status: v1alpha1.ApplicationSetConditionStatusTrue, - Type: v1alpha1.ApplicationSetConditionResourcesUpToDate, + Type: arogappsetv1.ApplicationSetConditionResourcesUpToDate, }, }, }, } output := "table" - printApplicationSetTable([]v1alpha1.ApplicationSet{*app, *app2}, &output) + printApplicationSetTable([]arogappsetv1.ApplicationSet{*app, *app}, &output) return nil }) assert.NoError(t, err) - expectation := "NAME PROJECT SYNCPOLICY CONDITIONS\napp-name default nil [{ResourcesUpToDate True }]\nteam-two/app-name default nil [{ResourcesUpToDate True }]\n" + expectation := "NAME NAMESPACE PROJECT SYNCPOLICY CONDITIONS\napp-name default nil [{ResourcesUpToDate True }]\napp-name default nil [{ResourcesUpToDate True }]\n" assert.Equal(t, expectation, output) } func TestPrintAppSetSummaryTable(t *testing.T) { - baseAppSet := &v1alpha1.ApplicationSet{ + baseAppSet := &arogappsetv1.ApplicationSet{ ObjectMeta: metav1.ObjectMeta{ Name: "app-name", }, - Spec: v1alpha1.ApplicationSetSpec{ - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Git: &v1alpha1.GitGenerator{ + Spec: arogappsetv1.ApplicationSetSpec{ + Generators: []arogappsetv1.ApplicationSetGenerator{ + arogappsetv1.ApplicationSetGenerator{ + Git: &arogappsetv1.GitGenerator{ RepoURL: "https://github.com/argoproj/argo-cd.git", Revision: "head", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { + Directories: []arogappsetv1.GitDirectoryGeneratorItem{ + arogappsetv1.GitDirectoryGeneratorItem{ Path: "applicationset/examples/git-generator-directory/cluster-addons/*", }, }, }, }, }, - Template: v1alpha1.ApplicationSetTemplate{ + Template: arogappsetv1.ApplicationSetTemplate{ Spec: v1alpha1.ApplicationSpec{ Project: "default", }, }, }, - Status: v1alpha1.ApplicationSetStatus{ - Conditions: []v1alpha1.ApplicationSetCondition{ - { + Status: arogappsetv1.ApplicationSetStatus{ + Conditions: []arogappsetv1.ApplicationSetCondition{ + arogappsetv1.ApplicationSetCondition{ Status: v1alpha1.ApplicationSetConditionStatusTrue, - Type: v1alpha1.ApplicationSetConditionResourcesUpToDate, + Type: arogappsetv1.ApplicationSetConditionResourcesUpToDate, }, }, }, } appsetSpecSyncPolicy := baseAppSet.DeepCopy() - appsetSpecSyncPolicy.Spec.SyncPolicy = &v1alpha1.ApplicationSetSyncPolicy{ + appsetSpecSyncPolicy.Spec.SyncPolicy = &arogappsetv1.ApplicationSetSyncPolicy{ PreserveResourcesOnDeletion: true, } appSetTemplateSpecSyncPolicy := baseAppSet.DeepCopy() - appSetTemplateSpecSyncPolicy.Spec.Template.Spec.SyncPolicy = &v1alpha1.SyncPolicy{ - Automated: &v1alpha1.SyncPolicyAutomated{ + appSetTemplateSpecSyncPolicy.Spec.Template.Spec.SyncPolicy = &arogappsetv1.SyncPolicy{ + Automated: &arogappsetv1.SyncPolicyAutomated{ SelfHeal: true, }, } appSetBothSyncPolicies := baseAppSet.DeepCopy() - appSetBothSyncPolicies.Spec.SyncPolicy = &v1alpha1.ApplicationSetSyncPolicy{ + appSetBothSyncPolicies.Spec.SyncPolicy = &arogappsetv1.ApplicationSetSyncPolicy{ PreserveResourcesOnDeletion: true, } - appSetBothSyncPolicies.Spec.Template.Spec.SyncPolicy = &v1alpha1.SyncPolicy{ - Automated: &v1alpha1.SyncPolicyAutomated{ + appSetBothSyncPolicies.Spec.Template.Spec.SyncPolicy = &arogappsetv1.SyncPolicy{ + Automated: &arogappsetv1.SyncPolicyAutomated{ SelfHeal: true, }, } for _, tt := range []struct { name string - appSet *v1alpha1.ApplicationSet + appSet *arogappsetv1.ApplicationSet expectedOutput string }{ { diff --git a/cmd/argocd/commands/bcrypt.go b/cmd/argocd/commands/bcrypt.go index 77fc8a4830fcb..2aaf94fe9450d 100644 --- a/cmd/argocd/commands/bcrypt.go +++ b/cmd/argocd/commands/bcrypt.go @@ -8,7 +8,7 @@ import ( "golang.org/x/crypto/bcrypt" ) -// NewBcryptCmd represents the bcrypt command +// bcryptCmd represents the bcrypt command func NewBcryptCmd() *cobra.Command { var ( password string diff --git a/cmd/argocd/commands/bcrypt_test.go b/cmd/argocd/commands/bcrypt_test.go index ec00a73b0dcba..c5949977a1425 100644 --- a/cmd/argocd/commands/bcrypt_test.go +++ b/cmd/argocd/commands/bcrypt_test.go @@ -12,7 +12,7 @@ func TestGeneratePassword(t *testing.T) { bcryptCmd := NewBcryptCmd() bcryptCmd.SetArgs([]string{"--password", "abc"}) output := new(bytes.Buffer) - bcryptCmd.SetOut(output) + bcryptCmd.SetOutput(output) err := bcryptCmd.Execute() if err != nil { return diff --git a/cmd/argocd/commands/cert.go b/cmd/argocd/commands/cert.go index d443d57e337d4..17f13a87d2a7d 100644 --- a/cmd/argocd/commands/cert.go +++ b/cmd/argocd/commands/cert.go @@ -130,12 +130,12 @@ func NewCertAddTLSCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command } }, } - command.Flags().StringVar(&fromFile, "from", "", "Read TLS certificate data from file (default is to read from stdin)") + command.Flags().StringVar(&fromFile, "from", "", "read TLS certificate data from file (default is to read from stdin)") command.Flags().BoolVar(&upsert, "upsert", false, "Replace existing TLS certificate if certificate is different in input") return command } -// NewCertAddSSHCommand returns a new instance of an `argocd cert add` command +// NewCertAddCommand returns a new instance of an `argocd cert add` command func NewCertAddSSHCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { var ( fromFile string @@ -300,9 +300,9 @@ func NewCertListCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { } command.Flags().StringVarP(&output, "output", "o", "wide", "Output format. One of: json|yaml|wide") - command.Flags().StringVar(&sortOrder, "sort", "", "Set display sort order for output format wide. One of: hostname|type") - command.Flags().StringVar(&certType, "cert-type", "", "Only list certificates of given type, valid: 'ssh','https'") - command.Flags().StringVar(&hostNamePattern, "hostname-pattern", "", "Only list certificates for hosts matching given glob-pattern") + command.Flags().StringVar(&sortOrder, "sort", "", "set display sort order for output format wide. One of: hostname|type") + command.Flags().StringVar(&certType, "cert-type", "", "only list certificates of given type, valid: 'ssh','https'") + command.Flags().StringVar(&hostNamePattern, "hostname-pattern", "", "only list certificates for hosts matching given glob-pattern") return command } diff --git a/cmd/argocd/commands/common.go b/cmd/argocd/commands/common.go index 849b9a48f02b6..b7529f768a69a 100644 --- a/cmd/argocd/commands/common.go +++ b/cmd/argocd/commands/common.go @@ -5,7 +5,7 @@ import ( "fmt" "reflect" - "sigs.k8s.io/yaml" + "github.com/ghodss/yaml" ) const ( diff --git a/cmd/argocd/commands/headless/headless.go b/cmd/argocd/commands/headless/headless.go index bf893ef76ecbe..ac994e4fdaba2 100644 --- a/cmd/argocd/commands/headless/headless.go +++ b/cmd/argocd/commands/headless/headless.go @@ -11,7 +11,6 @@ import ( "github.com/spf13/cobra" "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/initialize" - "github.com/argoproj/argo-cd/v2/common" "github.com/alicebob/miniredis/v2" "github.com/golang/protobuf/ptypes/empty" @@ -39,14 +38,12 @@ import ( ) type forwardCacheClient struct { - namespace string - context string - init sync.Once - client cache.CacheClient - compression cache.RedisCompressionType - err error - redisHaProxyName string - redisName string + namespace string + context string + init sync.Once + client cache.CacheClient + compression cache.RedisCompressionType + err error } func (c *forwardCacheClient) doLazy(action func(client cache.CacheClient) error) error { @@ -54,10 +51,8 @@ func (c *forwardCacheClient) doLazy(action func(client cache.CacheClient) error) overrides := clientcmd.ConfigOverrides{ CurrentContext: c.context, } - redisHaProxyPodLabelSelector := common.LabelKeyAppName + "=" + c.redisHaProxyName - redisPodLabelSelector := common.LabelKeyAppName + "=" + c.redisName redisPort, err := kubeutil.PortForward(6379, c.namespace, &overrides, - redisHaProxyPodLabelSelector, redisPodLabelSelector) + "app.kubernetes.io/name=argocd-redis-ha-haproxy", "app.kubernetes.io/name=argocd-redis") if err != nil { c.err = err return @@ -103,12 +98,11 @@ func (c *forwardCacheClient) NotifyUpdated(key string) error { } type forwardRepoClientset struct { - namespace string - context string - init sync.Once - repoClientset repoapiclient.Clientset - err error - repoServerName string + namespace string + context string + init sync.Once + repoClientset repoapiclient.Clientset + err error } func (c *forwardRepoClientset) NewRepoServerClient() (io.Closer, repoapiclient.RepoServerServiceClient, error) { @@ -116,8 +110,7 @@ func (c *forwardRepoClientset) NewRepoServerClient() (io.Closer, repoapiclient.R overrides := clientcmd.ConfigOverrides{ CurrentContext: c.context, } - repoServerPodLabelSelector := common.LabelKeyAppName + "=" + c.repoServerName - repoServerPort, err := kubeutil.PortForward(8081, c.namespace, &overrides, repoServerPodLabelSelector) + repoServerPort, err := kubeutil.PortForward(8081, c.namespace, &overrides, "app.kubernetes.io/name=argocd-repo-server") if err != nil { c.err = err return @@ -134,15 +127,15 @@ func (c *forwardRepoClientset) NewRepoServerClient() (io.Closer, repoapiclient.R func testAPI(ctx context.Context, clientOpts *apiclient.ClientOptions) error { apiClient, err := apiclient.NewClient(clientOpts) if err != nil { - return fmt.Errorf("failed to create API client: %w", err) + return err } closer, versionClient, err := apiClient.NewVersionClient() if err != nil { - return fmt.Errorf("failed to create version client: %w", err) + return err } defer io.Close(closer) _, err = versionClient.Version(ctx, &empty.Empty{}) - return fmt.Errorf("failed to get version: %w", err) + return err } // StartLocalServer allows executing command in a headless mode: on the fly starts Argo CD API server and @@ -154,12 +147,12 @@ func StartLocalServer(ctx context.Context, clientOpts *apiclient.ClientOptions, if !startInProcessAPI { localCfg, err := localconfig.ReadLocalConfig(clientOpts.ConfigPath) if err != nil { - return fmt.Errorf("error reading local config: %w", err) + return err } if localCfg != nil { configCtx, err := localCfg.ResolveContext(clientOpts.Context) if err != nil { - return fmt.Errorf("error resolving context: %w", err) + return err } startInProcessAPI = configCtx.Server.Core } @@ -180,7 +173,7 @@ func StartLocalServer(ctx context.Context, clientOpts *apiclient.ClientOptions, addr := fmt.Sprintf("%s:0", *address) ln, err := net.Listen("tcp", addr) if err != nil { - return fmt.Errorf("failed to listen on %q: %w", addr, err) + return err } port = &ln.Addr().(*net.TCPAddr).Port io.Close(ln) @@ -188,27 +181,27 @@ func StartLocalServer(ctx context.Context, clientOpts *apiclient.ClientOptions, restConfig, err := clientConfig.ClientConfig() if err != nil { - return fmt.Errorf("error creating client config: %w", err) + return err } appClientset, err := appclientset.NewForConfig(restConfig) if err != nil { - return fmt.Errorf("error creating app clientset: %w", err) + return err } kubeClientset, err := kubernetes.NewForConfig(restConfig) if err != nil { - return fmt.Errorf("error creating kubernetes clientset: %w", err) + return err } namespace, _, err := clientConfig.Namespace() if err != nil { - return fmt.Errorf("error getting namespace: %w", err) + return err } mr, err := miniredis.Run() if err != nil { - return fmt.Errorf("error running miniredis: %w", err) + return err } - appstateCache := appstatecache.NewCache(cache.NewCache(&forwardCacheClient{namespace: namespace, context: ctxStr, compression: compression, redisHaProxyName: clientOpts.RedisHaProxyName, redisName: clientOpts.RedisName}), time.Hour) + appstateCache := appstatecache.NewCache(cache.NewCache(&forwardCacheClient{namespace: namespace, context: ctxStr, compression: compression}), time.Hour) srv := server.NewServer(ctx, server.ArgoCDServerOpts{ EnableGZip: false, Namespace: namespace, @@ -220,14 +213,14 @@ func StartLocalServer(ctx context.Context, clientOpts *apiclient.ClientOptions, KubeClientset: kubeClientset, Insecure: true, ListenHost: *address, - RepoClientset: &forwardRepoClientset{namespace: namespace, context: ctxStr, repoServerName: clientOpts.RepoServerName}, + RepoClientset: &forwardRepoClientset{namespace: namespace, context: ctxStr}, EnableProxyExtension: false, }) srv.Init(ctx) lns, err := srv.Listen() if err != nil { - return fmt.Errorf("failed to listen: %w", err) + return err } go srv.Run(ctx, lns) clientOpts.ServerAddr = fmt.Sprintf("%s:%d", *address, *port) @@ -243,7 +236,7 @@ func StartLocalServer(ctx context.Context, clientOpts *apiclient.ClientOptions, } time.Sleep(time.Second) } - return fmt.Errorf("all retries failed: %w", err) + return err } // NewClientOrDie creates a new API client from a set of config options, or fails fatally if the new client creation fails. diff --git a/cmd/argocd/commands/initialize/cmd.go b/cmd/argocd/commands/initialize/cmd.go index 8f9da9f68783f..76a6470f07002 100644 --- a/cmd/argocd/commands/initialize/cmd.go +++ b/cmd/argocd/commands/initialize/cmd.go @@ -3,11 +3,12 @@ package initialize import ( "github.com/spf13/cobra" "github.com/spf13/pflag" + flag "github.com/spf13/pflag" "github.com/argoproj/argo-cd/v2/util/cli" ) -func RetrieveContextIfChanged(contextFlag *pflag.Flag) string { +func RetrieveContextIfChanged(contextFlag *flag.Flag) string { if contextFlag != nil && contextFlag.Changed { return contextFlag.Value.String() } diff --git a/cmd/argocd/commands/login.go b/cmd/argocd/commands/login.go index 3e2ad4e7d1b73..2fc2ce3b32199 100644 --- a/cmd/argocd/commands/login.go +++ b/cmd/argocd/commands/login.go @@ -175,11 +175,11 @@ argocd login cd.argoproj.io --core`, fmt.Printf("Context '%s' updated\n", ctxName) }, } - command.Flags().StringVar(&ctxName, "name", "", "Name to use for the context") - command.Flags().StringVar(&username, "username", "", "The username of an account to authenticate") - command.Flags().StringVar(&password, "password", "", "The password of an account to authenticate") - command.Flags().BoolVar(&sso, "sso", false, "Perform SSO login") - command.Flags().IntVar(&ssoPort, "sso-port", DefaultSSOLocalPort, "Port to run local OAuth2 login application") + command.Flags().StringVar(&ctxName, "name", "", "name to use for the context") + command.Flags().StringVar(&username, "username", "", "the username of an account to authenticate") + command.Flags().StringVar(&password, "password", "", "the password of an account to authenticate") + command.Flags().BoolVar(&sso, "sso", false, "perform SSO login") + command.Flags().IntVar(&ssoPort, "sso-port", DefaultSSOLocalPort, "port to run local OAuth2 login application") command.Flags(). BoolVar(&skipTestTLS, "skip-test-tls", false, "Skip testing whether the server is configured with TLS (this can help when the command hangs for no apparent reason)") return command diff --git a/cmd/argocd/commands/login_test.go b/cmd/argocd/commands/login_test.go index 3a7411b4b7fa3..1f3289f97d563 100644 --- a/cmd/argocd/commands/login_test.go +++ b/cmd/argocd/commands/login_test.go @@ -7,6 +7,8 @@ import ( "github.com/stretchr/testify/assert" ) +// + func Test_userDisplayName_email(t *testing.T) { claims := jwt.MapClaims{"iss": "qux", "sub": "foo", "email": "firstname.lastname@example.com", "groups": []string{"baz"}} actualName := userDisplayName(claims) diff --git a/cmd/argocd/commands/project.go b/cmd/argocd/commands/project.go index 4f08665eb437b..be29249613f4c 100644 --- a/cmd/argocd/commands/project.go +++ b/cmd/argocd/commands/project.go @@ -1,7 +1,6 @@ package commands import ( - "context" "encoding/json" "fmt" "io" @@ -11,10 +10,11 @@ import ( "time" humanize "github.com/dustin/go-humanize" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "sigs.k8s.io/yaml" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/headless" cmdutil "github.com/argoproj/argo-cd/v2/cmd/util" @@ -453,7 +453,7 @@ func modifyResourcesList(list *[]metav1.GroupKind, add bool, listDesc string, gr } } fmt.Printf("Group '%s' and kind '%s' is added to %s resources\n", group, kind, listDesc) - *list = append(*list, metav1.GroupKind{Group: group, Kind: kind}) + *list = append(*list, v1.GroupKind{Group: group, Kind: kind}) return true } else { index := -1 @@ -819,7 +819,10 @@ func NewProjectGetCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command os.Exit(1) } projName := args[0] - detailedProject := getProject(c, clientOpts, ctx, projName) + conn, projIf := headless.NewClientOrDie(clientOpts, c).NewProjectClientOrDie() + defer argoio.Close(conn) + detailedProject, err := projIf.GetDetailedProject(ctx, &projectpkg.ProjectQuery{Name: projName}) + errors.CheckError(err) switch output { case "yaml", "json": @@ -836,14 +839,6 @@ func NewProjectGetCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command return command } -func getProject(c *cobra.Command, clientOpts *argocdclient.ClientOptions, ctx context.Context, projName string) *projectpkg.DetailedProjectsResponse { - conn, projIf := headless.NewClientOrDie(clientOpts, c).NewProjectClientOrDie() - defer argoio.Close(conn) - detailedProject, err := projIf.GetDetailedProject(ctx, &projectpkg.ProjectQuery{Name: projName}) - errors.CheckError(err) - return detailedProject -} - func NewProjectEditCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command { var command = &cobra.Command{ Use: "edit PROJECT", diff --git a/cmd/argocd/commands/relogin.go b/cmd/argocd/commands/relogin.go index 9ec7e51f906ee..b4c1ef7fe9b81 100644 --- a/cmd/argocd/commands/relogin.go +++ b/cmd/argocd/commands/relogin.go @@ -85,7 +85,7 @@ func NewReloginCommand(globalClientOpts *argocdclient.ClientOptions) *cobra.Comm fmt.Printf("Context '%s' updated\n", localCfg.CurrentContext) }, } - command.Flags().StringVar(&password, "password", "", "The password of an account to authenticate") - command.Flags().IntVar(&ssoPort, "sso-port", DefaultSSOLocalPort, "Port to run local OAuth2 login application") + command.Flags().StringVar(&password, "password", "", "the password of an account to authenticate") + command.Flags().IntVar(&ssoPort, "sso-port", DefaultSSOLocalPort, "port to run local OAuth2 login application") return command } diff --git a/cmd/argocd/commands/relogin_test.go b/cmd/argocd/commands/relogin_test.go deleted file mode 100644 index eb6c4cd2d2f2d..0000000000000 --- a/cmd/argocd/commands/relogin_test.go +++ /dev/null @@ -1,64 +0,0 @@ -package commands - -import ( - "strconv" - "testing" - - "github.com/stretchr/testify/assert" - - argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" -) - -func TestNewReloginCommand(t *testing.T) { - globalClientOpts := argocdclient.ClientOptions{ - ConfigPath: "/path/to/config", - } - - cmd := NewReloginCommand(&globalClientOpts) - - assert.Equal(t, "relogin", cmd.Use, "Unexpected command Use") - assert.Equal(t, "Refresh an expired authenticate token", cmd.Short, "Unexpected command Short") - assert.Equal(t, "Refresh an expired authenticate token", cmd.Long, "Unexpected command Long") - - // Assert command flags - passwordFlag := cmd.Flags().Lookup("password") - assert.NotNil(t, passwordFlag, "Expected flag --password to be defined") - assert.Equal(t, "", passwordFlag.Value.String(), "Unexpected default value for --password flag") - - ssoPortFlag := cmd.Flags().Lookup("sso-port") - port, err := strconv.Atoi(ssoPortFlag.Value.String()) - assert.NotNil(t, ssoPortFlag, "Expected flag --sso-port to be defined") - assert.NoError(t, err, "Failed to convert sso-port flag value to integer") - assert.Equal(t, 8085, port, "Unexpected default value for --sso-port flag") -} - -func TestNewReloginCommandWithGlobalClientOptions(t *testing.T) { - globalClientOpts := argocdclient.ClientOptions{ - ConfigPath: "/path/to/config", - ServerAddr: "https://argocd-server.example.com", - Insecure: true, - ClientCertFile: "/path/to/client-cert", - ClientCertKeyFile: "/path/to/client-cert-key", - GRPCWeb: true, - GRPCWebRootPath: "/path/to/grpc-web-root-path", - PlainText: true, - Headers: []string{"header1", "header2"}, - } - - cmd := NewReloginCommand(&globalClientOpts) - - assert.Equal(t, "relogin", cmd.Use, "Unexpected command Use") - assert.Equal(t, "Refresh an expired authenticate token", cmd.Short, "Unexpected command Short") - assert.Equal(t, "Refresh an expired authenticate token", cmd.Long, "Unexpected command Long") - - // Assert command flags - passwordFlag := cmd.Flags().Lookup("password") - assert.NotNil(t, passwordFlag, "Expected flag --password to be defined") - assert.Equal(t, "", passwordFlag.Value.String(), "Unexpected default value for --password flag") - - ssoPortFlag := cmd.Flags().Lookup("sso-port") - port, err := strconv.Atoi(ssoPortFlag.Value.String()) - assert.NotNil(t, ssoPortFlag, "Expected flag --sso-port to be defined") - assert.NoError(t, err, "Failed to convert sso-port flag value to integer") - assert.Equal(t, 8085, port, "Unexpected default value for --sso-port flag") -} diff --git a/cmd/argocd/commands/root.go b/cmd/argocd/commands/root.go index 5c3b984e5bff5..91ffde5997b3a 100644 --- a/cmd/argocd/commands/root.go +++ b/cmd/argocd/commands/root.go @@ -1,19 +1,15 @@ package commands import ( - "fmt" - "github.com/spf13/cobra" "k8s.io/client-go/tools/clientcmd" "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/admin" "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/initialize" cmdutil "github.com/argoproj/argo-cd/v2/cmd/util" - "github.com/argoproj/argo-cd/v2/common" argocdclient "github.com/argoproj/argo-cd/v2/pkg/apiclient" "github.com/argoproj/argo-cd/v2/util/cli" "github.com/argoproj/argo-cd/v2/util/config" - "github.com/argoproj/argo-cd/v2/util/env" "github.com/argoproj/argo-cd/v2/util/errors" "github.com/argoproj/argo-cd/v2/util/localconfig" ) @@ -59,7 +55,7 @@ func NewCommand() *cobra.Command { command.AddCommand(NewLogoutCommand(&clientOpts)) command.AddCommand(initialize.InitCommand(NewCertCommand(&clientOpts))) command.AddCommand(initialize.InitCommand(NewGPGCommand(&clientOpts))) - command.AddCommand(admin.NewAdminCommand(&clientOpts)) + command.AddCommand(admin.NewAdminCommand()) defaultLocalConfigPath, err := localconfig.DefaultLocalConfigPath() errors.CheckError(err) @@ -80,11 +76,6 @@ func NewCommand() *cobra.Command { command.PersistentFlags().StringVar(&clientOpts.PortForwardNamespace, "port-forward-namespace", config.GetFlag("port-forward-namespace", ""), "Namespace name which should be used for port forwarding") command.PersistentFlags().IntVar(&clientOpts.HttpRetryMax, "http-retry-max", 0, "Maximum number of retries to establish http connection to Argo CD server") command.PersistentFlags().BoolVar(&clientOpts.Core, "core", false, "If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server") - command.PersistentFlags().StringVar(&clientOpts.ServerName, "server-name", env.StringFromEnv(common.EnvServerName, common.DefaultServerName), fmt.Sprintf("Name of the Argo CD API server; set this or the %s environment variable when the server's name label differs from the default, for example when installing via the Helm chart", common.EnvServerName)) - command.PersistentFlags().StringVar(&clientOpts.AppControllerName, "controller-name", env.StringFromEnv(common.EnvAppControllerName, common.DefaultApplicationControllerName), fmt.Sprintf("Name of the Argo CD Application controller; set this or the %s environment variable when the controller's name label differs from the default, for example when installing via the Helm chart", common.EnvAppControllerName)) - command.PersistentFlags().StringVar(&clientOpts.RedisHaProxyName, "redis-haproxy-name", env.StringFromEnv(common.EnvRedisHaProxyName, common.DefaultRedisHaProxyName), fmt.Sprintf("Name of the Redis HA Proxy; set this or the %s environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart", common.EnvRedisHaProxyName)) - command.PersistentFlags().StringVar(&clientOpts.RedisName, "redis-name", env.StringFromEnv(common.EnvRedisName, common.DefaultRedisName), fmt.Sprintf("Name of the Redis deployment; set this or the %s environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart", common.EnvRedisName)) - command.PersistentFlags().StringVar(&clientOpts.RepoServerName, "repo-server-name", env.StringFromEnv(common.EnvRepoServerName, common.DefaultRepoServerName), fmt.Sprintf("Name of the Argo CD Repo server; set this or the %s environment variable when the server's name label differs from the default, for example when installing via the Helm chart", common.EnvRepoServerName)) clientOpts.KubeOverrides = &clientcmd.ConfigOverrides{} command.PersistentFlags().StringVar(&clientOpts.KubeOverrides.CurrentContext, "kube-context", "", "Directs the command to the given kube-context") diff --git a/cmd/argocd/commands/version.go b/cmd/argocd/commands/version.go index 8c69c4195c3ad..8f3d5b1abfe11 100644 --- a/cmd/argocd/commands/version.go +++ b/cmd/argocd/commands/version.go @@ -116,9 +116,6 @@ func printClientVersion(version *common.Version, short bool) string { output += fmt.Sprintf(" GoVersion: %s\n", version.GoVersion) output += fmt.Sprintf(" Compiler: %s\n", version.Compiler) output += fmt.Sprintf(" Platform: %s\n", version.Platform) - if version.ExtraBuildInfo != "" { - output += fmt.Sprintf(" ExtraBuildInfo: %s\n", version.ExtraBuildInfo) - } return output } @@ -150,9 +147,6 @@ func printServerVersion(version *version.VersionMessage, short bool) string { if version.Platform != "" { output += fmt.Sprintf(" Platform: %s\n", version.Platform) } - if version.ExtraBuildInfo != "" { - output += fmt.Sprintf(" ExtraBuildInfo: %s\n", version.ExtraBuildInfo) - } if version.KustomizeVersion != "" { output += fmt.Sprintf(" Kustomize Version: %s\n", version.KustomizeVersion) } diff --git a/cmd/argocd/commands/version_test.go b/cmd/argocd/commands/version_test.go index 3312e5ad958b6..88aa689b48669 100644 --- a/cmd/argocd/commands/version_test.go +++ b/cmd/argocd/commands/version_test.go @@ -12,7 +12,7 @@ import ( func TestShortVersionClient(t *testing.T) { buf := new(bytes.Buffer) cmd := NewVersionCmd(&argocdclient.ClientOptions{}, nil) - cmd.SetOut(buf) + cmd.SetOutput(buf) cmd.SetArgs([]string{"version", "--short", "--client"}) err := cmd.Execute() if err != nil { @@ -26,7 +26,7 @@ func TestShortVersion(t *testing.T) { serverVersion := &version.VersionMessage{Version: "v99.99.99+unknown"} buf := new(bytes.Buffer) cmd := NewVersionCmd(&argocdclient.ClientOptions{}, serverVersion) - cmd.SetOut(buf) + cmd.SetOutput(buf) cmd.SetArgs([]string{"argocd", "version", "--short"}) err := cmd.Execute() if err != nil { diff --git a/cmd/util/app.go b/cmd/util/app.go index d64c5ed02e6cb..cd3a0a4c138d7 100644 --- a/cmd/util/app.go +++ b/cmd/util/app.go @@ -427,10 +427,7 @@ func setHelmOpt(src *argoappv1.ApplicationSource, opts helmOpts) { src.Helm.IgnoreMissingValueFiles = opts.ignoreMissingValueFiles } if len(opts.values) > 0 { - err := src.Helm.SetValuesString(opts.values) - if err != nil { - log.Fatal(err) - } + src.Helm.Values = opts.values } if opts.releaseName != "" { src.Helm.ReleaseName = opts.releaseName @@ -600,7 +597,7 @@ func constructAppsBaseOnName(appName string, labels, annotations, args []string, } appName = args[0] } - appName, appNs := argo.ParseFromQualifiedName(appName, "") + appName, appNs := argo.ParseAppQualifiedName(appName, "") app = &argoappv1.Application{ TypeMeta: v1.TypeMeta{ Kind: application.ApplicationKind, @@ -688,7 +685,7 @@ func setAnnotations(app *argoappv1.Application, annotations []string) { } } -// LiveObjects deserializes the list of live states into unstructured objects +// liveObjects deserializes the list of live states into unstructured objects func LiveObjects(resources []*argoappv1.ResourceDiff) ([]*unstructured.Unstructured, error) { objs := make([]*unstructured.Unstructured, len(resources)) for i, resState := range resources { diff --git a/cmd/util/app_test.go b/cmd/util/app_test.go index 2f49a3cc4c8c4..ae8a7b8140788 100644 --- a/cmd/util/app_test.go +++ b/cmd/util/app_test.go @@ -9,6 +9,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "k8s.io/apimachinery/pkg/util/intstr" ) @@ -216,7 +217,7 @@ func Test_setAppSpecOptions(t *testing.T) { t.Run("Kustomize", func(t *testing.T) { assert.NoError(t, f.SetFlag("kustomize-replica", "my-deployment=2")) assert.NoError(t, f.SetFlag("kustomize-replica", "my-statefulset=4")) - assert.Equal(t, f.spec.Source.Kustomize.Replicas, v1alpha1.KustomizeReplicas{{Name: "my-deployment", Count: intstr.FromInt(2)}, {Name: "my-statefulset", Count: intstr.FromInt(4)}}) + assert.Equal(t, f.spec.Source.Kustomize.Replicas, argoappv1.KustomizeReplicas{{Name: "my-deployment", Count: intstr.FromInt(2)}, {Name: "my-statefulset", Count: intstr.FromInt(4)}}) }) } @@ -293,7 +294,7 @@ func TestReadAppsFromURI(t *testing.T) { _, _ = file.WriteString(appsYaml) _ = file.Sync() - apps := make([]*v1alpha1.Application, 0) + apps := make([]*argoappv1.Application, 0) err = readAppsFromURI(file.Name(), &apps) assert.NoError(t, err) assert.Equal(t, 2, len(apps)) diff --git a/cmd/util/applicationset_test.go b/cmd/util/applicationset_test.go index c15e58a61af14..78c07f7e0d005 100644 --- a/cmd/util/applicationset_test.go +++ b/cmd/util/applicationset_test.go @@ -7,7 +7,7 @@ import ( "github.com/stretchr/testify/assert" ) -var appSet = `apiVersion: argoproj.io/v1alpha1 +var appSet string = `apiVersion: argoproj.io/v1alpha1 kind: ApplicationSet metadata: name: guestbook @@ -31,10 +31,10 @@ spec: ` func TestReadAppSet(t *testing.T) { - var appSets []*argoprojiov1alpha1.ApplicationSet - err := readAppset([]byte(appSet), &appSets) + appsets := []*argoprojiov1alpha1.ApplicationSet{} + err := readAppset([]byte(appSet), &appsets) if err != nil { t.Logf("Failed reading appset file") } - assert.Equal(t, len(appSets), 1) + assert.Equal(t, len(appsets), 1) } diff --git a/cmd/util/cluster.go b/cmd/util/cluster.go index 95c071c882b12..7ceeca0d15e99 100644 --- a/cmd/util/cluster.go +++ b/cmd/util/cluster.go @@ -8,13 +8,13 @@ import ( "strings" "text/tabwriter" + "github.com/ghodss/yaml" "github.com/spf13/cobra" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" clientcmdapiv1 "k8s.io/client-go/tools/clientcmd/api/v1" - "sigs.k8s.io/yaml" argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/util/errors" diff --git a/cmd/util/cluster_test.go b/cmd/util/cluster_test.go index 37e05bf6e58cb..bb6de1a4a213b 100644 --- a/cmd/util/cluster_test.go +++ b/cmd/util/cluster_test.go @@ -4,6 +4,7 @@ import ( "strings" "testing" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -11,7 +12,6 @@ import ( "k8s.io/client-go/kubernetes/fake" "k8s.io/client-go/rest" clientcmdapiv1 "k8s.io/client-go/tools/clientcmd/api/v1" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) diff --git a/cmd/util/project.go b/cmd/util/project.go index ef157f6873081..fe95e6c642e6d 100644 --- a/cmd/util/project.go +++ b/cmd/util/project.go @@ -94,7 +94,7 @@ func (opts *ProjectOpts) GetDestinations() []v1alpha1.ApplicationDestination { return destinations } -// GetSignatureKeys TODO: Get configured keys and emit warning when a key is specified that is not configured +// TODO: Get configured keys and emit warning when a key is specified that is not configured func (opts *ProjectOpts) GetSignatureKeys() []v1alpha1.SignatureKey { signatureKeys := make([]v1alpha1.SignatureKey, 0) for _, keyStr := range opts.SignatureKeys { diff --git a/cmpserver/apiclient/clientset.go b/cmpserver/apiclient/clientset.go index 025625ff8092e..6b4c19f0261ff 100644 --- a/cmpserver/apiclient/clientset.go +++ b/cmpserver/apiclient/clientset.go @@ -7,6 +7,7 @@ import ( grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware" grpc_retry "github.com/grpc-ecosystem/go-grpc-middleware/retry" log "github.com/sirupsen/logrus" + "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" "google.golang.org/grpc" "google.golang.org/grpc/credentials/insecure" @@ -46,8 +47,8 @@ func NewConnection(address string) (*grpc.ClientConn, error) { grpc.WithStreamInterceptor(grpc_retry.StreamClientInterceptor(retryOpts...)), grpc.WithUnaryInterceptor(grpc_middleware.ChainUnaryClient(unaryInterceptors...)), grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(MaxGRPCMessageSize), grpc.MaxCallSendMsgSize(MaxGRPCMessageSize)), - grpc.WithUnaryInterceptor(grpc_util.OTELUnaryClientInterceptor()), - grpc.WithStreamInterceptor(grpc_util.OTELStreamClientInterceptor()), + grpc.WithUnaryInterceptor(otelgrpc.UnaryClientInterceptor()), + grpc.WithStreamInterceptor(otelgrpc.StreamClientInterceptor()), } dialOpts = append(dialOpts, grpc.WithTransportCredentials(insecure.NewCredentials())) diff --git a/cmpserver/plugin/config_test.go b/cmpserver/plugin/config_test.go deleted file mode 100644 index 9e22dab1d3741..0000000000000 --- a/cmpserver/plugin/config_test.go +++ /dev/null @@ -1,215 +0,0 @@ -package plugin - -import ( - "fmt" - "os" - "path/filepath" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - "github.com/argoproj/argo-cd/v2/common" -) - -func Test_IsDefined(t *testing.T) { - testCases := []struct { - name string - discover Discover - expected bool - }{ - { - name: "empty discover", - discover: Discover{}, - expected: false, - }, - { - name: "discover with find", - discover: Discover{ - Find: Find{ - Glob: "glob", - }, - }, - expected: true, - }, - { - name: "discover with fileName", - discover: Discover{ - FileName: "fileName", - }, - expected: true, - }, - { - name: "discover with empty command", - discover: Discover{ - Find: Find{ - Command: Command{ - Command: []string{}, - }, - }, - }, - expected: false, - }, - { - name: "discover with command", - discover: Discover{ - Find: Find{ - Command: Command{ - Command: []string{"command"}, - }, - }, - }, - expected: true, - }, - } - - for _, tc := range testCases { - tcc := tc - t.Run(tcc.name, func(t *testing.T) { - t.Parallel() - - actual := tcc.discover.IsDefined() - assert.Equal(t, tcc.expected, actual) - }) - } -} - -func Test_ReadPluginConfig(t *testing.T) { - testCases := []struct { - name string - fileContents string - expected *PluginConfig - expectedErr string - }{ - { - name: "empty metadata", - fileContents: ` -metadata: -`, - expected: nil, - expectedErr: "invalid plugin configuration file. metadata.name should be non-empty.", - }, - { - name: "empty metadata name", - fileContents: ` -metadata: - name: "" -`, - expected: nil, - expectedErr: "invalid plugin configuration file. metadata.name should be non-empty.", - }, - { - name: "invalid kind", - fileContents: ` -kind: invalid -metadata: - name: name -`, - expected: nil, - expectedErr: "invalid plugin configuration file. kind should be ConfigManagementPlugin, found invalid", - }, - { - name: "empty generate command", - fileContents: ` -kind: ConfigManagementPlugin -metadata: - name: name -`, - expected: nil, - expectedErr: "invalid plugin configuration file. spec.generate command should be non-empty", - }, - { - name: "valid config", - fileContents: ` -kind: ConfigManagementPlugin -metadata: - name: name -spec: - generate: - command: [command] -`, - expected: &PluginConfig{ - TypeMeta: v1.TypeMeta{ - Kind: ConfigManagementPluginKind, - }, - Metadata: v1.ObjectMeta{ - Name: "name", - }, - Spec: PluginConfigSpec{ - Generate: Command{ - Command: []string{"command"}, - }, - }, - }, - }, - } - - for _, tc := range testCases { - tcc := tc - t.Run(tcc.name, func(t *testing.T) { - t.Parallel() - // write test string to temporary file - tempDir := t.TempDir() - tempFile, err := os.Create(filepath.Join(tempDir, "plugin.yaml")) - require.NoError(t, err) - err = tempFile.Close() - require.NoError(t, err) - err = os.WriteFile(tempFile.Name(), []byte(tcc.fileContents), 0644) - require.NoError(t, err) - config, err := ReadPluginConfig(tempDir) - if tcc.expectedErr != "" { - assert.EqualError(t, err, tcc.expectedErr) - } else { - assert.NoError(t, err) - } - assert.Equal(t, tcc.expected, config) - }) - } -} - -func Test_PluginConfig_Address(t *testing.T) { - testCases := []struct { - name string - config *PluginConfig - expected string - }{ - { - name: "no version specified", - config: &PluginConfig{ - TypeMeta: v1.TypeMeta{ - Kind: ConfigManagementPluginKind, - }, - Metadata: v1.ObjectMeta{ - Name: "name", - }, - }, - expected: "name", - }, - { - name: "version specified", - config: &PluginConfig{ - TypeMeta: v1.TypeMeta{ - Kind: ConfigManagementPluginKind, - }, - Metadata: v1.ObjectMeta{ - Name: "name", - }, - Spec: PluginConfigSpec{ - Version: "version", - }, - }, - expected: "name-version", - }, - } - - for _, tc := range testCases { - tcc := tc - t.Run(tcc.name, func(t *testing.T) { - t.Parallel() - actual := tcc.config.Address() - expectedAddress := fmt.Sprintf("%s/%s.sock", common.GetPluginSockFilePath(), tcc.expected) - assert.Equal(t, expectedAddress, actual) - }) - } -} diff --git a/common/common.go b/common/common.go index 5ea02095e8bb9..1c01710539472 100644 --- a/common/common.go +++ b/common/common.go @@ -29,9 +29,9 @@ const ( ArgoCDNotificationsConfigMapName = "argocd-notifications-cm" ArgoCDNotificationsSecretName = "argocd-notifications-secret" ArgoCDRBACConfigMapName = "argocd-rbac-cm" - // ArgoCDKnownHostsConfigMapName contains SSH known hosts data for connecting repositories. Will get mounted as volume to pods + // Contains SSH known hosts data for connecting repositories. Will get mounted as volume to pods ArgoCDKnownHostsConfigMapName = "argocd-ssh-known-hosts-cm" - // ArgoCDTLSCertsConfigMapName contains TLS certificate data for connecting repositories. Will get mounted as volume to pods + // Contains TLS certificate data for connecting repositories. Will get mounted as volume to pods ArgoCDTLSCertsConfigMapName = "argocd-tls-certs-cm" ArgoCDGPGKeysConfigMapName = "argocd-gpg-keys-cm" ) @@ -51,32 +51,28 @@ const ( DefaultPortRepoServerMetrics = 8084 ) -// DefaultAddressAPIServer for ArgoCD components +// Default listener address for ArgoCD components const ( - DefaultAddressAdminDashboard = "localhost" - DefaultAddressAPIServer = "0.0.0.0" - DefaultAddressAPIServerMetrics = "0.0.0.0" - DefaultAddressRepoServer = "0.0.0.0" - DefaultAddressRepoServerMetrics = "0.0.0.0" + DefaultAddressAPIServer = "localhost" ) // Default paths on the pod's file system const ( - // DefaultPathTLSConfig is the default path where TLS certificates for repositories are located + // The default path where TLS certificates for repositories are located DefaultPathTLSConfig = "/app/config/tls" - // DefaultPathSSHConfig is the default path where SSH known hosts are stored + // The default path where SSH known hosts are stored DefaultPathSSHConfig = "/app/config/ssh" - // DefaultSSHKnownHostsName is the Default name for the SSH known hosts file + // Default name for the SSH known hosts file DefaultSSHKnownHostsName = "ssh_known_hosts" - // DefaultGnuPgHomePath is the Default path to GnuPG home directory + // Default path to GnuPG home directory DefaultGnuPgHomePath = "/app/config/gpg/keys" - // DefaultAppConfigPath is the Default path to repo server TLS endpoint config + // Default path to repo server TLS endpoint config DefaultAppConfigPath = "/app/config" - // DefaultPluginSockFilePath is the Default path to cmp server plugin socket file + // Default path to cmp server plugin socket file DefaultPluginSockFilePath = "/home/argocd/cmp-server/plugins" - // DefaultPluginConfigFilePath is the Default path to cmp server plugin configuration file + // Default path to cmp server plugin configuration file DefaultPluginConfigFilePath = "/home/argocd/cmp-server/config" - // PluginConfigFileName is the Plugin Config File is a ConfigManagementPlugin manifest located inside the plugin container + // Plugin Config File is a ConfigManagementPlugin manifest located inside the plugin container PluginConfigFileName = "plugin.yaml" ) @@ -103,12 +99,6 @@ const ( // PasswordPatten is the default password patten PasswordPatten = `^.{8,32}$` - - // LegacyShardingAlgorithm is the default value for Sharding Algorithm it uses an `uid` based distribution (non-uniform) - LegacyShardingAlgorithm = "legacy" - // RoundRobinShardingAlgorithm is a flag value that can be opted for Sharding Algorithm it uses an equal distribution accross all shards - RoundRobinShardingAlgorithm = "round-robin" - DefaultShardingAlgorithm = LegacyShardingAlgorithm ) // Dex related constants @@ -138,8 +128,6 @@ const ( // LabelKeyAppInstance is the label key to use to uniquely identify the instance of an application // The Argo CD application name is used as the instance name LabelKeyAppInstance = "app.kubernetes.io/instance" - // LabelKeyAppName is the label key to use to uniquely identify the name of the Kubernetes application - LabelKeyAppName = "app.kubernetes.io/name" // LabelKeyLegacyApplicationName is the legacy label (v0.10 and below) and is superseded by 'app.kubernetes.io/instance' LabelKeyLegacyApplicationName = "applications.argoproj.io/app-name" // LabelKeySecretType contains the type of argocd secret (currently: 'cluster', 'repository', 'repo-config' or 'repo-creds') @@ -151,7 +139,7 @@ const ( // LabelValueSecretTypeRepoCreds indicates a secret type of repository credentials LabelValueSecretTypeRepoCreds = "repo-creds" - // AnnotationKeyAppInstance is the Argo CD application name is used as the instance name + // The Argo CD application name is used as the instance name AnnotationKeyAppInstance = "argocd.argoproj.io/tracking-id" // AnnotationCompareOptions is a comma-separated list of options for comparison @@ -183,19 +171,19 @@ const ( EnvVarSSODebug = "ARGOCD_SSO_DEBUG" // EnvVarRBACDebug is an environment variable to enable additional RBAC debugging in the API server EnvVarRBACDebug = "ARGOCD_RBAC_DEBUG" - // EnvVarSSHDataPath overrides the location where SSH known hosts for repo access data is stored + // Overrides the location where SSH known hosts for repo access data is stored EnvVarSSHDataPath = "ARGOCD_SSH_DATA_PATH" - // EnvVarTLSDataPath overrides the location where TLS certificate for repo access data is stored + // Overrides the location where TLS certificate for repo access data is stored EnvVarTLSDataPath = "ARGOCD_TLS_DATA_PATH" - // EnvGitAttemptsCount specifies number of git remote operations attempts count + // Specifies number of git remote operations attempts count EnvGitAttemptsCount = "ARGOCD_GIT_ATTEMPTS_COUNT" - // EnvGitRetryMaxDuration specifices max duration of git remote operation retry + // Specifices max duration of git remote operation retry EnvGitRetryMaxDuration = "ARGOCD_GIT_RETRY_MAX_DURATION" - // EnvGitRetryDuration specifies duration of git remote operation retry + // Specifies duration of git remote operation retry EnvGitRetryDuration = "ARGOCD_GIT_RETRY_DURATION" - // EnvGitRetryFactor specifies fator of git remote operation retry + // Specifies fator of git remote operation retry EnvGitRetryFactor = "ARGOCD_GIT_RETRY_FACTOR" - // EnvGitSubmoduleEnabled overrides git submodule support, true by default + // Overrides git submodule support, true by default EnvGitSubmoduleEnabled = "ARGOCD_GIT_MODULES_ENABLED" // EnvGnuPGHome is the path to ArgoCD's GnuPG keyring for signature verification EnvGnuPGHome = "ARGOCD_GNUPGHOME" @@ -211,15 +199,13 @@ const ( EnvControllerReplicas = "ARGOCD_CONTROLLER_REPLICAS" // EnvControllerShard is the shard number that should be handled by controller EnvControllerShard = "ARGOCD_CONTROLLER_SHARD" - // EnvControllerShardingAlgorithm is the distribution sharding algorithm to be used: legacy or round-robin - EnvControllerShardingAlgorithm = "ARGOCD_CONTROLLER_SHARDING_ALGORITHM" // EnvEnableGRPCTimeHistogramEnv enables gRPC metrics collection EnvEnableGRPCTimeHistogramEnv = "ARGOCD_ENABLE_GRPC_TIME_HISTOGRAM" // EnvGithubAppCredsExpirationDuration controls the caching of Github app credentials. This value is in minutes (default: 60) EnvGithubAppCredsExpirationDuration = "ARGOCD_GITHUB_APP_CREDS_EXPIRATION_DURATION" // EnvHelmIndexCacheDuration controls how the helm repository index file is cached for (default: 0) EnvHelmIndexCacheDuration = "ARGOCD_HELM_INDEX_CACHE_DURATION" - // EnvAppConfigPath allows to override the configuration path for repo server + // EnvRepoServerConfigPath allows to override the configuration path for repo server EnvAppConfigPath = "ARGOCD_APP_CONF_PATH" // EnvLogFormat log format that is defined by `--logformat` option EnvLogFormat = "ARGOCD_LOG_FORMAT" @@ -233,18 +219,6 @@ const ( EnvCMPChunkSize = "ARGOCD_CMP_CHUNK_SIZE" // EnvCMPWorkDir defines the full path of the work directory used by the CMP server EnvCMPWorkDir = "ARGOCD_CMP_WORKDIR" - // EnvGPGDataPath overrides the location where GPG keyring for signature verification is stored - EnvGPGDataPath = "ARGOCD_GPG_DATA_PATH" - // EnvServerName is the name of the Argo CD server component, as specified by the value under the LabelKeyAppName label key. - EnvServerName = "ARGOCD_SERVER_NAME" - // EnvRepoServerName is the name of the Argo CD repo server component, as specified by the value under the LabelKeyAppName label key. - EnvRepoServerName = "ARGOCD_REPO_SERVER_NAME" - // EnvAppControllerName is the name of the Argo CD application controller component, as specified by the value under the LabelKeyAppName label key. - EnvAppControllerName = "ARGOCD_APPLICATION_CONTROLLER_NAME" - // EnvRedisName is the name of the Argo CD redis component, as specified by the value under the LabelKeyAppName label key. - EnvRedisName = "ARGOCD_REDIS_NAME" - // EnvRedisHaProxyName is the name of the Argo CD Redis HA proxy component, as specified by the value under the LabelKeyAppName label key. - EnvRedisHaProxyName = "ARGOCD_REDIS_HAPROXY_NAME" ) // Config Management Plugin related constants @@ -280,16 +254,6 @@ const ( DefaultGitRetryFactor = int64(2) ) -// Constants represent the pod selector labels of the Argo CD component names. These values are determined by the -// installation manifests. -const ( - DefaultServerName = "argocd-server" - DefaultRepoServerName = "argocd-repo-server" - DefaultApplicationControllerName = "argocd-application-controller" - DefaultRedisName = "argocd-redis" - DefaultRedisHaProxyName = "argocd-redis-ha-haproxy" -) - // GetGnuPGHomePath retrieves the path to use for GnuPG home directory, which is either taken from GNUPGHOME environment or a default value func GetGnuPGHomePath() string { if gnuPgHome := os.Getenv(EnvGnuPGHome); gnuPgHome == "" { @@ -332,14 +296,14 @@ func GetCMPWorkDir() string { } const ( - // AnnotationApplicationSetRefresh is an annotation that is added when an ApplicationSet is requested to be refreshed by a webhook. The ApplicationSet controller will remove this annotation at the end of reconciliation. + // AnnotationApplicationRefresh is an annotation that is added when an ApplicationSet is requested to be refreshed by a webhook. The ApplicationSet controller will remove this annotation at the end of reconciliation. AnnotationApplicationSetRefresh = "argocd.argoproj.io/application-set-refresh" ) // gRPC settings const ( GRPCKeepAliveEnforcementMinimum = 10 * time.Second - // GRPCKeepAliveTime is 2x enforcement minimum to ensure network jitter does not introduce ENHANCE_YOUR_CALM errors + // Keep alive is 2x enforcement minimum to ensure network jitter does not introduce ENHANCE_YOUR_CALM errors GRPCKeepAliveTime = 2 * GRPCKeepAliveEnforcementMinimum ) @@ -357,7 +321,7 @@ const ( SecurityLow = 1 // Unexceptional entries (i.e. successful access logs) ) -// TokenVerificationError is a generic error message for a failure to verify a JWT +// Common error messages const TokenVerificationError = "failed to verify the token" var TokenVerificationErr = errors.New(TokenVerificationError) diff --git a/common/version.go b/common/version.go index e8caf37a30601..8598f98c3171d 100644 --- a/common/version.go +++ b/common/version.go @@ -16,7 +16,6 @@ var ( gitTag = "" // output from `git describe --exact-match --tags HEAD` (if clean tree state) gitTreeState = "" // determined from `git status --porcelain`. either 'clean' or 'dirty' kubectlVersion = "" // determined from go.mod file - extraBuildInfo = "" // extra build information for vendors to populate during build ) // Version contains Argo version information @@ -30,7 +29,6 @@ type Version struct { Compiler string Platform string KubectlVersion string - ExtraBuildInfo string } func (v Version) String() string { @@ -68,7 +66,6 @@ func GetVersion() Version { versionStr += "+unknown" } } - return Version{ Version: versionStr, BuildDate: buildDate, @@ -79,6 +76,5 @@ func GetVersion() Version { Compiler: runtime.Compiler, Platform: fmt.Sprintf("%s/%s", runtime.GOOS, runtime.GOARCH), KubectlVersion: kubectlVersion, - ExtraBuildInfo: extraBuildInfo, } } diff --git a/controller/appcontroller.go b/controller/appcontroller.go index 9f3e32ba0b6e6..0ce5e8b558a90 100644 --- a/controller/appcontroller.go +++ b/controller/appcontroller.go @@ -41,17 +41,14 @@ import ( "github.com/argoproj/argo-cd/v2/common" statecache "github.com/argoproj/argo-cd/v2/controller/cache" "github.com/argoproj/argo-cd/v2/controller/metrics" - "github.com/argoproj/argo-cd/v2/controller/sharding" "github.com/argoproj/argo-cd/v2/pkg/apis/application" appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - argov1alpha "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned" "github.com/argoproj/argo-cd/v2/pkg/client/informers/externalversions/application/v1alpha1" applisters "github.com/argoproj/argo-cd/v2/pkg/client/listers/application/v1alpha1" "github.com/argoproj/argo-cd/v2/reposerver/apiclient" "github.com/argoproj/argo-cd/v2/util/argo" argodiff "github.com/argoproj/argo-cd/v2/util/argo/diff" - appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate" "github.com/argoproj/argo-cd/v2/util/db" "github.com/argoproj/argo-cd/v2/util/errors" @@ -232,12 +229,10 @@ func (ctrl *ApplicationController) InvalidateProjectsCache(names ...string) { ctrl.projByNameCache.Delete(name) } } else { - if ctrl != nil { - ctrl.projByNameCache.Range(func(key, _ interface{}) bool { - ctrl.projByNameCache.Delete(key) - return true - }) - } + ctrl.projByNameCache.Range(func(key, _ interface{}) bool { + ctrl.projByNameCache.Delete(key) + return true + }) } } @@ -359,20 +354,17 @@ func (ctrl *ApplicationController) handleObjectUpdated(managedByApp map[string]b level = CompareWithRecent } - namespace := ref.Namespace - if ref.Namespace == "" { - namespace = "(cluster-scoped)" + // Additional check for debug level so we don't need to evaluate the + // format string in case of non-debug scenarios + if log.GetLevel() >= log.DebugLevel { + var resKey string + if ref.Namespace != "" { + resKey = ref.Namespace + "/" + ref.Name + } else { + resKey = "(cluster-scoped)/" + ref.Name + } + log.Debugf("Refreshing app %s for change in cluster of object %s of type %s/%s", appKey, resKey, ref.APIVersion, ref.Kind) } - log.WithFields(log.Fields{ - "application": appKey, - "level": level, - "namespace": namespace, - "name": ref.Name, - "api-version": ref.APIVersion, - "kind": ref.Kind, - "server": app.Spec.Destination.Server, - "cluster-name": app.Spec.Destination.Name, - }).Debug("Requesting app refresh caused by object update") ctrl.requestAppRefresh(app.QualifiedName(), &level, nil) } @@ -1486,7 +1478,6 @@ func (ctrl *ApplicationController) processAppRefreshQueueItem() (processNext boo }) app.Status.SourceType = compareResult.appSourceType app.Status.SourceTypes = compareResult.appSourceTypes - app.Status.ControllerNamespace = ctrl.namespace ctrl.persistAppStatus(origApp, &app.Status) return } @@ -1504,7 +1495,7 @@ func currentSourceEqualsSyncedSource(app *appv1.Application) bool { // needRefreshAppStatus answers if application status needs to be refreshed. // Returns true if application never been compared, has changed or comparison result has expired. -// Additionally, it returns whether full refresh was requested or not. +// Additionally returns whether full refresh was requested or not. // If full refresh is requested then target and live state should be reconciled, else only live state tree should be updated. func (ctrl *ApplicationController) needRefreshAppStatus(app *appv1.Application, statusRefreshTimeout, statusHardRefreshTimeout time.Duration) (bool, appv1.RefreshType, CompareWith) { logCtx := log.WithFields(log.Fields{"application": app.QualifiedName()}) @@ -1541,10 +1532,6 @@ func (ctrl *ApplicationController) needRefreshAppStatus(app *appv1.Application, } } else if !app.Spec.Destination.Equals(app.Status.Sync.ComparedTo.Destination) { reason = "spec.destination differs" - } else if app.HasChangedManagedNamespaceMetadata() { - reason = "spec.syncPolicy.managedNamespaceMetadata differs" - } else if !app.Spec.IgnoreDifferences.Equals(app.Status.Sync.ComparedTo.IgnoreDifferences) { - reason = "spec.ignoreDifferences differs" } else if requested, level := ctrl.isRefreshRequested(app.QualifiedName()); requested { compareWith = level reason = "controller refresh requested" @@ -1750,7 +1737,7 @@ func (ctrl *ApplicationController) autoSync(app *appv1.Application, syncStatus * return nil } -// alreadyAttemptedSync returns whether the most recent sync was performed against the +// alreadyAttemptedSync returns whether or not the most recent sync was performed against the // commitSHA and with the same app source config which are currently set in the app func alreadyAttemptedSync(app *appv1.Application, commitSHA string, commitSHAsMS []string, hasMultipleSources bool) (bool, synccommon.OperationPhase) { if app.Status.OperationState == nil || app.Status.OperationState.Operation.Sync == nil || app.Status.OperationState.SyncResult == nil { @@ -2028,5 +2015,3 @@ func (ctrl *ApplicationController) toAppKey(appName string) string { func (ctrl *ApplicationController) toAppQualifiedName(appName, appNamespace string) string { return fmt.Sprintf("%s/%s", appNamespace, appName) } - -type ClusterFilterFunction func(c *argov1alpha.Cluster, distributionFunction sharding.DistributionFunction) bool diff --git a/controller/appcontroller_test.go b/controller/appcontroller_test.go index f43e1329680fa..a43dcfd643062 100644 --- a/controller/appcontroller_test.go +++ b/controller/appcontroller_test.go @@ -19,6 +19,7 @@ import ( synccommon "github.com/argoproj/gitops-engine/pkg/sync/common" "github.com/argoproj/gitops-engine/pkg/utils/kube" "github.com/argoproj/gitops-engine/pkg/utils/kube/kubetest" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" corev1 "k8s.io/api/core/v1" @@ -30,10 +31,10 @@ import ( "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "k8s.io/client-go/tools/cache" - "sigs.k8s.io/yaml" mockstatecache "github.com/argoproj/argo-cd/v2/controller/cache/mocks" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake" "github.com/argoproj/argo-cd/v2/reposerver/apiclient" mockrepoclient "github.com/argoproj/argo-cd/v2/reposerver/apiclient/mocks" @@ -44,7 +45,7 @@ import ( ) type namespacedResource struct { - v1alpha1.ResourceNode + argoappv1.ResourceNode AppName string } @@ -56,7 +57,6 @@ type fakeData struct { namespacedResources map[kube.ResourceKey]namespacedResource configMapData map[string]string metricsCacheExpiration time.Duration - applicationNamespaces []string } func newFakeController(data *fakeData) *ApplicationController { @@ -122,7 +122,7 @@ func newFakeController(data *fakeData) *ApplicationController { 0, true, nil, - data.applicationNamespaces, + []string{}, ) if err != nil { panic(err) @@ -142,7 +142,7 @@ func newFakeController(data *fakeData) *ApplicationController { mockStateCache.On("IsNamespaced", mock.Anything, mock.Anything).Return(true, nil) mockStateCache.On("GetManagedLiveObjs", mock.Anything, mock.Anything).Return(data.managedLiveObjs, nil) mockStateCache.On("GetVersionsInfo", mock.Anything).Return("v1.2.3", nil, nil) - response := make(map[kube.ResourceKey]v1alpha1.ResourceNode) + response := make(map[kube.ResourceKey]argoappv1.ResourceNode) for k, v := range data.namespacedResources { response[k] = v.ResourceNode } @@ -151,12 +151,12 @@ func newFakeController(data *fakeData) *ApplicationController { mockStateCache.On("GetClusterCache", mock.Anything).Return(&clusterCacheMock, nil) mockStateCache.On("IterateHierarchy", mock.Anything, mock.Anything, mock.Anything).Run(func(args mock.Arguments) { key := args[1].(kube.ResourceKey) - action := args[2].(func(child v1alpha1.ResourceNode, appName string) bool) + action := args[2].(func(child argoappv1.ResourceNode, appName string) bool) appName := "" if res, ok := data.namespacedResources[key]; ok { appName = res.AppName } - _ = action(v1alpha1.ResourceNode{ResourceRef: v1alpha1.ResourceRef{Kind: key.Kind, Group: key.Group, Namespace: key.Namespace, Name: key.Name}}, appName) + _ = action(argoappv1.ResourceNode{ResourceRef: argoappv1.ResourceRef{Kind: key.Kind, Group: key.Group, Namespace: key.Namespace, Name: key.Name}}, appName) }).Return(nil) return ctrl } @@ -178,6 +178,7 @@ metadata: namespace: ` + test.FakeArgoCDNamespace + ` type: Opaque ` + var fakeApp = ` apiVersion: argoproj.io/v1alpha1 kind: Application @@ -264,7 +265,7 @@ status: name: always-outofsync namespace: default status: Synced - revisions: + revisions: - aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa - bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb - cccccccccccccccccccccccccccccccccccccccc @@ -327,24 +328,24 @@ metadata: data: ` -func newFakeApp() *v1alpha1.Application { +func newFakeApp() *argoappv1.Application { return createFakeApp(fakeApp) } -func newFakeMultiSourceApp() *v1alpha1.Application { +func newFakeMultiSourceApp() *argoappv1.Application { return createFakeApp(fakeMultiSourceApp) } -func newFakeAppWithDestMismatch() *v1alpha1.Application { +func newFakeAppWithDestMismatch() *argoappv1.Application { return createFakeApp(fakeAppWithDestMismatch) } -func newFakeAppWithDestName() *v1alpha1.Application { +func newFakeAppWithDestName() *argoappv1.Application { return createFakeApp(fakeAppWithDestName) } -func createFakeApp(testApp string) *v1alpha1.Application { - var app v1alpha1.Application +func createFakeApp(testApp string) *argoappv1.Application { + var app argoappv1.Application err := yaml.Unmarshal([]byte(testApp), &app) if err != nil { panic(err) @@ -364,11 +365,11 @@ func newFakeCM() map[string]interface{} { func TestAutoSync(t *testing.T) { app := newFakeApp() ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{{Name: "guestbook", Kind: kube.DeploymentKind, Status: v1alpha1.SyncStatusCodeOutOfSync}}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{{Name: "guestbook", Kind: kube.DeploymentKind, Status: argoappv1.SyncStatusCodeOutOfSync}}) assert.Nil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) assert.NoError(t, err) @@ -381,11 +382,11 @@ func TestAutoSyncNotAllowEmpty(t *testing.T) { app := newFakeApp() app.Spec.SyncPolicy.Automated.Prune = true ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{}) assert.NotNil(t, cond) } @@ -394,11 +395,11 @@ func TestAutoSyncAllowEmpty(t *testing.T) { app.Spec.SyncPolicy.Automated.Prune = true app.Spec.SyncPolicy.Automated.AllowEmpty = true ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{}) assert.Nil(t, cond) } @@ -408,11 +409,11 @@ func TestSkipAutoSync(t *testing.T) { t.Run("PreviouslySyncedToRevision", func(t *testing.T) { app := newFakeApp() ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{}) assert.Nil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) assert.NoError(t, err) @@ -423,11 +424,11 @@ func TestSkipAutoSync(t *testing.T) { t.Run("AlreadyInSyncedState", func(t *testing.T) { app := newFakeApp() ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeSynced, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeSynced, Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{}) assert.Nil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) assert.NoError(t, err) @@ -439,11 +440,11 @@ func TestSkipAutoSync(t *testing.T) { app := newFakeApp() app.Spec.SyncPolicy = nil ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{}) assert.Nil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) assert.NoError(t, err) @@ -456,11 +457,11 @@ func TestSkipAutoSync(t *testing.T) { now := metav1.Now() app.DeletionTimestamp = &now ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{}) assert.Nil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) assert.NoError(t, err) @@ -471,22 +472,22 @@ func TestSkipAutoSync(t *testing.T) { // Set current to 'aaaaa', desired to 'bbbbb' and add 'bbbbb' to failure history t.Run("PreviousSyncAttemptFailed", func(t *testing.T) { app := newFakeApp() - app.Status.OperationState = &v1alpha1.OperationState{ - Operation: v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{}, + app.Status.OperationState = &argoappv1.OperationState{ + Operation: argoappv1.Operation{ + Sync: &argoappv1.SyncOperation{}, }, Phase: synccommon.OperationFailed, - SyncResult: &v1alpha1.SyncOperationResult{ + SyncResult: &argoappv1.SyncOperationResult{ Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", Source: *app.Spec.Source.DeepCopy(), }, } ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{{Name: "guestbook", Kind: kube.DeploymentKind, Status: v1alpha1.SyncStatusCodeOutOfSync}}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{{Name: "guestbook", Kind: kube.DeploymentKind, Status: argoappv1.SyncStatusCodeOutOfSync}}) assert.NotNil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) assert.NoError(t, err) @@ -496,12 +497,12 @@ func TestSkipAutoSync(t *testing.T) { t.Run("NeedsToPruneResourcesOnlyButAutomatedPruneDisabled", func(t *testing.T) { app := newFakeApp() ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{ - {Name: "guestbook", Kind: kube.DeploymentKind, Status: v1alpha1.SyncStatusCodeOutOfSync, RequiresPruning: true}, + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{ + {Name: "guestbook", Kind: kube.DeploymentKind, Status: argoappv1.SyncStatusCodeOutOfSync, RequiresPruning: true}, }) assert.Nil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) @@ -513,8 +514,8 @@ func TestSkipAutoSync(t *testing.T) { // TestAutoSyncIndicateError verifies we skip auto-sync and return error condition if previous sync failed func TestAutoSyncIndicateError(t *testing.T) { app := newFakeApp() - app.Spec.Source.Helm = &v1alpha1.ApplicationSourceHelm{ - Parameters: []v1alpha1.HelmParameter{ + app.Spec.Source.Helm = &argoappv1.ApplicationSourceHelm{ + Parameters: []argoappv1.HelmParameter{ { Name: "a", Value: "1", @@ -522,23 +523,23 @@ func TestAutoSyncIndicateError(t *testing.T) { }, } ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", } - app.Status.OperationState = &v1alpha1.OperationState{ - Operation: v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{ + app.Status.OperationState = &argoappv1.OperationState{ + Operation: argoappv1.Operation{ + Sync: &argoappv1.SyncOperation{ Source: app.Spec.Source.DeepCopy(), }, }, Phase: synccommon.OperationFailed, - SyncResult: &v1alpha1.SyncOperationResult{ + SyncResult: &argoappv1.SyncOperationResult{ Revision: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", Source: *app.Spec.Source.DeepCopy(), }, } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{{Name: "guestbook", Kind: kube.DeploymentKind, Status: v1alpha1.SyncStatusCodeOutOfSync}}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{{Name: "guestbook", Kind: kube.DeploymentKind, Status: argoappv1.SyncStatusCodeOutOfSync}}) assert.NotNil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) assert.NoError(t, err) @@ -548,8 +549,8 @@ func TestAutoSyncIndicateError(t *testing.T) { // TestAutoSyncParameterOverrides verifies we auto-sync if revision is same but parameter overrides are different func TestAutoSyncParameterOverrides(t *testing.T) { app := newFakeApp() - app.Spec.Source.Helm = &v1alpha1.ApplicationSourceHelm{ - Parameters: []v1alpha1.HelmParameter{ + app.Spec.Source.Helm = &argoappv1.ApplicationSourceHelm{ + Parameters: []argoappv1.HelmParameter{ { Name: "a", Value: "1", @@ -557,16 +558,16 @@ func TestAutoSyncParameterOverrides(t *testing.T) { }, } ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) - syncStatus := v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeOutOfSync, + syncStatus := argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeOutOfSync, Revision: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", } - app.Status.OperationState = &v1alpha1.OperationState{ - Operation: v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{ - Source: &v1alpha1.ApplicationSource{ - Helm: &v1alpha1.ApplicationSourceHelm{ - Parameters: []v1alpha1.HelmParameter{ + app.Status.OperationState = &argoappv1.OperationState{ + Operation: argoappv1.Operation{ + Sync: &argoappv1.SyncOperation{ + Source: &argoappv1.ApplicationSource{ + Helm: &argoappv1.ApplicationSourceHelm{ + Parameters: []argoappv1.HelmParameter{ { Name: "a", Value: "2", // this value changed @@ -577,11 +578,11 @@ func TestAutoSyncParameterOverrides(t *testing.T) { }, }, Phase: synccommon.OperationFailed, - SyncResult: &v1alpha1.SyncOperationResult{ + SyncResult: &argoappv1.SyncOperationResult{ Revision: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", }, } - cond := ctrl.autoSync(app, &syncStatus, []v1alpha1.ResourceStatus{{Name: "guestbook", Kind: kube.DeploymentKind, Status: v1alpha1.SyncStatusCodeOutOfSync}}) + cond := ctrl.autoSync(app, &syncStatus, []argoappv1.ResourceStatus{{Name: "guestbook", Kind: kube.DeploymentKind, Status: argoappv1.SyncStatusCodeOutOfSync}}) assert.Nil(t, cond) app, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(test.FakeArgoCDNamespace).Get(context.Background(), "my-app", metav1.GetOptions{}) assert.NoError(t, err) @@ -590,14 +591,14 @@ func TestAutoSyncParameterOverrides(t *testing.T) { // TestFinalizeAppDeletion verifies application deletion func TestFinalizeAppDeletion(t *testing.T) { - defaultProj := v1alpha1.AppProject{ + defaultProj := argoappv1.AppProject{ ObjectMeta: metav1.ObjectMeta{ Name: "default", Namespace: test.FakeArgoCDNamespace, }, - Spec: v1alpha1.AppProjectSpec{ + Spec: argoappv1.AppProjectSpec{ SourceRepos: []string{"*"}, - Destinations: []v1alpha1.ApplicationDestination{ + Destinations: []argoappv1.ApplicationDestination{ { Server: "*", Namespace: "*", @@ -626,8 +627,8 @@ func TestFinalizeAppDeletion(t *testing.T) { patched = true return true, nil, nil }) - _, err := ctrl.finalizeApplicationDeletion(app, func(project string) ([]*v1alpha1.Cluster, error) { - return []*v1alpha1.Cluster{}, nil + _, err := ctrl.finalizeApplicationDeletion(app, func(project string) ([]*argoappv1.Cluster, error) { + return []*argoappv1.Cluster{}, nil }) assert.NoError(t, err) assert.True(t, patched) @@ -636,14 +637,14 @@ func TestFinalizeAppDeletion(t *testing.T) { // Ensure any stray resources irregularly labeled with instance label of app are not deleted upon deleting, // when app project restriction is in place t.Run("ProjectRestrictionEnforced", func(*testing.T) { - restrictedProj := v1alpha1.AppProject{ + restrictedProj := argoappv1.AppProject{ ObjectMeta: metav1.ObjectMeta{ Name: "restricted", Namespace: test.FakeArgoCDNamespace, }, - Spec: v1alpha1.AppProjectSpec{ + Spec: argoappv1.AppProjectSpec{ SourceRepos: []string{"*"}, - Destinations: []v1alpha1.ApplicationDestination{ + Destinations: []argoappv1.ApplicationDestination{ { Server: "*", Namespace: "my-app", @@ -676,8 +677,8 @@ func TestFinalizeAppDeletion(t *testing.T) { patched = true return true, nil, nil }) - objs, err := ctrl.finalizeApplicationDeletion(app, func(project string) ([]*v1alpha1.Cluster, error) { - return []*v1alpha1.Cluster{}, nil + objs, err := ctrl.finalizeApplicationDeletion(app, func(project string) ([]*argoappv1.Cluster, error) { + return []*argoappv1.Cluster{}, nil }) assert.NoError(t, err) assert.True(t, patched) @@ -710,8 +711,8 @@ func TestFinalizeAppDeletion(t *testing.T) { patched = true return true, nil, nil }) - _, err := ctrl.finalizeApplicationDeletion(app, func(project string) ([]*v1alpha1.Cluster, error) { - return []*v1alpha1.Cluster{}, nil + _, err := ctrl.finalizeApplicationDeletion(app, func(project string) ([]*argoappv1.Cluster, error) { + return []*argoappv1.Cluster{}, nil }) assert.NoError(t, err) assert.True(t, patched) @@ -723,7 +724,7 @@ func TestFinalizeAppDeletion(t *testing.T) { appTemplate := newFakeAppWithDestName() - testShouldDelete := func(app *v1alpha1.Application) { + testShouldDelete := func(app *argoappv1.Application) { appObj := kube.MustToUnstructured(&app) ctrl := newFakeController(&fakeData{apps: []runtime.Object{app, &defaultProj}, managedLiveObjs: map[kube.ResourceKey]*unstructured.Unstructured{ kube.GetResourceKey(appObj): appObj, @@ -735,8 +736,8 @@ func TestFinalizeAppDeletion(t *testing.T) { fakeAppCs.AddReactor("get", "*", func(action kubetesting.Action) (handled bool, ret runtime.Object, err error) { return defaultReactor.React(action) }) - _, err := ctrl.finalizeApplicationDeletion(app, func(project string) ([]*v1alpha1.Cluster, error) { - return []*v1alpha1.Cluster{}, nil + _, err := ctrl.finalizeApplicationDeletion(app, func(project string) ([]*argoappv1.Cluster, error) { + return []*argoappv1.Cluster{}, nil }) assert.NoError(t, err) } @@ -760,14 +761,14 @@ func TestFinalizeAppDeletion(t *testing.T) { // TestNormalizeApplication verifies we normalize an application during reconciliation func TestNormalizeApplication(t *testing.T) { - defaultProj := v1alpha1.AppProject{ + defaultProj := argoappv1.AppProject{ ObjectMeta: metav1.ObjectMeta{ Name: "default", Namespace: test.FakeArgoCDNamespace, }, - Spec: v1alpha1.AppProjectSpec{ + Spec: argoappv1.AppProjectSpec{ SourceRepos: []string{"*"}, - Destinations: []v1alpha1.ApplicationDestination{ + Destinations: []argoappv1.ApplicationDestination{ { Server: "*", Namespace: "*", @@ -777,7 +778,7 @@ func TestNormalizeApplication(t *testing.T) { } app := newFakeApp() app.Spec.Project = "" - app.Spec.Source.Kustomize = &v1alpha1.ApplicationSourceKustomize{NamePrefix: "foo-"} + app.Spec.Source.Kustomize = &argoappv1.ApplicationSourceKustomize{NamePrefix: "foo-"} data := fakeData{ apps: []runtime.Object{app, &defaultProj}, manifestResponse: &apiclient.ManifestResponse{ @@ -835,7 +836,7 @@ func TestNormalizeApplication(t *testing.T) { func TestHandleAppUpdated(t *testing.T) { app := newFakeApp() app.Spec.Destination.Namespace = test.FakeArgoCDNamespace - app.Spec.Destination.Server = v1alpha1.KubernetesInternalAPIServerAddr + app.Spec.Destination.Server = argoappv1.KubernetesInternalAPIServerAddr proj := defaultProj.DeepCopy() proj.Spec.SourceNamespaces = []string{test.FakeArgoCDNamespace} ctrl := newFakeController(&fakeData{apps: []runtime.Object{app, proj}}) @@ -855,15 +856,15 @@ func TestHandleOrphanedResourceUpdated(t *testing.T) { app1 := newFakeApp() app1.Name = "app1" app1.Spec.Destination.Namespace = test.FakeArgoCDNamespace - app1.Spec.Destination.Server = v1alpha1.KubernetesInternalAPIServerAddr + app1.Spec.Destination.Server = argoappv1.KubernetesInternalAPIServerAddr app2 := newFakeApp() app2.Name = "app2" app2.Spec.Destination.Namespace = test.FakeArgoCDNamespace - app2.Spec.Destination.Server = v1alpha1.KubernetesInternalAPIServerAddr + app2.Spec.Destination.Server = argoappv1.KubernetesInternalAPIServerAddr proj := defaultProj.DeepCopy() - proj.Spec.OrphanedResources = &v1alpha1.OrphanedResourcesMonitorSettings{} + proj.Spec.OrphanedResources = &argoappv1.OrphanedResourcesMonitorSettings{} ctrl := newFakeController(&fakeData{apps: []runtime.Object{app1, app2, proj}}) @@ -881,16 +882,16 @@ func TestHandleOrphanedResourceUpdated(t *testing.T) { func TestGetResourceTree_HasOrphanedResources(t *testing.T) { app := newFakeApp() proj := defaultProj.DeepCopy() - proj.Spec.OrphanedResources = &v1alpha1.OrphanedResourcesMonitorSettings{} + proj.Spec.OrphanedResources = &argoappv1.OrphanedResourcesMonitorSettings{} - managedDeploy := v1alpha1.ResourceNode{ - ResourceRef: v1alpha1.ResourceRef{Group: "apps", Kind: "Deployment", Namespace: "default", Name: "nginx-deployment", Version: "v1"}, + managedDeploy := argoappv1.ResourceNode{ + ResourceRef: argoappv1.ResourceRef{Group: "apps", Kind: "Deployment", Namespace: "default", Name: "nginx-deployment", Version: "v1"}, } - orphanedDeploy1 := v1alpha1.ResourceNode{ - ResourceRef: v1alpha1.ResourceRef{Group: "apps", Kind: "Deployment", Namespace: "default", Name: "deploy1"}, + orphanedDeploy1 := argoappv1.ResourceNode{ + ResourceRef: argoappv1.ResourceRef{Group: "apps", Kind: "Deployment", Namespace: "default", Name: "deploy1"}, } - orphanedDeploy2 := v1alpha1.ResourceNode{ - ResourceRef: v1alpha1.ResourceRef{Group: "apps", Kind: "Deployment", Namespace: "default", Name: "deploy2"}, + orphanedDeploy2 := argoappv1.ResourceNode{ + ResourceRef: argoappv1.ResourceRef{Group: "apps", Kind: "Deployment", Namespace: "default", Name: "deploy2"}, } ctrl := newFakeController(&fakeData{ @@ -901,7 +902,7 @@ func TestGetResourceTree_HasOrphanedResources(t *testing.T) { kube.NewResourceKey("apps", "Deployment", "default", "deploy2"): {ResourceNode: orphanedDeploy2}, }, }) - tree, err := ctrl.getResourceTree(app, []*v1alpha1.ResourceDiff{{ + tree, err := ctrl.getResourceTree(app, []*argoappv1.ResourceDiff{{ Namespace: "default", Name: "nginx-deployment", Kind: "Deployment", @@ -911,8 +912,8 @@ func TestGetResourceTree_HasOrphanedResources(t *testing.T) { }}) assert.NoError(t, err) - assert.Equal(t, tree.Nodes, []v1alpha1.ResourceNode{managedDeploy}) - assert.Equal(t, tree.OrphanedNodes, []v1alpha1.ResourceNode{orphanedDeploy1, orphanedDeploy2}) + assert.Equal(t, tree.Nodes, []argoappv1.ResourceNode{managedDeploy}) + assert.Equal(t, tree.OrphanedNodes, []argoappv1.ResourceNode{orphanedDeploy1, orphanedDeploy2}) } func TestSetOperationStateOnDeletedApp(t *testing.T) { @@ -924,7 +925,7 @@ func TestSetOperationStateOnDeletedApp(t *testing.T) { patched = true return true, nil, apierr.NewNotFound(schema.GroupResource{}, "my-app") }) - ctrl.setOperationState(newFakeApp(), &v1alpha1.OperationState{Phase: synccommon.OperationSucceeded}) + ctrl.setOperationState(newFakeApp(), &argoappv1.OperationState{Phase: synccommon.OperationSucceeded}) assert.True(t, patched) } @@ -966,7 +967,7 @@ func TestSetOperationStateLogRetries(t *testing.T) { func TestNeedRefreshAppStatus(t *testing.T) { testCases := []struct { name string - app *v1alpha1.Application + app *argoappv1.Application }{ { name: "single-source app", @@ -980,15 +981,15 @@ func TestNeedRefreshAppStatus(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { + ctrl := newFakeController(&fakeData{apps: []runtime.Object{}}) app := tc.app now := metav1.Now() app.Status.ReconciledAt = &now - app.Status.Sync = v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeSynced, - ComparedTo: v1alpha1.ComparedTo{ - Destination: app.Spec.Destination, - IgnoreDifferences: app.Spec.IgnoreDifferences, + app.Status.Sync = argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeSynced, + ComparedTo: argoappv1.ComparedTo{ + Destination: app.Spec.Destination, }, } @@ -998,67 +999,44 @@ func TestNeedRefreshAppStatus(t *testing.T) { app.Status.Sync.ComparedTo.Source = app.Spec.GetSource() } - ctrl := newFakeController(&fakeData{apps: []runtime.Object{}}) - - t.Run("no need to refresh just reconciled application", func(t *testing.T) { - needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.False(t, needRefresh) - }) - - t.Run("requested refresh is respected", func(t *testing.T) { - needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.False(t, needRefresh) - - // use a one-off controller so other tests don't have a manual refresh request - ctrl := newFakeController(&fakeData{apps: []runtime.Object{}}) + // no need to refresh just reconciled application + needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) + assert.False(t, needRefresh) - // refresh app using the 'deepest' requested comparison level - ctrl.requestAppRefresh(app.Name, CompareWithRecent.Pointer(), nil) - ctrl.requestAppRefresh(app.Name, ComparisonWithNothing.Pointer(), nil) + // refresh app using the 'deepest' requested comparison level + ctrl.requestAppRefresh(app.Name, CompareWithRecent.Pointer(), nil) + ctrl.requestAppRefresh(app.Name, ComparisonWithNothing.Pointer(), nil) - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.True(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeNormal, refreshType) - assert.Equal(t, CompareWithRecent, compareWith) - }) + needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) + assert.True(t, needRefresh) + assert.Equal(t, argoappv1.RefreshTypeNormal, refreshType) + assert.Equal(t, CompareWithRecent, compareWith) - t.Run("refresh application which status is not reconciled using latest commit", func(t *testing.T) { - app := app.DeepCopy() - needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.False(t, needRefresh) - app.Status.Sync = v1alpha1.SyncStatus{Status: v1alpha1.SyncStatusCodeUnknown} + // refresh application which status is not reconciled using latest commit + app.Status.Sync = argoappv1.SyncStatus{Status: argoappv1.SyncStatusCodeUnknown} - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.True(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeNormal, refreshType) - assert.Equal(t, CompareWithLatestForceResolve, compareWith) - }) + needRefresh, refreshType, compareWith = ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) + assert.True(t, needRefresh) + assert.Equal(t, argoappv1.RefreshTypeNormal, refreshType) + assert.Equal(t, CompareWithLatestForceResolve, compareWith) t.Run("refresh app using the 'latest' level if comparison expired", func(t *testing.T) { app := app.DeepCopy() - - // use a one-off controller so other tests don't have a manual refresh request - ctrl := newFakeController(&fakeData{apps: []runtime.Object{}}) - - needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.False(t, needRefresh) - ctrl.requestAppRefresh(app.Name, CompareWithRecent.Pointer(), nil) reconciledAt := metav1.NewTime(time.Now().UTC().Add(-1 * time.Hour)) app.Status.ReconciledAt = &reconciledAt - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 1*time.Minute, 2*time.Hour) + needRefresh, refreshType, compareWith = ctrl.needRefreshAppStatus(app, 1*time.Minute, 2*time.Hour) assert.True(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeNormal, refreshType) - assert.Equal(t, CompareWithLatest, compareWith) + assert.Equal(t, argoappv1.RefreshTypeNormal, refreshType) + assert.Equal(t, CompareWithLatestForceResolve, compareWith) }) t.Run("refresh app using the 'latest' level if comparison expired for hard refresh", func(t *testing.T) { app := app.DeepCopy() - app.Status.Sync = v1alpha1.SyncStatus{ - Status: v1alpha1.SyncStatusCodeSynced, - ComparedTo: v1alpha1.ComparedTo{ - Destination: app.Spec.Destination, - IgnoreDifferences: app.Spec.IgnoreDifferences, + app.Status.Sync = argoappv1.SyncStatus{ + Status: argoappv1.SyncStatusCodeSynced, + ComparedTo: argoappv1.ComparedTo{ + Destination: app.Spec.Destination, }, } if app.Spec.HasMultipleSources() { @@ -1066,145 +1044,66 @@ func TestNeedRefreshAppStatus(t *testing.T) { } else { app.Status.Sync.ComparedTo.Source = app.Spec.GetSource() } - - // use a one-off controller so other tests don't have a manual refresh request - ctrl := newFakeController(&fakeData{apps: []runtime.Object{}}) - - needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.False(t, needRefresh) ctrl.requestAppRefresh(app.Name, CompareWithRecent.Pointer(), nil) reconciledAt := metav1.NewTime(time.Now().UTC().Add(-1 * time.Hour)) app.Status.ReconciledAt = &reconciledAt - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 2*time.Hour, 1*time.Minute) + needRefresh, refreshType, compareWith = ctrl.needRefreshAppStatus(app, 2*time.Hour, 1*time.Minute) assert.True(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeHard, refreshType) + assert.Equal(t, argoappv1.RefreshTypeHard, refreshType) assert.Equal(t, CompareWithLatest, compareWith) }) t.Run("execute hard refresh if app has refresh annotation", func(t *testing.T) { app := app.DeepCopy() - needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.False(t, needRefresh) reconciledAt := metav1.NewTime(time.Now().UTC().Add(-1 * time.Hour)) app.Status.ReconciledAt = &reconciledAt app.Annotations = map[string]string{ - v1alpha1.AnnotationKeyRefresh: string(v1alpha1.RefreshTypeHard), + v1alpha1.AnnotationKeyRefresh: string(argoappv1.RefreshTypeHard), } - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) + needRefresh, refreshType, compareWith = ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) assert.True(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeHard, refreshType) + assert.Equal(t, argoappv1.RefreshTypeHard, refreshType) assert.Equal(t, CompareWithLatestForceResolve, compareWith) }) t.Run("ensure that CompareWithLatest level is used if application source has changed", func(t *testing.T) { app := app.DeepCopy() - needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.False(t, needRefresh) + ctrl.requestAppRefresh(app.Name, ComparisonWithNothing.Pointer(), nil) // sample app source change if app.Spec.HasMultipleSources() { - app.Spec.Sources[0].Helm = &v1alpha1.ApplicationSourceHelm{ - Parameters: []v1alpha1.HelmParameter{{ + app.Spec.Sources[0].Helm = &argoappv1.ApplicationSourceHelm{ + Parameters: []argoappv1.HelmParameter{{ Name: "foo", Value: "bar", }}, } } else { - app.Spec.Source.Helm = &v1alpha1.ApplicationSourceHelm{ - Parameters: []v1alpha1.HelmParameter{{ + app.Spec.Source.Helm = &argoappv1.ApplicationSourceHelm{ + Parameters: []argoappv1.HelmParameter{{ Name: "foo", Value: "bar", }}, } } - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) + needRefresh, refreshType, compareWith = ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) assert.True(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeNormal, refreshType) + assert.Equal(t, argoappv1.RefreshTypeNormal, refreshType) assert.Equal(t, CompareWithLatestForceResolve, compareWith) }) - - t.Run("ensure that CompareWithLatest level is used if ignored differences change", func(t *testing.T) { - app := app.DeepCopy() - needRefresh, _, _ := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.False(t, needRefresh) - - app.Spec.IgnoreDifferences = []v1alpha1.ResourceIgnoreDifferences{ - { - Group: "apps", - Kind: "Deployment", - JSONPointers: []string{ - "/spec/template/spec/containers/0/image", - }, - }, - } - - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 1*time.Hour, 2*time.Hour) - assert.True(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeNormal, refreshType) - assert.Equal(t, CompareWithLatest, compareWith) - }) }) } } -func TestUpdatedManagedNamespaceMetadata(t *testing.T) { - ctrl := newFakeController(&fakeData{apps: []runtime.Object{}}) - app := newFakeApp() - app.Spec.SyncPolicy.ManagedNamespaceMetadata = &v1alpha1.ManagedNamespaceMetadata{ - Labels: map[string]string{ - "foo": "bar", - }, - Annotations: map[string]string{ - "foo": "bar", - }, - } - app.Status.Sync.ComparedTo.Source = app.Spec.GetSource() - app.Status.Sync.ComparedTo.Destination = app.Spec.Destination - - // Ensure that hard/soft refresh isn't triggered due to reconciledAt being expired - reconciledAt := metav1.NewTime(time.Now().UTC().Add(15 * time.Minute)) - app.Status.ReconciledAt = &reconciledAt - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 30*time.Minute, 2*time.Hour) - - assert.True(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeNormal, refreshType) - assert.Equal(t, CompareWithLatest, compareWith) -} - -func TestUnchangedManagedNamespaceMetadata(t *testing.T) { - ctrl := newFakeController(&fakeData{apps: []runtime.Object{}}) - app := newFakeApp() - app.Spec.SyncPolicy.ManagedNamespaceMetadata = &v1alpha1.ManagedNamespaceMetadata{ - Labels: map[string]string{ - "foo": "bar", - }, - Annotations: map[string]string{ - "foo": "bar", - }, - } - app.Status.Sync.ComparedTo.Source = app.Spec.GetSource() - app.Status.Sync.ComparedTo.Destination = app.Spec.Destination - app.Status.OperationState.SyncResult.ManagedNamespaceMetadata = app.Spec.SyncPolicy.ManagedNamespaceMetadata - - // Ensure that hard/soft refresh isn't triggered due to reconciledAt being expired - reconciledAt := metav1.NewTime(time.Now().UTC().Add(15 * time.Minute)) - app.Status.ReconciledAt = &reconciledAt - needRefresh, refreshType, compareWith := ctrl.needRefreshAppStatus(app, 30*time.Minute, 2*time.Hour) - - assert.False(t, needRefresh) - assert.Equal(t, v1alpha1.RefreshTypeNormal, refreshType) - assert.Equal(t, CompareWithLatest, compareWith) -} - func TestRefreshAppConditions(t *testing.T) { - defaultProj := v1alpha1.AppProject{ + defaultProj := argoappv1.AppProject{ ObjectMeta: metav1.ObjectMeta{ Name: "default", Namespace: test.FakeArgoCDNamespace, }, - Spec: v1alpha1.AppProjectSpec{ + Spec: argoappv1.AppProjectSpec{ SourceRepos: []string{"*"}, - Destinations: []v1alpha1.ApplicationDestination{ + Destinations: []argoappv1.ApplicationDestination{ { Server: "*", Namespace: "*", @@ -1224,27 +1123,27 @@ func TestRefreshAppConditions(t *testing.T) { t.Run("PreserveExistingWarningCondition", func(t *testing.T) { app := newFakeApp() - app.Status.SetConditions([]v1alpha1.ApplicationCondition{{Type: v1alpha1.ApplicationConditionExcludedResourceWarning}}, nil) + app.Status.SetConditions([]argoappv1.ApplicationCondition{{Type: argoappv1.ApplicationConditionExcludedResourceWarning}}, nil) ctrl := newFakeController(&fakeData{apps: []runtime.Object{app, &defaultProj}}) _, hasErrors := ctrl.refreshAppConditions(app) assert.False(t, hasErrors) assert.Len(t, app.Status.Conditions, 1) - assert.Equal(t, v1alpha1.ApplicationConditionExcludedResourceWarning, app.Status.Conditions[0].Type) + assert.Equal(t, argoappv1.ApplicationConditionExcludedResourceWarning, app.Status.Conditions[0].Type) }) t.Run("ReplacesSpecErrorCondition", func(t *testing.T) { app := newFakeApp() app.Spec.Project = "wrong project" - app.Status.SetConditions([]v1alpha1.ApplicationCondition{{Type: v1alpha1.ApplicationConditionInvalidSpecError, Message: "old message"}}, nil) + app.Status.SetConditions([]argoappv1.ApplicationCondition{{Type: argoappv1.ApplicationConditionInvalidSpecError, Message: "old message"}}, nil) ctrl := newFakeController(&fakeData{apps: []runtime.Object{app, &defaultProj}}) _, hasErrors := ctrl.refreshAppConditions(app) assert.True(t, hasErrors) assert.Len(t, app.Status.Conditions, 1) - assert.Equal(t, v1alpha1.ApplicationConditionInvalidSpecError, app.Status.Conditions[0].Type) + assert.Equal(t, argoappv1.ApplicationConditionInvalidSpecError, app.Status.Conditions[0].Type) assert.Equal(t, "Application referencing project wrong project which does not exist", app.Status.Conditions[0].Message) }) } @@ -1252,8 +1151,8 @@ func TestRefreshAppConditions(t *testing.T) { func TestUpdateReconciledAt(t *testing.T) { app := newFakeApp() reconciledAt := metav1.NewTime(time.Now().Add(-1 * time.Second)) - app.Status = v1alpha1.ApplicationStatus{ReconciledAt: &reconciledAt} - app.Status.Sync = v1alpha1.SyncStatus{ComparedTo: v1alpha1.ComparedTo{Source: app.Spec.GetSource(), Destination: app.Spec.Destination, IgnoreDifferences: app.Spec.IgnoreDifferences}} + app.Status = argoappv1.ApplicationStatus{ReconciledAt: &reconciledAt} + app.Status.Sync = argoappv1.SyncStatus{ComparedTo: argoappv1.ComparedTo{Source: app.Spec.GetSource(), Destination: app.Spec.Destination}} ctrl := newFakeController(&fakeData{ apps: []runtime.Object{app, &defaultProj}, manifestResponse: &apiclient.ManifestResponse{ @@ -1331,15 +1230,15 @@ func TestProjectErrorToCondition(t *testing.T) { obj, ok, err := ctrl.appInformer.GetIndexer().GetByKey(key) assert.True(t, ok) assert.NoError(t, err) - updatedApp := obj.(*v1alpha1.Application) - assert.Equal(t, v1alpha1.ApplicationConditionInvalidSpecError, updatedApp.Status.Conditions[0].Type) + updatedApp := obj.(*argoappv1.Application) + assert.Equal(t, argoappv1.ApplicationConditionInvalidSpecError, updatedApp.Status.Conditions[0].Type) assert.Equal(t, "Application referencing project wrong project which does not exist", updatedApp.Status.Conditions[0].Message) - assert.Equal(t, v1alpha1.ApplicationConditionInvalidSpecError, updatedApp.Status.Conditions[0].Type) + assert.Equal(t, argoappv1.ApplicationConditionInvalidSpecError, updatedApp.Status.Conditions[0].Type) } func TestFinalizeProjectDeletion_HasApplications(t *testing.T) { app := newFakeApp() - proj := &v1alpha1.AppProject{ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: test.FakeArgoCDNamespace}} + proj := &argoappv1.AppProject{ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: test.FakeArgoCDNamespace}} ctrl := newFakeController(&fakeData{apps: []runtime.Object{app, proj}}) fakeAppCs := ctrl.applicationClientset.(*appclientset.Clientset) @@ -1355,7 +1254,7 @@ func TestFinalizeProjectDeletion_HasApplications(t *testing.T) { } func TestFinalizeProjectDeletion_DoesNotHaveApplications(t *testing.T) { - proj := &v1alpha1.AppProject{ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: test.FakeArgoCDNamespace}} + proj := &argoappv1.AppProject{ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: test.FakeArgoCDNamespace}} ctrl := newFakeController(&fakeData{apps: []runtime.Object{&defaultProj}}) fakeAppCs := ctrl.applicationClientset.(*appclientset.Clientset) @@ -1379,8 +1278,8 @@ func TestFinalizeProjectDeletion_DoesNotHaveApplications(t *testing.T) { func TestProcessRequestedAppOperation_FailedNoRetries(t *testing.T) { app := newFakeApp() app.Spec.Project = "default" - app.Operation = &v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{}, + app.Operation = &argoappv1.Operation{ + Sync: &argoappv1.SyncOperation{}, } ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) fakeAppCs := ctrl.applicationClientset.(*appclientset.Clientset) @@ -1401,8 +1300,8 @@ func TestProcessRequestedAppOperation_FailedNoRetries(t *testing.T) { func TestProcessRequestedAppOperation_InvalidDestination(t *testing.T) { app := newFakeAppWithDestMismatch() app.Spec.Project = "test-project" - app.Operation = &v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{}, + app.Operation = &argoappv1.Operation{ + Sync: &argoappv1.SyncOperation{}, } proj := defaultProj proj.Name = "test-project" @@ -1432,9 +1331,9 @@ func TestProcessRequestedAppOperation_InvalidDestination(t *testing.T) { func TestProcessRequestedAppOperation_FailedHasRetries(t *testing.T) { app := newFakeApp() app.Spec.Project = "invalid-project" - app.Operation = &v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{}, - Retry: v1alpha1.RetryStrategy{Limit: 1}, + app.Operation = &argoappv1.Operation{ + Sync: &argoappv1.SyncOperation{}, + Retry: argoappv1.RetryStrategy{Limit: 1}, } ctrl := newFakeController(&fakeData{apps: []runtime.Object{app}}) fakeAppCs := ctrl.applicationClientset.(*appclientset.Clientset) @@ -1458,12 +1357,12 @@ func TestProcessRequestedAppOperation_FailedHasRetries(t *testing.T) { func TestProcessRequestedAppOperation_RunningPreviouslyFailed(t *testing.T) { app := newFakeApp() - app.Operation = &v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{}, - Retry: v1alpha1.RetryStrategy{Limit: 1}, + app.Operation = &argoappv1.Operation{ + Sync: &argoappv1.SyncOperation{}, + Retry: argoappv1.RetryStrategy{Limit: 1}, } app.Status.OperationState.Phase = synccommon.OperationRunning - app.Status.OperationState.SyncResult.Resources = []*v1alpha1.ResourceResult{{ + app.Status.OperationState.SyncResult.Resources = []*argoappv1.ResourceResult{{ Name: "guestbook", Kind: "Deployment", Group: "apps", @@ -1497,9 +1396,9 @@ func TestProcessRequestedAppOperation_RunningPreviouslyFailed(t *testing.T) { func TestProcessRequestedAppOperation_HasRetriesTerminated(t *testing.T) { app := newFakeApp() - app.Operation = &v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{}, - Retry: v1alpha1.RetryStrategy{Limit: 10}, + app.Operation = &argoappv1.Operation{ + Sync: &argoappv1.SyncOperation{}, + Retry: argoappv1.RetryStrategy{Limit: 10}, } app.Status.OperationState.Phase = synccommon.OperationTerminating @@ -1569,19 +1468,19 @@ func TestGetAppHosts(t *testing.T) { })).Return(nil) ctrl.stateCache = mockStateCache - hosts, err := ctrl.getAppHosts(app, []v1alpha1.ResourceNode{{ - ResourceRef: v1alpha1.ResourceRef{Name: "pod1", Namespace: "default", Kind: kube.PodKind}, - Info: []v1alpha1.InfoItem{{ + hosts, err := ctrl.getAppHosts(app, []argoappv1.ResourceNode{{ + ResourceRef: argoappv1.ResourceRef{Name: "pod1", Namespace: "default", Kind: kube.PodKind}, + Info: []argoappv1.InfoItem{{ Name: "Host", Value: "Minikube", }}, }}) assert.NoError(t, err) - assert.Equal(t, []v1alpha1.HostInfo{{ + assert.Equal(t, []argoappv1.HostInfo{{ Name: "minikube", SystemInfo: corev1.NodeSystemInfo{OSImage: "debian"}, - ResourcesInfo: []v1alpha1.HostResourceInfo{{ + ResourcesInfo: []argoappv1.HostResourceInfo{{ ResourceName: corev1.ResourceCPU, Capacity: 5000, RequestedByApp: 1000, RequestedByNeighbors: 2000}, }}}, hosts) } @@ -1631,13 +1530,13 @@ func Test_canProcessApp(t *testing.T) { }) t.Run("with cluster filter, good namespace", func(t *testing.T) { app.Namespace = "good" - ctrl.clusterFilter = func(_ *v1alpha1.Cluster) bool { return true } + ctrl.clusterFilter = func(_ *argoappv1.Cluster) bool { return true } canProcess := ctrl.canProcessApp(app) assert.True(t, canProcess) }) t.Run("with cluster filter, bad namespace", func(t *testing.T) { app.Namespace = "bad" - ctrl.clusterFilter = func(_ *v1alpha1.Cluster) bool { return true } + ctrl.clusterFilter = func(_ *argoappv1.Cluster) bool { return true } canProcess := ctrl.canProcessApp(app) assert.False(t, canProcess) }) @@ -1691,38 +1590,3 @@ func Test_syncDeleteOption(t *testing.T) { assert.False(t, delete) }) } - -func TestAddControllerNamespace(t *testing.T) { - t.Run("set controllerNamespace when the app is in the controller namespace", func(t *testing.T) { - app := newFakeApp() - ctrl := newFakeController(&fakeData{ - apps: []runtime.Object{app, &defaultProj}, - manifestResponse: &apiclient.ManifestResponse{}, - }) - - ctrl.processAppRefreshQueueItem() - - updatedApp, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(ctrl.namespace).Get(context.Background(), app.Name, metav1.GetOptions{}) - assert.NoError(t, err) - assert.Equal(t, test.FakeArgoCDNamespace, updatedApp.Status.ControllerNamespace) - }) - t.Run("set controllerNamespace when the app is in another namespace than the controller", func(t *testing.T) { - appNamespace := "app-namespace" - - app := newFakeApp() - app.ObjectMeta.Namespace = appNamespace - proj := defaultProj - proj.Spec.SourceNamespaces = []string{appNamespace} - ctrl := newFakeController(&fakeData{ - apps: []runtime.Object{app, &proj}, - manifestResponse: &apiclient.ManifestResponse{}, - applicationNamespaces: []string{appNamespace}, - }) - - ctrl.processAppRefreshQueueItem() - - updatedApp, err := ctrl.applicationClientset.ArgoprojV1alpha1().Applications(appNamespace).Get(context.Background(), app.Name, metav1.GetOptions{}) - assert.NoError(t, err) - assert.Equal(t, test.FakeArgoCDNamespace, updatedApp.Status.ControllerNamespace) - }) -} diff --git a/controller/cache/cache.go b/controller/cache/cache.go index ef0ce1f4fcf76..e6ccc95b4831e 100644 --- a/controller/cache/cache.go +++ b/controller/cache/cache.go @@ -29,7 +29,6 @@ import ( "k8s.io/client-go/tools/cache" "github.com/argoproj/argo-cd/v2/controller/metrics" - "github.com/argoproj/argo-cd/v2/pkg/apis/application" appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/util/argo" "github.com/argoproj/argo-cd/v2/util/db" @@ -46,7 +45,7 @@ const ( // EnvClusterCacheWatchResyncDuration is the env variable that holds cluster cache watch re-sync duration EnvClusterCacheWatchResyncDuration = "ARGOCD_CLUSTER_CACHE_WATCH_RESYNC_DURATION" - // EnvClusterSyncRetryTimeoutDuration is the env variable that holds cluster retry duration when sync error happens + // EnvClusterRetryTimeoutDuration is the env variable that holds cluster retry duration when sync error happens EnvClusterSyncRetryTimeoutDuration = "ARGOCD_CLUSTER_SYNC_RETRY_TIMEOUT_DURATION" // EnvClusterCacheListPageSize is the env variable to control size of the list page size when making K8s queries @@ -57,7 +56,7 @@ const ( // k8s list queries results across all clusters to avoid memory spikes during cache initialization. EnvClusterCacheListSemaphore = "ARGOCD_CLUSTER_CACHE_LIST_SEMAPHORE" - // EnvClusterCacheAttemptLimit is the env variable to control the retry limit for listing resources during cluster cache sync + // EnvClusterCacheRetryLimit is the env variable to control the retry limit for listing resources during cluster cache sync EnvClusterCacheAttemptLimit = "ARGOCD_CLUSTER_CACHE_ATTEMPT_LIMIT" // EnvClusterCacheRetryUseBackoff is the env variable to control whether to use a backoff strategy with the retry during cluster cache sync @@ -150,8 +149,6 @@ type ResourceInfo struct { PodInfo *PodInfo // NodeInfo is available for nodes only NodeInfo *NodeInfo - - manifestHash string } func NewLiveStateCache( @@ -181,11 +178,6 @@ type cacheSettings struct { clusterSettings clustercache.Settings appInstanceLabelKey string trackingMethod appv1.TrackingMethod - // resourceOverrides provides a list of ignored differences to ignore watched resource updates - resourceOverrides map[string]appv1.ResourceOverride - - // ignoreResourceUpdates is a flag to enable resource-ignore rules. - ignoreResourceUpdatesEnabled bool } type liveStateCache struct { @@ -208,14 +200,6 @@ func (c *liveStateCache) loadCacheSettings() (*cacheSettings, error) { if err != nil { return nil, err } - resourceUpdatesOverrides, err := c.settingsMgr.GetIgnoreResourceUpdatesOverrides() - if err != nil { - return nil, err - } - ignoreResourceUpdatesEnabled, err := c.settingsMgr.GetIsIgnoreResourceUpdatesEnabled() - if err != nil { - return nil, err - } resourcesFilter, err := c.settingsMgr.GetResourcesFilter() if err != nil { return nil, err @@ -228,8 +212,7 @@ func (c *liveStateCache) loadCacheSettings() (*cacheSettings, error) { ResourceHealthOverride: lua.ResourceHealthOverrides(resourceOverrides), ResourcesFilter: resourcesFilter, } - - return &cacheSettings{clusterSettings, appInstanceLabelKey, argo.GetTrackingMethod(c.settingsMgr), resourceUpdatesOverrides, ignoreResourceUpdatesEnabled}, nil + return &cacheSettings{clusterSettings, appInstanceLabelKey, argo.GetTrackingMethod(c.settingsMgr)}, nil } func asResourceNode(r *clustercache.Resource) appv1.ResourceNode { @@ -326,27 +309,6 @@ func skipAppRequeuing(key kube.ResourceKey) bool { return ignoredRefreshResources[key.Group+"/"+key.Kind] } -func skipResourceUpdate(oldInfo, newInfo *ResourceInfo) bool { - if oldInfo == nil || newInfo == nil { - return false - } - isSameHealthStatus := (oldInfo.Health == nil && newInfo.Health == nil) || oldInfo.Health != nil && newInfo.Health != nil && oldInfo.Health.Status == newInfo.Health.Status - isSameManifest := oldInfo.manifestHash != "" && newInfo.manifestHash != "" && oldInfo.manifestHash == newInfo.manifestHash - return isSameHealthStatus && isSameManifest -} - -// shouldHashManifest validates if the API resource needs to be hashed. -// If there's an app name from resource tracking, or if this is itself an app, we should generate a hash. -// Otherwise, the hashing should be skipped to save CPU time. -func shouldHashManifest(appName string, gvk schema.GroupVersionKind) bool { - // Only hash if the resource belongs to an app. - // Best - Only hash for resources that are part of an app or their dependencies - // (current) - Only hash for resources that are part of an app + all apps that might be from an ApplicationSet - // Orphan - If orphan is enabled, hash should be made on all resource of that namespace and a config to disable it - // Worst - Hash all resources watched by Argo - return appName != "" || (gvk.Group == application.Group && gvk.Kind == application.ApplicationKind) -} - // isRetryableError is a helper method to see whether an error // returned from the dynamic client is potentially retryable. func isRetryableError(err error) bool { @@ -462,25 +424,14 @@ func (c *liveStateCache) getCluster(server string) (clustercache.ClusterCache, e c.lock.RLock() cacheSettings := c.cacheSettings c.lock.RUnlock() - res.Health, _ = health.GetResourceHealth(un, cacheSettings.clusterSettings.ResourceHealthOverride) appName := c.resourceTracking.GetAppName(un, cacheSettings.appInstanceLabelKey, cacheSettings.trackingMethod) if isRoot && appName != "" { res.AppName = appName } - gvk := un.GroupVersionKind() - if cacheSettings.ignoreResourceUpdatesEnabled && shouldHashManifest(appName, gvk) { - hash, err := generateManifestHash(un, nil, cacheSettings.resourceOverrides) - if err != nil { - log.Errorf("Failed to generate manifest hash: %v", err) - } else { - res.manifestHash = hash - } - } - // edge case. we do not label CRDs, so they miss the tracking label we inject. But we still // want the full resource to be available in our cache (to diff), so we store all CRDs return res, res.AppName != "" || gvk.Kind == kube.CustomResourceDefinitionKind @@ -499,30 +450,6 @@ func (c *liveStateCache) getCluster(server string) (clustercache.ClusterCache, e } else { ref = oldRes.Ref } - - c.lock.RLock() - cacheSettings := c.cacheSettings - c.lock.RUnlock() - - if cacheSettings.ignoreResourceUpdatesEnabled && oldRes != nil && newRes != nil && skipResourceUpdate(resInfo(oldRes), resInfo(newRes)) { - // Additional check for debug level so we don't need to evaluate the - // format string in case of non-debug scenarios - if log.GetLevel() >= log.DebugLevel { - namespace := ref.Namespace - if ref.Namespace == "" { - namespace = "(cluster-scoped)" - } - log.WithFields(log.Fields{ - "server": cluster.Server, - "namespace": namespace, - "name": ref.Name, - "api-version": ref.APIVersion, - "kind": ref.Kind, - }).Debug("Ignoring change of object because none of the watched resource fields have changed") - } - return - } - for _, r := range []*clustercache.Resource{newRes, oldRes} { if r == nil { continue @@ -620,7 +547,7 @@ func (c *liveStateCache) GetNamespaceTopLevelResources(server string, namespace func (c *liveStateCache) GetManagedLiveObjs(a *appv1.Application, targetObjs []*unstructured.Unstructured) (map[kube.ResourceKey]*unstructured.Unstructured, error) { clusterInfo, err := c.getSyncedCluster(a.Spec.Destination.Server) if err != nil { - return nil, fmt.Errorf("failed to get cluster info for %q: %w", a.Spec.Destination.Server, err) + return nil, err } return clusterInfo.GetManagedLiveObjs(targetObjs, func(r *clustercache.Resource) bool { return resInfo(r).AppName == a.InstanceName(c.settingsMgr.GetNamespace()) @@ -630,7 +557,7 @@ func (c *liveStateCache) GetManagedLiveObjs(a *appv1.Application, targetObjs []* func (c *liveStateCache) GetVersionsInfo(serverURL string) (string, []kube.APIResourceInfo, error) { clusterInfo, err := c.getSyncedCluster(serverURL) if err != nil { - return "", nil, fmt.Errorf("failed to get cluster info for %q: %w", serverURL, err) + return "", nil, err } return clusterInfo.GetServerVersion(), clusterInfo.GetAPIResources(), nil } diff --git a/controller/cache/cache_test.go b/controller/cache/cache_test.go index de2d96eb7aa28..46e54c3662a2f 100644 --- a/controller/cache/cache_test.go +++ b/controller/cache/cache_test.go @@ -17,7 +17,6 @@ import ( "github.com/argoproj/gitops-engine/pkg/cache" "github.com/argoproj/gitops-engine/pkg/cache/mocks" - "github.com/argoproj/gitops-engine/pkg/health" "github.com/stretchr/testify/mock" "k8s.io/client-go/kubernetes/fake" @@ -300,126 +299,3 @@ func Test_asResourceNode_owner_refs(t *testing.T) { } assert.Equal(t, expected, resNode) } - -func TestSkipResourceUpdate(t *testing.T) { - var ( - hash1_x string = "x" - hash2_y string = "y" - hash3_x string = "x" - ) - info := &ResourceInfo{ - manifestHash: hash1_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusHealthy, - Message: "default", - }, - } - t.Run("Nil", func(t *testing.T) { - assert.False(t, skipResourceUpdate(nil, nil)) - }) - t.Run("From Nil", func(t *testing.T) { - assert.False(t, skipResourceUpdate(nil, info)) - }) - t.Run("To Nil", func(t *testing.T) { - assert.False(t, skipResourceUpdate(info, nil)) - }) - t.Run("No hash", func(t *testing.T) { - assert.False(t, skipResourceUpdate(&ResourceInfo{}, &ResourceInfo{})) - }) - t.Run("Same hash", func(t *testing.T) { - assert.True(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - }, &ResourceInfo{ - manifestHash: hash1_x, - })) - }) - t.Run("Same hash value", func(t *testing.T) { - assert.True(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - }, &ResourceInfo{ - manifestHash: hash3_x, - })) - }) - t.Run("Different hash value", func(t *testing.T) { - assert.False(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - }, &ResourceInfo{ - manifestHash: hash2_y, - })) - }) - t.Run("Same hash, empty health", func(t *testing.T) { - assert.True(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - Health: &health.HealthStatus{}, - }, &ResourceInfo{ - manifestHash: hash3_x, - Health: &health.HealthStatus{}, - })) - }) - t.Run("Same hash, old health", func(t *testing.T) { - assert.False(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusHealthy}, - }, &ResourceInfo{ - manifestHash: hash3_x, - Health: nil, - })) - }) - t.Run("Same hash, new health", func(t *testing.T) { - assert.False(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - Health: &health.HealthStatus{}, - }, &ResourceInfo{ - manifestHash: hash3_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusHealthy, - }, - })) - }) - t.Run("Same hash, same health", func(t *testing.T) { - assert.True(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusHealthy, - Message: "same", - }, - }, &ResourceInfo{ - manifestHash: hash3_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusHealthy, - Message: "same", - }, - })) - }) - t.Run("Same hash, different health status", func(t *testing.T) { - assert.False(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusHealthy, - Message: "same", - }, - }, &ResourceInfo{ - manifestHash: hash3_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusDegraded, - Message: "same", - }, - })) - }) - t.Run("Same hash, different health message", func(t *testing.T) { - assert.True(t, skipResourceUpdate(&ResourceInfo{ - manifestHash: hash1_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusHealthy, - Message: "same", - }, - }, &ResourceInfo{ - manifestHash: hash3_x, - Health: &health.HealthStatus{ - Status: health.HealthStatusHealthy, - Message: "different", - }, - })) - }) -} diff --git a/controller/cache/info.go b/controller/cache/info.go index cf0d12318a447..3cc7980ad8e12 100644 --- a/controller/cache/info.go +++ b/controller/cache/info.go @@ -3,14 +3,12 @@ package cache import ( "errors" "fmt" - "strconv" "strings" "k8s.io/apimachinery/pkg/runtime/schema" "github.com/argoproj/gitops-engine/pkg/utils/kube" "github.com/argoproj/gitops-engine/pkg/utils/text" - "github.com/cespare/xxhash/v2" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" @@ -18,7 +16,6 @@ import ( "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - "github.com/argoproj/argo-cd/v2/util/argo/normalizers" "github.com/argoproj/argo-cd/v2/util/resource" ) @@ -389,27 +386,3 @@ func populateHostNodeInfo(un *unstructured.Unstructured, res *ResourceInfo) { SystemInfo: node.Status.NodeInfo, } } - -func generateManifestHash(un *unstructured.Unstructured, ignores []v1alpha1.ResourceIgnoreDifferences, overrides map[string]v1alpha1.ResourceOverride) (string, error) { - normalizer, err := normalizers.NewIgnoreNormalizer(ignores, overrides) - if err != nil { - return "", fmt.Errorf("error creating normalizer: %w", err) - } - - resource := un.DeepCopy() - err = normalizer.Normalize(resource) - if err != nil { - return "", fmt.Errorf("error normalizing resource: %w", err) - } - - data, err := resource.MarshalJSON() - if err != nil { - return "", fmt.Errorf("error marshaling resource: %w", err) - } - hash := hash(data) - return hash, nil -} - -func hash(data []byte) string { - return strconv.FormatUint(xxhash.Sum64(data), 16) -} diff --git a/controller/cache/info_test.go b/controller/cache/info_test.go index 8a06d3745e13b..6c9977876bae0 100644 --- a/controller/cache/info_test.go +++ b/controller/cache/info_test.go @@ -9,11 +9,11 @@ import ( "github.com/argoproj/gitops-engine/pkg/utils/kube" "github.com/argoproj/pkg/errors" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" ) @@ -694,62 +694,3 @@ func TestCustomLabel(t *testing.T) { assert.Equal(t, "other-label", info.Info[1].Name) assert.Equal(t, "value2", info.Info[1].Value) } - -func TestManifestHash(t *testing.T) { - manifest := strToUnstructured(` - apiVersion: v1 - kind: Pod - metadata: - name: helm-guestbook-pod - namespace: default - ownerReferences: - - apiVersion: extensions/v1beta1 - kind: ReplicaSet - name: helm-guestbook-rs - resourceVersion: "123" - labels: - app: guestbook - spec: - nodeName: minikube - containers: - - image: bar - resources: - requests: - memory: 128Mi -`) - - ignores := []v1alpha1.ResourceIgnoreDifferences{ - { - Group: "*", - Kind: "*", - JSONPointers: []string{"/metadata/resourceVersion"}, - }, - } - - data, _ := strToUnstructured(` - apiVersion: v1 - kind: Pod - metadata: - name: helm-guestbook-pod - namespace: default - ownerReferences: - - apiVersion: extensions/v1beta1 - kind: ReplicaSet - name: helm-guestbook-rs - labels: - app: guestbook - spec: - nodeName: minikube - containers: - - image: bar - resources: - requests: - memory: 128Mi -`).MarshalJSON() - - expected := hash(data) - - hash, err := generateManifestHash(manifest, ignores, nil) - assert.Equal(t, expected, hash) - assert.Nil(t, err) -} diff --git a/controller/clusterinfoupdater.go b/controller/clusterinfoupdater.go index a2f488534aeb0..75f2644b49d1e 100644 --- a/controller/clusterinfoupdater.go +++ b/controller/clusterinfoupdater.go @@ -3,14 +3,12 @@ package controller import ( "context" "fmt" - "time" - - "github.com/argoproj/argo-cd/v2/util/env" "github.com/argoproj/gitops-engine/pkg/cache" "github.com/argoproj/gitops-engine/pkg/utils/kube" log "github.com/sirupsen/logrus" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" + "time" "github.com/argoproj/argo-cd/v2/controller/metrics" appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" @@ -21,13 +19,7 @@ import ( ) const ( - defaultSecretUpdateInterval = 10 * time.Second - - EnvClusterInfoTimeout = "ARGO_CD_UPDATE_CLUSTER_INFO_TIMEOUT" -) - -var ( - clusterInfoTimeout = env.ParseDurationFromEnv(EnvClusterInfoTimeout, defaultSecretUpdateInterval, defaultSecretUpdateInterval, 1*time.Minute) + secretUpdateInterval = 10 * time.Second ) type clusterInfoUpdater struct { @@ -38,7 +30,6 @@ type clusterInfoUpdater struct { clusterFilter func(cluster *appv1.Cluster) bool projGetter func(app *appv1.Application) (*appv1.AppProject, error) namespace string - lastUpdated time.Time } func NewClusterInfoUpdater( @@ -50,17 +41,17 @@ func NewClusterInfoUpdater( projGetter func(app *appv1.Application) (*appv1.AppProject, error), namespace string) *clusterInfoUpdater { - return &clusterInfoUpdater{infoSource, db, appLister, cache, clusterFilter, projGetter, namespace, time.Time{}} + return &clusterInfoUpdater{infoSource, db, appLister, cache, clusterFilter, projGetter, namespace} } func (c *clusterInfoUpdater) Run(ctx context.Context) { c.updateClusters() - ticker := time.NewTicker(clusterInfoTimeout) + ticker := time.NewTicker(secretUpdateInterval) for { select { case <-ctx.Done(): ticker.Stop() - return + break case <-ticker.C: c.updateClusters() } @@ -68,23 +59,13 @@ func (c *clusterInfoUpdater) Run(ctx context.Context) { } func (c *clusterInfoUpdater) updateClusters() { - if time.Since(c.lastUpdated) < clusterInfoTimeout { - return - } - - ctx, cancel := context.WithTimeout(context.Background(), clusterInfoTimeout) - defer func() { - cancel() - c.lastUpdated = time.Now() - }() - infoByServer := make(map[string]*cache.ClusterInfo) clustersInfo := c.infoSource.GetClustersInfo() for i := range clustersInfo { info := clustersInfo[i] infoByServer[info.Server] = &info } - clusters, err := c.db.ListClusters(ctx) + clusters, err := c.db.ListClusters(context.Background()) if err != nil { log.Warnf("Failed to save clusters info: %v", err) return @@ -101,7 +82,7 @@ func (c *clusterInfoUpdater) updateClusters() { } _ = kube.RunAllAsync(len(clustersFiltered), func(i int) error { cluster := clustersFiltered[i] - if err := c.updateClusterInfo(ctx, cluster, infoByServer[cluster.Server]); err != nil { + if err := c.updateClusterInfo(cluster, infoByServer[cluster.Server]); err != nil { log.Warnf("Failed to save clusters info: %v", err) } return nil @@ -109,7 +90,7 @@ func (c *clusterInfoUpdater) updateClusters() { log.Debugf("Successfully saved info of %d clusters", len(clustersFiltered)) } -func (c *clusterInfoUpdater) updateClusterInfo(ctx context.Context, cluster appv1.Cluster, info *cache.ClusterInfo) error { +func (c *clusterInfoUpdater) updateClusterInfo(cluster appv1.Cluster, info *cache.ClusterInfo) error { apps, err := c.appLister.List(labels.Everything()) if err != nil { return fmt.Errorf("error while fetching the apps list: %w", err) @@ -122,7 +103,7 @@ func (c *clusterInfoUpdater) updateClusterInfo(ctx context.Context, cluster appv continue } } - if err := argo.ValidateDestination(ctx, &a.Spec.Destination, c.db); err != nil { + if err := argo.ValidateDestination(context.Background(), &a.Spec.Destination, c.db); err != nil { continue } if a.Spec.Destination.Server == cluster.Server { diff --git a/controller/clusterinfoupdater_test.go b/controller/clusterinfoupdater_test.go index bac0bb56cbe08..60f074d2cfd37 100644 --- a/controller/clusterinfoupdater_test.go +++ b/controller/clusterinfoupdater_test.go @@ -88,7 +88,7 @@ func TestClusterSecretUpdater(t *testing.T) { lister := applisters.NewApplicationLister(appInformer.GetIndexer()).Applications(fakeNamespace) updater := NewClusterInfoUpdater(nil, argoDB, lister, appCache, nil, nil, fakeNamespace) - err = updater.updateClusterInfo(context.Background(), *cluster, info) + err = updater.updateClusterInfo(*cluster, info) assert.NoError(t, err, "Invoking updateClusterInfo failed.") var clusterInfo v1alpha1.ClusterInfo diff --git a/controller/health_test.go b/controller/health_test.go index caa53b446f733..04e293f538763 100644 --- a/controller/health_test.go +++ b/controller/health_test.go @@ -7,11 +7,11 @@ import ( "github.com/argoproj/gitops-engine/pkg/health" synccommon "github.com/argoproj/gitops-engine/pkg/sync/common" "github.com/argoproj/gitops-engine/pkg/utils/kube" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/pkg/apis/application" appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" diff --git a/controller/metrics/metrics.go b/controller/metrics/metrics.go index 3cfb16a249339..3cd9837ff7036 100644 --- a/controller/metrics/metrics.go +++ b/controller/metrics/metrics.go @@ -56,7 +56,7 @@ var ( descAppInfo = prometheus.NewDesc( "argocd_app_info", "Information about application.", - append(descAppDefaultLabels, "autosync_enabled", "repo", "dest_server", "dest_namespace", "sync_status", "health_status", "operation"), + append(descAppDefaultLabels, "repo", "dest_server", "dest_namespace", "sync_status", "health_status", "operation"), nil, ) // DEPRECATED @@ -381,9 +381,7 @@ func (c *appCollector) collectApps(ch chan<- prometheus.Metric, app *argoappv1.A healthStatus = health.HealthStatusUnknown } - autoSyncEnabled := app.Spec.SyncPolicy != nil && app.Spec.SyncPolicy.Automated != nil - - addGauge(descAppInfo, 1, strconv.FormatBool(autoSyncEnabled), git.NormalizeGitURL(app.Spec.GetSource().RepoURL), app.Spec.Destination.Server, app.Spec.Destination.Namespace, string(syncStatus), string(healthStatus), operation) + addGauge(descAppInfo, 1, git.NormalizeGitURL(app.Spec.GetSource().RepoURL), app.Spec.Destination.Server, app.Spec.Destination.Namespace, string(syncStatus), string(healthStatus), operation) if len(c.appLabels) > 0 { labelValues := []string{} diff --git a/controller/metrics/metrics_test.go b/controller/metrics/metrics_test.go index 61a99a46492a2..a5c8f80fbc233 100644 --- a/controller/metrics/metrics_test.go +++ b/controller/metrics/metrics_test.go @@ -5,17 +5,18 @@ import ( "log" "net/http" "net/http/httptest" + "os" "strings" "testing" "time" gitopsCache "github.com/argoproj/gitops-engine/pkg/cache" "github.com/argoproj/gitops-engine/pkg/sync/common" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/tools/cache" - "sigs.k8s.io/yaml" argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake" @@ -66,10 +67,6 @@ spec: source: path: some/path repoURL: https://github.com/argoproj/argocd-example-apps.git - syncPolicy: - automated: - selfHeal: false - prune: true status: sync: status: Synced @@ -101,10 +98,6 @@ spec: source: path: some/path repoURL: https://github.com/argoproj/argocd-example-apps.git - syncPolicy: - automated: - selfHeal: true - prune: false status: sync: status: OutOfSync @@ -235,9 +228,9 @@ func TestMetrics(t *testing.T) { responseContains: ` # HELP argocd_app_info Information about application. # TYPE argocd_app_info gauge -argocd_app_info{autosync_enabled="true",dest_namespace="dummy-namespace",dest_server="https://localhost:6443",health_status="Degraded",name="my-app-3",namespace="argocd",operation="delete",project="important-project",repo="https://github.com/argoproj/argocd-example-apps",sync_status="OutOfSync"} 1 -argocd_app_info{autosync_enabled="false",dest_namespace="dummy-namespace",dest_server="https://localhost:6443",health_status="Healthy",name="my-app",namespace="argocd",operation="",project="important-project",repo="https://github.com/argoproj/argocd-example-apps",sync_status="Synced"} 1 -argocd_app_info{autosync_enabled="true",dest_namespace="dummy-namespace",dest_server="https://localhost:6443",health_status="Healthy",name="my-app-2",namespace="argocd",operation="sync",project="important-project",repo="https://github.com/argoproj/argocd-example-apps",sync_status="Synced"} 1 +argocd_app_info{dest_namespace="dummy-namespace",dest_server="https://localhost:6443",health_status="Degraded",name="my-app-3",namespace="argocd",operation="delete",project="important-project",repo="https://github.com/argoproj/argocd-example-apps",sync_status="OutOfSync"} 1 +argocd_app_info{dest_namespace="dummy-namespace",dest_server="https://localhost:6443",health_status="Healthy",name="my-app",namespace="argocd",operation="",project="important-project",repo="https://github.com/argoproj/argocd-example-apps",sync_status="Synced"} 1 +argocd_app_info{dest_namespace="dummy-namespace",dest_server="https://localhost:6443",health_status="Healthy",name="my-app-2",namespace="argocd",operation="sync",project="important-project",repo="https://github.com/argoproj/argocd-example-apps",sync_status="Synced"} 1 `, }, { @@ -245,7 +238,7 @@ argocd_app_info{autosync_enabled="true",dest_namespace="dummy-namespace",dest_se responseContains: ` # HELP argocd_app_info Information about application. # TYPE argocd_app_info gauge -argocd_app_info{autosync_enabled="false",dest_namespace="dummy-namespace",dest_server="https://localhost:6443",health_status="Healthy",name="my-app",namespace="argocd",operation="",project="default",repo="https://github.com/argoproj/argocd-example-apps",sync_status="Synced"} 1 +argocd_app_info{dest_namespace="dummy-namespace",dest_server="https://localhost:6443",health_status="Healthy",name="my-app",namespace="argocd",operation="",project="default",repo="https://github.com/argoproj/argocd-example-apps",sync_status="Synced"} 1 `, }, } @@ -299,7 +292,8 @@ argocd_app_labels{label_non_existing="",name="my-app-3",namespace="argocd",proje } func TestLegacyMetrics(t *testing.T) { - t.Setenv(EnvVarLegacyControllerMetrics, "true") + os.Setenv(EnvVarLegacyControllerMetrics, "true") + defer os.Unsetenv(EnvVarLegacyControllerMetrics) expectedResponse := ` # HELP argocd_app_created_time Creation time in unix timestamp for an application. diff --git a/controller/sharding/sharding.go b/controller/sharding/sharding.go index 25058e4e23c53..1c0615196bd06 100644 --- a/controller/sharding/sharding.go +++ b/controller/sharding/sharding.go @@ -1,127 +1,17 @@ package sharding import ( - "context" "fmt" "hash/fnv" - "math" "os" - "sort" "strconv" "strings" - "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - - "github.com/argoproj/argo-cd/v2/util/db" - "github.com/argoproj/argo-cd/v2/util/env" - log "github.com/sirupsen/logrus" ) -// Make it overridable for testing -var osHostnameFunction = os.Hostname - -type DistributionFunction func(c *v1alpha1.Cluster) int -type ClusterFilterFunction func(c *v1alpha1.Cluster) bool - -// GetClusterFilter returns a ClusterFilterFunction which is a function taking a cluster as a parameter -// and returns wheter or not the cluster should be processed by a given shard. It calls the distributionFunction -// to determine which shard will process the cluster, and if the given shard is equal to the calculated shard -// the function will return true. -func GetClusterFilter(distributionFunction DistributionFunction, shard int) ClusterFilterFunction { - replicas := env.ParseNumFromEnv(common.EnvControllerReplicas, 0, 0, math.MaxInt32) - return func(c *v1alpha1.Cluster) bool { - clusterShard := 0 - if c != nil && c.Shard != nil { - requestedShard := int(*c.Shard) - if requestedShard < replicas { - clusterShard = requestedShard - } else { - log.Warnf("Specified cluster shard (%d) for cluster: %s is greater than the number of available shard. Assigning automatically.", requestedShard, c.Name) - } - } else { - clusterShard = distributionFunction(c) - } - return clusterShard == shard - } -} - -// GetDistributionFunction returns which DistributionFunction should be used based on the passed algorithm and -// the current datas. -func GetDistributionFunction(db db.ArgoDB, shardingAlgorithm string) DistributionFunction { - log.Infof("Using filter function: %s", shardingAlgorithm) - distributionFunction := LegacyDistributionFunction() - switch shardingAlgorithm { - case common.RoundRobinShardingAlgorithm: - distributionFunction = RoundRobinDistributionFunction(db) - case common.LegacyShardingAlgorithm: - distributionFunction = LegacyDistributionFunction() - default: - log.Warnf("distribution type %s is not supported, defaulting to %s", shardingAlgorithm, common.DefaultShardingAlgorithm) - } - return distributionFunction -} - -// LegacyDistributionFunction returns a DistributionFunction using a stable distribution algorithm: -// for a given cluster the function will return the shard number based on the cluster id. This function -// is lightweight and can be distributed easily, however, it does not ensure an homogenous distribution as -// some shards may get assigned more clusters than others. It is the legacy function distribution that is -// kept for compatibility reasons -func LegacyDistributionFunction() DistributionFunction { - replicas := env.ParseNumFromEnv(common.EnvControllerReplicas, 0, 0, math.MaxInt32) - return func(c *v1alpha1.Cluster) int { - if replicas == 0 { - return -1 - } - if c == nil { - return 0 - } - id := c.ID - log.Debugf("Calculating cluster shard for cluster id: %s", id) - if id == "" { - return 0 - } else { - h := fnv.New32a() - _, _ = h.Write([]byte(id)) - shard := int32(h.Sum32() % uint32(replicas)) - log.Debugf("Cluster with id=%s will be processed by shard %d", id, shard) - return int(shard) - } - } -} - -// RoundRobinDistributionFunction returns a DistributionFunction using an homogeneous distribution algorithm: -// for a given cluster the function will return the shard number based on the modulo of the cluster rank in -// the cluster's list sorted by uid on the shard number. -// This function ensures an homogenous distribution: each shards got assigned the same number of -// clusters +/-1 , but with the drawback of a reshuffling of clusters accross shards in case of some changes -// in the cluster list -func RoundRobinDistributionFunction(db db.ArgoDB) DistributionFunction { - replicas := env.ParseNumFromEnv(common.EnvControllerReplicas, 0, 0, math.MaxInt32) - return func(c *v1alpha1.Cluster) int { - if replicas > 0 { - if c == nil { // in-cluster does not necessarly have a secret assigned. So we are receiving a nil cluster here. - return 0 - } else { - clusterIndexdByClusterIdMap := createClusterIndexByClusterIdMap(db) - clusterIndex, ok := clusterIndexdByClusterIdMap[c.ID] - if !ok { - log.Warnf("Cluster with id=%s not found in cluster map.", c.ID) - return -1 - } - shard := int(clusterIndex % replicas) - log.Debugf("Cluster with id=%s will be processed by shard %d", c.ID, shard) - return shard - } - } - log.Warnf("The number of replicas (%d) is lower than 1", replicas) - return -1 - } -} - -// InferShard extracts the shard index based on its hostname. func InferShard() (int, error) { - hostname, err := osHostnameFunction() + hostname, err := os.Hostname() if err != nil { return 0, err } @@ -133,32 +23,31 @@ func InferShard() (int, error) { if err != nil { return 0, fmt.Errorf("hostname should ends with shard number separated by '-' but got: %s", hostname) } - return int(shard), nil + return shard, nil } -func getSortedClustersList(db db.ArgoDB) []v1alpha1.Cluster { - ctx := context.Background() - clustersList, dbErr := db.ListClusters(ctx) - if dbErr != nil { - log.Warnf("Error while querying clusters list from database: %v", dbErr) - return []v1alpha1.Cluster{} +// GetShardByID calculates cluster shard as `clusterSecret.UID % replicas count` +func GetShardByID(id string, replicas int) int { + if id == "" { + return 0 + } else { + h := fnv.New32a() + _, _ = h.Write([]byte(id)) + return int(h.Sum32() % uint32(replicas)) } - clusters := clustersList.Items - sort.Slice(clusters, func(i, j int) bool { - return clusters[i].ID < clusters[j].ID - }) - return clusters } -func createClusterIndexByClusterIdMap(db db.ArgoDB) map[string]int { - clusters := getSortedClustersList(db) - log.Debugf("ClustersList has %d items", len(clusters)) - clusterById := make(map[string]v1alpha1.Cluster) - clusterIndexedByClusterId := make(map[string]int) - for i, cluster := range clusters { - log.Debugf("Adding cluster with id=%s and name=%s to cluster's map", cluster.ID, cluster.Name) - clusterById[cluster.ID] = cluster - clusterIndexedByClusterId[cluster.ID] = i +func GetClusterFilter(replicas int, shard int) func(c *v1alpha1.Cluster) bool { + return func(c *v1alpha1.Cluster) bool { + clusterShard := 0 + // cluster might be nil if app is using invalid cluster URL, assume shard 0 in this case. + if c != nil { + if c.Shard != nil { + clusterShard = int(*c.Shard) + } else { + clusterShard = GetShardByID(c.ID, replicas) + } + } + return clusterShard == shard } - return clusterIndexedByClusterId } diff --git a/controller/sharding/sharding_test.go b/controller/sharding/sharding_test.go index 629c023c4a054..dc27726f8a6fa 100644 --- a/controller/sharding/sharding_test.go +++ b/controller/sharding/sharding_test.go @@ -1,335 +1,29 @@ package sharding import ( - "errors" - "fmt" - "os" "testing" - "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - dbmocks "github.com/argoproj/argo-cd/v2/util/db/mocks" + "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" ) func TestGetShardByID_NotEmptyID(t *testing.T) { - t.Setenv(common.EnvControllerReplicas, "1") - assert.Equal(t, 0, LegacyDistributionFunction()(&v1alpha1.Cluster{ID: "1"})) - assert.Equal(t, 0, LegacyDistributionFunction()(&v1alpha1.Cluster{ID: "2"})) - assert.Equal(t, 0, LegacyDistributionFunction()(&v1alpha1.Cluster{ID: "3"})) - assert.Equal(t, 0, LegacyDistributionFunction()(&v1alpha1.Cluster{ID: "4"})) + assert.Equal(t, 0, GetShardByID("1", 2)) + assert.Equal(t, 1, GetShardByID("2", 2)) + assert.Equal(t, 0, GetShardByID("3", 2)) + assert.Equal(t, 1, GetShardByID("4", 2)) } func TestGetShardByID_EmptyID(t *testing.T) { - t.Setenv(common.EnvControllerReplicas, "1") - distributionFunction := LegacyDistributionFunction - shard := distributionFunction()(&v1alpha1.Cluster{}) + shard := GetShardByID("", 10) assert.Equal(t, 0, shard) } -func TestGetShardByID_NoReplicas(t *testing.T) { - t.Setenv(common.EnvControllerReplicas, "0") - distributionFunction := LegacyDistributionFunction - shard := distributionFunction()(&v1alpha1.Cluster{}) - assert.Equal(t, -1, shard) -} - -func TestGetShardByID_NoReplicasUsingHashDistributionFunction(t *testing.T) { - t.Setenv(common.EnvControllerReplicas, "0") - distributionFunction := LegacyDistributionFunction - shard := distributionFunction()(&v1alpha1.Cluster{}) - assert.Equal(t, -1, shard) -} - -func TestGetShardByID_NoReplicasUsingHashDistributionFunctionWithClusters(t *testing.T) { - db, cluster1, cluster2, cluster3, cluster4, cluster5 := createTestClusters() - // Test with replicas set to 0 - t.Setenv(common.EnvControllerReplicas, "0") - t.Setenv(common.EnvControllerShardingAlgorithm, common.RoundRobinShardingAlgorithm) - distributionFunction := RoundRobinDistributionFunction(db) - assert.Equal(t, -1, distributionFunction(nil)) - assert.Equal(t, -1, distributionFunction(&cluster1)) - assert.Equal(t, -1, distributionFunction(&cluster2)) - assert.Equal(t, -1, distributionFunction(&cluster3)) - assert.Equal(t, -1, distributionFunction(&cluster4)) - assert.Equal(t, -1, distributionFunction(&cluster5)) -} - -func TestGetClusterFilterDefault(t *testing.T) { - shardIndex := 1 // ensuring that a shard with index 1 will process all the clusters with an "even" id (2,4,6,...) - os.Unsetenv(common.EnvControllerShardingAlgorithm) - t.Setenv(common.EnvControllerReplicas, "2") - filter := GetClusterFilter(GetDistributionFunction(nil, common.DefaultShardingAlgorithm), shardIndex) - assert.False(t, filter(&v1alpha1.Cluster{ID: "1"})) - assert.True(t, filter(&v1alpha1.Cluster{ID: "2"})) - assert.False(t, filter(&v1alpha1.Cluster{ID: "3"})) - assert.True(t, filter(&v1alpha1.Cluster{ID: "4"})) -} - -func TestGetClusterFilterLegacy(t *testing.T) { - shardIndex := 1 // ensuring that a shard with index 1 will process all the clusters with an "even" id (2,4,6,...) - t.Setenv(common.EnvControllerReplicas, "2") - t.Setenv(common.EnvControllerShardingAlgorithm, common.LegacyShardingAlgorithm) - filter := GetClusterFilter(GetDistributionFunction(nil, common.LegacyShardingAlgorithm), shardIndex) - assert.False(t, filter(&v1alpha1.Cluster{ID: "1"})) - assert.True(t, filter(&v1alpha1.Cluster{ID: "2"})) - assert.False(t, filter(&v1alpha1.Cluster{ID: "3"})) - assert.True(t, filter(&v1alpha1.Cluster{ID: "4"})) -} - -func TestGetClusterFilterUnknown(t *testing.T) { - shardIndex := 1 // ensuring that a shard with index 1 will process all the clusters with an "even" id (2,4,6,...) - t.Setenv(common.EnvControllerReplicas, "2") - t.Setenv(common.EnvControllerShardingAlgorithm, "unknown") - filter := GetClusterFilter(GetDistributionFunction(nil, "unknown"), shardIndex) +func TestGetClusterFilter(t *testing.T) { + filter := GetClusterFilter(2, 1) assert.False(t, filter(&v1alpha1.Cluster{ID: "1"})) assert.True(t, filter(&v1alpha1.Cluster{ID: "2"})) assert.False(t, filter(&v1alpha1.Cluster{ID: "3"})) assert.True(t, filter(&v1alpha1.Cluster{ID: "4"})) } - -func TestLegacyGetClusterFilterWithFixedShard(t *testing.T) { - shardIndex := 1 // ensuring that a shard with index 1 will process all the clusters with an "even" id (2,4,6,...) - t.Setenv(common.EnvControllerReplicas, "2") - filter := GetClusterFilter(GetDistributionFunction(nil, common.DefaultShardingAlgorithm), shardIndex) - assert.False(t, filter(nil)) - assert.False(t, filter(&v1alpha1.Cluster{ID: "1"})) - assert.True(t, filter(&v1alpha1.Cluster{ID: "2"})) - assert.False(t, filter(&v1alpha1.Cluster{ID: "3"})) - assert.True(t, filter(&v1alpha1.Cluster{ID: "4"})) - - var fixedShard int64 = 4 - filter = GetClusterFilter(GetDistributionFunction(nil, common.DefaultShardingAlgorithm), int(fixedShard)) - assert.False(t, filter(&v1alpha1.Cluster{ID: "4", Shard: &fixedShard})) - - fixedShard = 1 - filter = GetClusterFilter(GetDistributionFunction(nil, common.DefaultShardingAlgorithm), int(fixedShard)) - assert.True(t, filter(&v1alpha1.Cluster{Name: "cluster4", ID: "4", Shard: &fixedShard})) -} - -func TestRoundRobinGetClusterFilterWithFixedShard(t *testing.T) { - shardIndex := 1 // ensuring that a shard with index 1 will process all the clusters with an "even" id (2,4,6,...) - t.Setenv(common.EnvControllerReplicas, "2") - db, cluster1, cluster2, cluster3, cluster4, _ := createTestClusters() - - filter := GetClusterFilter(GetDistributionFunction(db, common.RoundRobinShardingAlgorithm), shardIndex) - assert.False(t, filter(nil)) - assert.False(t, filter(&cluster1)) - assert.True(t, filter(&cluster2)) - assert.False(t, filter(&cluster3)) - assert.True(t, filter(&cluster4)) - - // a cluster with a fixed shard should be processed by the specified exact - // same shard unless the specified shard index is greater than the number of replicas. - var fixedShard int64 = 4 - filter = GetClusterFilter(GetDistributionFunction(db, common.RoundRobinShardingAlgorithm), int(fixedShard)) - assert.False(t, filter(&v1alpha1.Cluster{Name: "cluster4", ID: "4", Shard: &fixedShard})) - - fixedShard = 1 - filter = GetClusterFilter(GetDistributionFunction(db, common.RoundRobinShardingAlgorithm), int(fixedShard)) - assert.True(t, filter(&v1alpha1.Cluster{Name: "cluster4", ID: "4", Shard: &fixedShard})) -} - -func TestGetClusterFilterLegacyHash(t *testing.T) { - shardIndex := 1 // ensuring that a shard with index 1 will process all the clusters with an "even" id (2,4,6,...) - t.Setenv(common.EnvControllerReplicas, "2") - t.Setenv(common.EnvControllerShardingAlgorithm, "hash") - db, cluster1, cluster2, cluster3, cluster4, _ := createTestClusters() - filter := GetClusterFilter(GetDistributionFunction(db, common.LegacyShardingAlgorithm), shardIndex) - assert.False(t, filter(&cluster1)) - assert.True(t, filter(&cluster2)) - assert.False(t, filter(&cluster3)) - assert.True(t, filter(&cluster4)) - - // a cluster with a fixed shard should be processed by the specified exact - // same shard unless the specified shard index is greater than the number of replicas. - var fixedShard int64 = 4 - filter = GetClusterFilter(GetDistributionFunction(db, common.LegacyShardingAlgorithm), int(fixedShard)) - assert.False(t, filter(&v1alpha1.Cluster{Name: "cluster4", ID: "4", Shard: &fixedShard})) - - fixedShard = 1 - filter = GetClusterFilter(GetDistributionFunction(db, common.LegacyShardingAlgorithm), int(fixedShard)) - assert.True(t, filter(&v1alpha1.Cluster{Name: "cluster4", ID: "4", Shard: &fixedShard})) -} - -func TestGetClusterFilterWithEnvControllerShardingAlgorithms(t *testing.T) { - db, cluster1, cluster2, cluster3, cluster4, _ := createTestClusters() - shardIndex := 1 - t.Setenv(common.EnvControllerReplicas, "2") - - t.Run("legacy", func(t *testing.T) { - t.Setenv(common.EnvControllerShardingAlgorithm, common.LegacyShardingAlgorithm) - shardShouldProcessCluster := GetClusterFilter(GetDistributionFunction(db, common.LegacyShardingAlgorithm), shardIndex) - assert.False(t, shardShouldProcessCluster(&cluster1)) - assert.True(t, shardShouldProcessCluster(&cluster2)) - assert.False(t, shardShouldProcessCluster(&cluster3)) - assert.True(t, shardShouldProcessCluster(&cluster4)) - assert.False(t, shardShouldProcessCluster(nil)) - }) - - t.Run("roundrobin", func(t *testing.T) { - t.Setenv(common.EnvControllerShardingAlgorithm, common.RoundRobinShardingAlgorithm) - shardShouldProcessCluster := GetClusterFilter(GetDistributionFunction(db, common.LegacyShardingAlgorithm), shardIndex) - assert.False(t, shardShouldProcessCluster(&cluster1)) - assert.True(t, shardShouldProcessCluster(&cluster2)) - assert.False(t, shardShouldProcessCluster(&cluster3)) - assert.True(t, shardShouldProcessCluster(&cluster4)) - assert.False(t, shardShouldProcessCluster(nil)) - }) -} - -func TestGetShardByIndexModuloReplicasCountDistributionFunction2(t *testing.T) { - db, cluster1, cluster2, cluster3, cluster4, cluster5 := createTestClusters() - - t.Run("replicas set to 1", func(t *testing.T) { - t.Setenv(common.EnvControllerReplicas, "1") - distributionFunction := RoundRobinDistributionFunction(db) - assert.Equal(t, 0, distributionFunction(nil)) - assert.Equal(t, 0, distributionFunction(&cluster1)) - assert.Equal(t, 0, distributionFunction(&cluster2)) - assert.Equal(t, 0, distributionFunction(&cluster3)) - assert.Equal(t, 0, distributionFunction(&cluster4)) - assert.Equal(t, 0, distributionFunction(&cluster5)) - }) - - t.Run("replicas set to 2", func(t *testing.T) { - t.Setenv(common.EnvControllerReplicas, "2") - distributionFunction := RoundRobinDistributionFunction(db) - assert.Equal(t, 0, distributionFunction(nil)) - assert.Equal(t, 0, distributionFunction(&cluster1)) - assert.Equal(t, 1, distributionFunction(&cluster2)) - assert.Equal(t, 0, distributionFunction(&cluster3)) - assert.Equal(t, 1, distributionFunction(&cluster4)) - assert.Equal(t, 0, distributionFunction(&cluster5)) - }) - - t.Run("replicas set to 3", func(t *testing.T) { - t.Setenv(common.EnvControllerReplicas, "3") - distributionFunction := RoundRobinDistributionFunction(db) - assert.Equal(t, 0, distributionFunction(nil)) - assert.Equal(t, 0, distributionFunction(&cluster1)) - assert.Equal(t, 1, distributionFunction(&cluster2)) - assert.Equal(t, 2, distributionFunction(&cluster3)) - assert.Equal(t, 0, distributionFunction(&cluster4)) - assert.Equal(t, 1, distributionFunction(&cluster5)) - }) -} - -func TestGetShardByIndexModuloReplicasCountDistributionFunctionWhenClusterNumberIsHigh(t *testing.T) { - // Unit test written to evaluate the cost of calling db.ListCluster on every call of distributionFunction - // Doing that allows to accept added and removed clusters on the fly. - // Initial tests where showing that under 1024 clusters, execution time was around 400ms - // and for 4096 clusters, execution time was under 9s - // The other implementation was giving almost linear time of 400ms up to 10'000 clusters - db := dbmocks.ArgoDB{} - clusterList := &v1alpha1.ClusterList{Items: []v1alpha1.Cluster{}} - for i := 0; i < 2048; i++ { - cluster := createCluster(fmt.Sprintf("cluster-%d", i), fmt.Sprintf("%d", i)) - clusterList.Items = append(clusterList.Items, cluster) - } - db.On("ListClusters", mock.Anything).Return(clusterList, nil) - t.Setenv(common.EnvControllerReplicas, "2") - distributionFunction := RoundRobinDistributionFunction(&db) - for i, c := range clusterList.Items { - assert.Equal(t, i%2, distributionFunction(&c)) - } -} - -func TestGetShardByIndexModuloReplicasCountDistributionFunctionWhenClusterIsAddedAndRemoved(t *testing.T) { - db := dbmocks.ArgoDB{} - cluster1 := createCluster("cluster1", "1") - cluster2 := createCluster("cluster2", "2") - cluster3 := createCluster("cluster3", "3") - cluster4 := createCluster("cluster4", "4") - cluster5 := createCluster("cluster5", "5") - cluster6 := createCluster("cluster6", "6") - - clusterList := &v1alpha1.ClusterList{Items: []v1alpha1.Cluster{cluster1, cluster2, cluster3, cluster4, cluster5}} - db.On("ListClusters", mock.Anything).Return(clusterList, nil) - - // Test with replicas set to 2 - t.Setenv(common.EnvControllerReplicas, "2") - distributionFunction := RoundRobinDistributionFunction(&db) - assert.Equal(t, 0, distributionFunction(nil)) - assert.Equal(t, 0, distributionFunction(&cluster1)) - assert.Equal(t, 1, distributionFunction(&cluster2)) - assert.Equal(t, 0, distributionFunction(&cluster3)) - assert.Equal(t, 1, distributionFunction(&cluster4)) - assert.Equal(t, 0, distributionFunction(&cluster5)) - assert.Equal(t, -1, distributionFunction(&cluster6)) // as cluster6 is not in the DB, this one should not have a shard assigned - - // Now, the database knows cluster6. Shard should be assigned a proper shard - clusterList.Items = append(clusterList.Items, cluster6) - assert.Equal(t, 1, distributionFunction(&cluster6)) - - // Now, we remove the last added cluster, it should be unassigned as well - clusterList.Items = clusterList.Items[:len(clusterList.Items)-1] - assert.Equal(t, -1, distributionFunction(&cluster6)) -} - -func TestGetShardByIndexModuloReplicasCountDistributionFunction(t *testing.T) { - db, cluster1, cluster2, _, _, _ := createTestClusters() - t.Setenv(common.EnvControllerReplicas, "2") - distributionFunction := RoundRobinDistributionFunction(db) - - // Test that the function returns the correct shard for cluster1 and cluster2 - expectedShardForCluster1 := 0 - expectedShardForCluster2 := 1 - shardForCluster1 := distributionFunction(&cluster1) - shardForCluster2 := distributionFunction(&cluster2) - - if shardForCluster1 != expectedShardForCluster1 { - t.Errorf("Expected shard for cluster1 to be %d but got %d", expectedShardForCluster1, shardForCluster1) - } - if shardForCluster2 != expectedShardForCluster2 { - t.Errorf("Expected shard for cluster2 to be %d but got %d", expectedShardForCluster2, shardForCluster2) - } -} - -func TestInferShard(t *testing.T) { - // Override the os.Hostname function to return a specific hostname for testing - defer func() { osHostnameFunction = os.Hostname }() - - osHostnameFunction = func() (string, error) { return "example-shard-3", nil } - expectedShard := 3 - actualShard, _ := InferShard() - assert.Equal(t, expectedShard, actualShard) - - osHostnameError := errors.New("cannot resolve hostname") - osHostnameFunction = func() (string, error) { return "exampleshard", osHostnameError } - _, err := InferShard() - assert.NotNil(t, err) - assert.Equal(t, err, osHostnameError) - - osHostnameFunction = func() (string, error) { return "exampleshard", nil } - _, err = InferShard() - assert.NotNil(t, err) - - osHostnameFunction = func() (string, error) { return "example-shard", nil } - _, err = InferShard() - assert.NotNil(t, err) -} - -func createTestClusters() (*dbmocks.ArgoDB, v1alpha1.Cluster, v1alpha1.Cluster, v1alpha1.Cluster, v1alpha1.Cluster, v1alpha1.Cluster) { - db := dbmocks.ArgoDB{} - cluster1 := createCluster("cluster1", "1") - cluster2 := createCluster("cluster2", "2") - cluster3 := createCluster("cluster3", "3") - cluster4 := createCluster("cluster4", "4") - cluster5 := createCluster("cluster5", "5") - - db.On("ListClusters", mock.Anything).Return(&v1alpha1.ClusterList{Items: []v1alpha1.Cluster{ - cluster1, cluster2, cluster3, cluster4, cluster5, - }}, nil) - return &db, cluster1, cluster2, cluster3, cluster4, cluster5 -} - -func createCluster(name string, id string) v1alpha1.Cluster { - cluster := v1alpha1.Cluster{ - Name: name, - ID: id, - Server: "https://kubernetes.default.svc?" + id, - } - return cluster -} diff --git a/controller/sharding/shuffle_test.go b/controller/sharding/shuffle_test.go deleted file mode 100644 index 9e089e31bad0f..0000000000000 --- a/controller/sharding/shuffle_test.go +++ /dev/null @@ -1,82 +0,0 @@ -package sharding - -import ( - "fmt" - "math" - "testing" - - "github.com/argoproj/argo-cd/v2/common" - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - dbmocks "github.com/argoproj/argo-cd/v2/util/db/mocks" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/mock" -) - -func TestLargeShuffle(t *testing.T) { - t.Skip() - db := dbmocks.ArgoDB{} - clusterList := &v1alpha1.ClusterList{Items: []v1alpha1.Cluster{}} - for i := 0; i < math.MaxInt/4096; i += 256 { - //fmt.Fprintf(os.Stdout, "%d", i) - cluster := createCluster(fmt.Sprintf("cluster-%d", i), fmt.Sprintf("%d", i)) - clusterList.Items = append(clusterList.Items, cluster) - } - db.On("ListClusters", mock.Anything).Return(clusterList, nil) - // Test with replicas set to 256 - t.Setenv(common.EnvControllerReplicas, "256") - distributionFunction := RoundRobinDistributionFunction(&db) - for i, c := range clusterList.Items { - assert.Equal(t, i%2567, distributionFunction(&c)) - } - -} - -func TestShuffle(t *testing.T) { - t.Skip() - db := dbmocks.ArgoDB{} - cluster1 := createCluster("cluster1", "10") - cluster2 := createCluster("cluster2", "20") - cluster3 := createCluster("cluster3", "30") - cluster4 := createCluster("cluster4", "40") - cluster5 := createCluster("cluster5", "50") - cluster6 := createCluster("cluster6", "60") - cluster25 := createCluster("cluster6", "25") - - clusterList := &v1alpha1.ClusterList{Items: []v1alpha1.Cluster{cluster1, cluster2, cluster3, cluster4, cluster5, cluster6}} - db.On("ListClusters", mock.Anything).Return(clusterList, nil) - - // Test with replicas set to 3 - t.Setenv(common.EnvControllerReplicas, "3") - distributionFunction := RoundRobinDistributionFunction(&db) - assert.Equal(t, 0, distributionFunction(nil)) - assert.Equal(t, 0, distributionFunction(&cluster1)) - assert.Equal(t, 1, distributionFunction(&cluster2)) - assert.Equal(t, 2, distributionFunction(&cluster3)) - assert.Equal(t, 0, distributionFunction(&cluster4)) - assert.Equal(t, 1, distributionFunction(&cluster5)) - assert.Equal(t, 2, distributionFunction(&cluster6)) - - // Now, we remove cluster1, it should be unassigned, and all the other should be resuffled - clusterList.Items = Remove(clusterList.Items, 0) - assert.Equal(t, -1, distributionFunction(&cluster1)) - assert.Equal(t, 0, distributionFunction(&cluster2)) - assert.Equal(t, 1, distributionFunction(&cluster3)) - assert.Equal(t, 2, distributionFunction(&cluster4)) - assert.Equal(t, 0, distributionFunction(&cluster5)) - assert.Equal(t, 1, distributionFunction(&cluster6)) - - // Now, we add a cluster with an id=25 so it will be placed right after cluster2 - clusterList.Items = append(clusterList.Items, cluster25) - assert.Equal(t, -1, distributionFunction(&cluster1)) - assert.Equal(t, 0, distributionFunction(&cluster2)) - assert.Equal(t, 1, distributionFunction(&cluster25)) - assert.Equal(t, 2, distributionFunction(&cluster3)) - assert.Equal(t, 0, distributionFunction(&cluster4)) - assert.Equal(t, 1, distributionFunction(&cluster5)) - assert.Equal(t, 2, distributionFunction(&cluster6)) - -} - -func Remove(slice []v1alpha1.Cluster, s int) []v1alpha1.Cluster { - return append(slice[:s], slice[s+1:]...) -} diff --git a/controller/state.go b/controller/state.go index 8b9842d91b249..ff09a00c7aab7 100644 --- a/controller/state.go +++ b/controller/state.go @@ -27,6 +27,7 @@ import ( statecache "github.com/argoproj/argo-cd/v2/controller/cache" "github.com/argoproj/argo-cd/v2/controller/metrics" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned" "github.com/argoproj/argo-cd/v2/reposerver/apiclient" "github.com/argoproj/argo-cd/v2/util/argo" @@ -61,7 +62,7 @@ type managedResource struct { // AppStateManager defines methods which allow to compare application spec and actual application state. type AppStateManager interface { - CompareAppState(app *v1alpha1.Application, project *v1alpha1.AppProject, revisions []string, sources []v1alpha1.ApplicationSource, noCache bool, noRevisionCache bool, localObjects []string, hasMultipleSources bool) *comparisonResult + CompareAppState(app *v1alpha1.Application, project *appv1.AppProject, revisions []string, sources []v1alpha1.ApplicationSource, noCache bool, noRevisionCache bool, localObjects []string, hasMultipleSources bool) *comparisonResult SyncAppState(app *v1alpha1.Application, state *v1alpha1.OperationState) } @@ -111,47 +112,55 @@ func (m *appStateManager) getRepoObjs(app *v1alpha1.Application, sources []v1alp ts := stats.NewTimingStats() helmRepos, err := m.db.ListHelmRepositories(context.Background()) if err != nil { - return nil, nil, fmt.Errorf("failed to list Helm repositories: %w", err) + return nil, nil, err } permittedHelmRepos, err := argo.GetPermittedRepos(proj, helmRepos) if err != nil { - return nil, nil, fmt.Errorf("failed to get permitted Helm repositories for project %q: %w", proj.Name, err) + return nil, nil, err } ts.AddCheckpoint("repo_ms") helmRepositoryCredentials, err := m.db.GetAllHelmRepositoryCredentials(context.Background()) if err != nil { - return nil, nil, fmt.Errorf("failed to get Helm credentials: %w", err) + return nil, nil, err } permittedHelmCredentials, err := argo.GetPermittedReposCredentials(proj, helmRepositoryCredentials) if err != nil { - return nil, nil, fmt.Errorf("failed to get permitted Helm credentials for project %q: %w", proj.Name, err) + return nil, nil, err } + plugins, err := m.settingsMgr.GetConfigManagementPlugins() + if err != nil { + return nil, nil, err + } enabledSourceTypes, err := m.settingsMgr.GetEnabledSourceTypes() if err != nil { - return nil, nil, fmt.Errorf("failed to get enabled source types: %w", err) + return nil, nil, err } ts.AddCheckpoint("plugins_ms") + tools := make([]*appv1.ConfigManagementPlugin, len(plugins)) + for i := range plugins { + tools[i] = &plugins[i] + } kustomizeSettings, err := m.settingsMgr.GetKustomizeSettings() if err != nil { - return nil, nil, fmt.Errorf("failed to get Kustomize settings: %w", err) + return nil, nil, err } helmOptions, err := m.settingsMgr.GetHelmSettings() if err != nil { - return nil, nil, fmt.Errorf("failed to get Helm settings: %w", err) + return nil, nil, err } ts.AddCheckpoint("build_options_ms") serverVersion, apiResources, err := m.liveStateCache.GetVersionsInfo(app.Spec.Destination.Server) if err != nil { - return nil, nil, fmt.Errorf("failed to get cluster version for cluster %q: %w", app.Spec.Destination.Server, err) + return nil, nil, err } conn, repoClient, err := m.repoClientset.NewRepoServerClient() if err != nil { - return nil, nil, fmt.Errorf("failed to connect to repo server: %w", err) + return nil, nil, err } defer io.Close(conn) @@ -171,11 +180,11 @@ func (m *appStateManager) getRepoObjs(app *v1alpha1.Application, sources []v1alp ts.AddCheckpoint("helm_ms") repo, err := m.db.GetRepository(context.Background(), source.RepoURL) if err != nil { - return nil, nil, fmt.Errorf("failed to get repo %q: %w", source.RepoURL, err) + return nil, nil, err } kustomizeOptions, err := kustomizeSettings.GetOptions(source) if err != nil { - return nil, nil, fmt.Errorf("failed to get Kustomize options for source %d of %d: %w", i+1, len(sources), err) + return nil, nil, err } ts.AddCheckpoint("version_ms") @@ -190,6 +199,7 @@ func (m *appStateManager) getRepoObjs(app *v1alpha1.Application, sources []v1alp AppName: app.InstanceName(m.namespace), Namespace: app.Spec.Destination.Namespace, ApplicationSource: &source, + Plugins: tools, KustomizeOptions: kustomizeOptions, KubeVersion: serverVersion, ApiVersions: argo.APIResourcesToStrings(apiResources, true), @@ -200,17 +210,15 @@ func (m *appStateManager) getRepoObjs(app *v1alpha1.Application, sources []v1alp HelmOptions: helmOptions, HasMultipleSources: app.Spec.HasMultipleSources(), RefSources: refSources, - ProjectName: proj.Name, - ProjectSourceRepos: proj.Spec.SourceRepos, }) if err != nil { - return nil, nil, fmt.Errorf("failed to generate manifest for source %d of %d: %w", i+1, len(sources), err) + return nil, nil, err } targetObj, err := unmarshalManifests(manifestInfo.Manifests) if err != nil { - return nil, nil, fmt.Errorf("failed to unmarshal manifests for source %d of %d: %w", i+1, len(sources), err) + return nil, nil, err } targetObjs = append(targetObjs, targetObj...) @@ -268,8 +276,8 @@ func DeduplicateTargetObjects( for key, targets := range targetByKey { if len(targets) > 1 { now := metav1.Now() - conditions = append(conditions, v1alpha1.ApplicationCondition{ - Type: v1alpha1.ApplicationConditionRepeatedResourceWarning, + conditions = append(conditions, appv1.ApplicationCondition{ + Type: appv1.ApplicationConditionRepeatedResourceWarning, Message: fmt.Sprintf("Resource %s appeared %d times among application resources.", key.String(), len(targets)), LastTransitionTime: &now, }) @@ -300,9 +308,9 @@ func (m *appStateManager) getComparisonSettings() (string, map[string]v1alpha1.R // verifyGnuPGSignature verifies the result of a GnuPG operation for a given git // revision. -func verifyGnuPGSignature(revision string, project *v1alpha1.AppProject, manifestInfo *apiclient.ManifestResponse) []v1alpha1.ApplicationCondition { +func verifyGnuPGSignature(revision string, project *appv1.AppProject, manifestInfo *apiclient.ManifestResponse) []appv1.ApplicationCondition { now := metav1.Now() - conditions := make([]v1alpha1.ApplicationCondition, 0) + conditions := make([]appv1.ApplicationCondition, 0) // We need to have some data in the verification result to parse, otherwise there was no signature if manifestInfo.VerifyResult != "" { verifyResult := gpg.ParseGitCommitVerification(manifestInfo.VerifyResult) @@ -340,7 +348,7 @@ func verifyGnuPGSignature(revision string, project *v1alpha1.AppProject, manifes // CompareAppState compares application git state to the live app state, using the specified // revision and supplied source. If revision or overrides are empty, then compares against // revision and overrides in the app spec. -func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1alpha1.AppProject, revisions []string, sources []v1alpha1.ApplicationSource, noCache bool, noRevisionCache bool, localManifests []string, hasMultipleSources bool) *comparisonResult { +func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *appv1.AppProject, revisions []string, sources []v1alpha1.ApplicationSource, noCache bool, noRevisionCache bool, localManifests []string, hasMultipleSources bool) *comparisonResult { ts := stats.NewTimingStats() appLabelKey, resourceOverrides, resFilter, err := m.getComparisonSettings() @@ -351,20 +359,20 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 if hasMultipleSources { return &comparisonResult{ syncStatus: &v1alpha1.SyncStatus{ - ComparedTo: v1alpha1.ComparedTo{Destination: app.Spec.Destination, Sources: sources, IgnoreDifferences: app.Spec.IgnoreDifferences}, - Status: v1alpha1.SyncStatusCodeUnknown, + ComparedTo: appv1.ComparedTo{Destination: app.Spec.Destination, Sources: sources}, + Status: appv1.SyncStatusCodeUnknown, Revisions: revisions, }, - healthStatus: &v1alpha1.HealthStatus{Status: health.HealthStatusUnknown}, + healthStatus: &appv1.HealthStatus{Status: health.HealthStatusUnknown}, } } else { return &comparisonResult{ syncStatus: &v1alpha1.SyncStatus{ - ComparedTo: v1alpha1.ComparedTo{Source: sources[0], Destination: app.Spec.Destination, IgnoreDifferences: app.Spec.IgnoreDifferences}, - Status: v1alpha1.SyncStatusCodeUnknown, + ComparedTo: appv1.ComparedTo{Source: sources[0], Destination: app.Spec.Destination}, + Status: appv1.SyncStatusCodeUnknown, Revision: revisions[0], }, - healthStatus: &v1alpha1.HealthStatus{Status: health.HealthStatusUnknown}, + healthStatus: &appv1.HealthStatus{Status: health.HealthStatusUnknown}, } } } @@ -400,8 +408,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 targetObjs, manifestInfos, err = m.getRepoObjs(app, sources, appLabelKey, revisions, noCache, noRevisionCache, verifySignature, project) if err != nil { targetObjs = make([]*unstructured.Unstructured, 0) - msg := fmt.Sprintf("Failed to load target state: %s", err.Error()) - conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now}) + conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) failedToLoadObjs = true } } else { @@ -416,8 +423,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 targetObjs, err = unmarshalManifests(localManifests) if err != nil { targetObjs = make([]*unstructured.Unstructured, 0) - msg := fmt.Sprintf("Failed to load local manifests: %s", err.Error()) - conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now}) + conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) failedToLoadObjs = true } } @@ -433,8 +439,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 } targetObjs, dedupConditions, err := DeduplicateTargetObjects(app.Spec.Destination.Namespace, targetObjs, infoProvider) if err != nil { - msg := fmt.Sprintf("Failed to deduplicate target state: %s", err.Error()) - conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now}) + conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) } conditions = append(conditions, dedupConditions...) for i := len(targetObjs) - 1; i >= 0; i-- { @@ -454,8 +459,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 liveObjByKey, err := m.liveStateCache.GetManagedLiveObjs(app, targetObjs) if err != nil { liveObjByKey = make(map[kubeutil.ResourceKey]*unstructured.Unstructured) - msg := fmt.Sprintf("Failed to load live state: %s", err.Error()) - conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now}) + conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) failedToLoadObjs = true } @@ -463,17 +467,12 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 // filter out all resources which are not permitted in the application project for k, v := range liveObjByKey { - permitted, err := project.IsLiveResourcePermitted(v, app.Spec.Destination.Server, app.Spec.Destination.Name, func(project string) ([]*v1alpha1.Cluster, error) { - clusters, err := m.db.GetProjectClusters(context.TODO(), project) - if err != nil { - return nil, fmt.Errorf("failed to get clusters for project %q: %v", project, err) - } - return clusters, nil + permitted, err := project.IsLiveResourcePermitted(v, app.Spec.Destination.Server, app.Spec.Destination.Name, func(project string) ([]*appv1.Cluster, error) { + return m.db.GetProjectClusters(context.TODO(), project) }) if err != nil { - msg := fmt.Sprintf("Failed to check if live resource %q is permitted in project %q: %s", k.String(), app.Spec.Project, err.Error()) - conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now}) + conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) failedToLoadObjs = true continue } @@ -515,7 +514,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 // restore comparison using cached diff result if previous comparison was performed for the same revision revisionChanged := len(manifestInfos) != len(sources) || !reflect.DeepEqual(app.Status.Sync.Revisions, manifestRevisions) - specChanged := !reflect.DeepEqual(app.Status.Sync.ComparedTo, v1alpha1.ComparedTo{Source: app.Spec.GetSource(), Destination: app.Spec.Destination, Sources: sources, IgnoreDifferences: app.Spec.IgnoreDifferences}) + specChanged := !reflect.DeepEqual(app.Status.Sync.ComparedTo, appv1.ComparedTo{Source: app.Spec.GetSource(), Destination: app.Spec.Destination, Sources: sources}) _, refreshRequested := app.IsRefreshRequested() noCache = noCache || refreshRequested || app.Status.Expired(m.statusRefreshTimeout) || specChanged || revisionChanged @@ -550,8 +549,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 if err != nil { diffResults = &diff.DiffResultList{} failedToLoadObjs = true - msg := fmt.Sprintf("Failed to compare desired state to live state: %s", err.Error()) - conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: msg, LastTransitionTime: &now}) + conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) } ts.AddCheckpoint("diff_ms") @@ -616,7 +614,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 } if isNamespaced && obj.GetNamespace() == "" { - conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionInvalidSpecError, Message: fmt.Sprintf("Namespace for %s %s is missing.", obj.GetName(), gvk.String()), LastTransitionTime: &now}) + conditions = append(conditions, appv1.ApplicationCondition{Type: v1alpha1.ApplicationConditionInvalidSpecError, Message: fmt.Sprintf("Namespace for %s %s is missing.", obj.GetName(), gvk.String()), LastTransitionTime: &now}) } // we can't say anything about the status if we were unable to get the target objects @@ -645,8 +643,6 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 if failedToLoadObjs { syncCode = v1alpha1.SyncStatusCodeUnknown - } else if app.HasChangedManagedNamespaceMetadata() { - syncCode = v1alpha1.SyncStatusCodeOutOfSync } var revision string @@ -656,20 +652,18 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 var syncStatus v1alpha1.SyncStatus if hasMultipleSources { syncStatus = v1alpha1.SyncStatus{ - ComparedTo: v1alpha1.ComparedTo{ - Destination: app.Spec.Destination, - Sources: sources, - IgnoreDifferences: app.Spec.IgnoreDifferences, + ComparedTo: appv1.ComparedTo{ + Destination: app.Spec.Destination, + Sources: sources, }, Status: syncCode, Revisions: manifestRevisions, } } else { syncStatus = v1alpha1.SyncStatus{ - ComparedTo: v1alpha1.ComparedTo{ - Destination: app.Spec.Destination, - Source: app.Spec.GetSource(), - IgnoreDifferences: app.Spec.IgnoreDifferences, + ComparedTo: appv1.ComparedTo{ + Destination: app.Spec.Destination, + Source: app.Spec.GetSource(), }, Status: syncCode, Revision: revision, @@ -680,7 +674,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 healthStatus, err := setApplicationHealth(managedResources, resourceSummaries, resourceOverrides, app, m.persistResourceHealth) if err != nil { - conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: fmt.Sprintf("error setting app health: %s", err.Error()), LastTransitionTime: &now}) + conditions = append(conditions, appv1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: fmt.Sprintf("error setting app health: %s", err.Error()), LastTransitionTime: &now}) } // Git has already performed the signature verification via its GPG interface, and the result is available @@ -704,7 +698,7 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 if hasMultipleSources { for _, manifestInfo := range manifestInfos { - compRes.appSourceTypes = append(compRes.appSourceTypes, v1alpha1.ApplicationSourceType(manifestInfo.SourceType)) + compRes.appSourceTypes = append(compRes.appSourceTypes, appv1.ApplicationSourceType(manifestInfo.SourceType)) } } else { for _, manifestInfo := range manifestInfos { @@ -713,11 +707,11 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *v1 } } - app.Status.SetConditions(conditions, map[v1alpha1.ApplicationConditionType]bool{ - v1alpha1.ApplicationConditionComparisonError: true, - v1alpha1.ApplicationConditionSharedResourceWarning: true, - v1alpha1.ApplicationConditionRepeatedResourceWarning: true, - v1alpha1.ApplicationConditionExcludedResourceWarning: true, + app.Status.SetConditions(conditions, map[appv1.ApplicationConditionType]bool{ + appv1.ApplicationConditionComparisonError: true, + appv1.ApplicationConditionSharedResourceWarning: true, + appv1.ApplicationConditionRepeatedResourceWarning: true, + appv1.ApplicationConditionExcludedResourceWarning: true, }) ts.AddCheckpoint("health_ms") compRes.timings = ts.Timings() diff --git a/controller/state_test.go b/controller/state_test.go index ab004af591807..63aaa4468d1f5 100644 --- a/controller/state_test.go +++ b/controller/state_test.go @@ -51,91 +51,6 @@ func TestCompareAppStateEmpty(t *testing.T) { assert.Len(t, app.Status.Conditions, 0) } -// TestCompareAppStateNamespaceMetadataDiffers tests comparison when managed namespace metadata differs -func TestCompareAppStateNamespaceMetadataDiffers(t *testing.T) { - app := newFakeApp() - app.Spec.SyncPolicy.ManagedNamespaceMetadata = &argoappv1.ManagedNamespaceMetadata{ - Labels: map[string]string{ - "foo": "bar", - }, - Annotations: map[string]string{ - "foo": "bar", - }, - } - app.Status.OperationState = &argoappv1.OperationState{ - SyncResult: &argoappv1.SyncOperationResult{}, - } - - data := fakeData{ - manifestResponse: &apiclient.ManifestResponse{ - Manifests: []string{}, - Namespace: test.FakeDestNamespace, - Server: test.FakeClusterURL, - Revision: "abc123", - }, - managedLiveObjs: make(map[kube.ResourceKey]*unstructured.Unstructured), - } - ctrl := newFakeController(&data) - sources := make([]argoappv1.ApplicationSource, 0) - sources = append(sources, app.Spec.GetSource()) - revisions := make([]string, 0) - revisions = append(revisions, "") - compRes := ctrl.appStateManager.CompareAppState(app, &defaultProj, revisions, sources, false, false, nil, false) - assert.NotNil(t, compRes) - assert.NotNil(t, compRes.syncStatus) - assert.Equal(t, argoappv1.SyncStatusCodeOutOfSync, compRes.syncStatus.Status) - assert.Len(t, compRes.resources, 0) - assert.Len(t, compRes.managedResources, 0) - assert.Len(t, app.Status.Conditions, 0) -} - -// TestCompareAppStateNamespaceMetadataIsTheSame tests comparison when managed namespace metadata is the same -func TestCompareAppStateNamespaceMetadataIsTheSame(t *testing.T) { - app := newFakeApp() - app.Spec.SyncPolicy.ManagedNamespaceMetadata = &argoappv1.ManagedNamespaceMetadata{ - Labels: map[string]string{ - "foo": "bar", - }, - Annotations: map[string]string{ - "foo": "bar", - }, - } - app.Status.OperationState = &argoappv1.OperationState{ - SyncResult: &argoappv1.SyncOperationResult{ - ManagedNamespaceMetadata: &argoappv1.ManagedNamespaceMetadata{ - Labels: map[string]string{ - "foo": "bar", - }, - Annotations: map[string]string{ - "foo": "bar", - }, - }, - }, - } - - data := fakeData{ - manifestResponse: &apiclient.ManifestResponse{ - Manifests: []string{}, - Namespace: test.FakeDestNamespace, - Server: test.FakeClusterURL, - Revision: "abc123", - }, - managedLiveObjs: make(map[kube.ResourceKey]*unstructured.Unstructured), - } - ctrl := newFakeController(&data) - sources := make([]argoappv1.ApplicationSource, 0) - sources = append(sources, app.Spec.GetSource()) - revisions := make([]string, 0) - revisions = append(revisions, "") - compRes := ctrl.appStateManager.CompareAppState(app, &defaultProj, revisions, sources, false, false, nil, false) - assert.NotNil(t, compRes) - assert.NotNil(t, compRes.syncStatus) - assert.Equal(t, argoappv1.SyncStatusCodeSynced, compRes.syncStatus.Status) - assert.Len(t, compRes.resources, 0) - assert.Len(t, compRes.managedResources, 0) - assert.Len(t, app.Status.Conditions, 0) -} - // TestCompareAppStateMissing tests when there is a manifest defined in the repo which doesn't exist in live func TestCompareAppStateMissing(t *testing.T) { app := newFakeApp() @@ -341,6 +256,7 @@ func TestAppRevisionsSingleSource(t *testing.T) { assert.NotNil(t, compRes.syncStatus) assert.NotEmpty(t, compRes.syncStatus.Revision) assert.Len(t, compRes.syncStatus.Revisions, 0) + } // TestAppRevisions tests that revisions are properly propagated for a multi source app @@ -707,8 +623,9 @@ var signedProj = argoappv1.AppProject{ } func TestSignedResponseNoSignatureRequired(t *testing.T) { - t.Setenv("ARGOCD_GPG_ENABLED", "true") - + oldval := os.Getenv("ARGOCD_GPG_ENABLED") + os.Setenv("ARGOCD_GPG_ENABLED", "true") + defer os.Setenv("ARGOCD_GPG_ENABLED", oldval) // We have a good signature response, but project does not require signed commits { app := newFakeApp() @@ -764,7 +681,9 @@ func TestSignedResponseNoSignatureRequired(t *testing.T) { } func TestSignedResponseSignatureRequired(t *testing.T) { - t.Setenv("ARGOCD_GPG_ENABLED", "true") + oldval := os.Getenv("ARGOCD_GPG_ENABLED") + os.Setenv("ARGOCD_GPG_ENABLED", "true") + defer os.Setenv("ARGOCD_GPG_ENABLED", oldval) // We have a good signature response, valid key, and signing is required - sync! { @@ -930,7 +849,7 @@ func TestSignedResponseSignatureRequired(t *testing.T) { assert.Contains(t, app.Status.Conditions[0].Message, "Cannot use local manifests") } - t.Setenv("ARGOCD_GPG_ENABLED", "false") + os.Setenv("ARGOCD_GPG_ENABLED", "false") // We have a bad signature response and signing would be required, but GPG subsystem is disabled - sync { app := newFakeApp() @@ -986,6 +905,7 @@ func TestSignedResponseSignatureRequired(t *testing.T) { assert.Len(t, compRes.managedResources, 0) assert.Len(t, app.Status.Conditions, 0) } + } func TestComparisonResult_GetHealthStatus(t *testing.T) { diff --git a/controller/sync.go b/controller/sync.go index 783183c17fc7c..67c1f6499ccaa 100644 --- a/controller/sync.go +++ b/controller/sync.go @@ -323,10 +323,6 @@ func (m *appStateManager) SyncAppState(app *v1alpha1.Application, state *v1alpha state.Phase, state.Message, resState = syncCtx.GetState() state.SyncResult.Resources = nil - if app.Spec.SyncPolicy != nil { - state.SyncResult.ManagedNamespaceMetadata = app.Spec.SyncPolicy.ManagedNamespaceMetadata - } - var apiVersion []kube.APIResourceInfo for _, res := range resState { augmentedMsg, err := argo.AugmentSyncMsg(res, func() ([]kube.APIResourceInfo, error) { diff --git a/controller/sync_test.go b/controller/sync_test.go index da68e5d9a3dfe..13406ddc0cb0e 100644 --- a/controller/sync_test.go +++ b/controller/sync_test.go @@ -2,6 +2,7 @@ package controller import ( "context" + "os" "testing" "github.com/argoproj/gitops-engine/pkg/sync" @@ -58,46 +59,6 @@ func TestPersistRevisionHistory(t *testing.T) { assert.Equal(t, "abc123", updatedApp.Status.History[0].Revision) } -func TestPersistManagedNamespaceMetadataState(t *testing.T) { - app := newFakeApp() - app.Status.OperationState = nil - app.Status.History = nil - app.Spec.SyncPolicy.ManagedNamespaceMetadata = &v1alpha1.ManagedNamespaceMetadata{ - Labels: map[string]string{ - "foo": "bar", - }, - Annotations: map[string]string{ - "foo": "bar", - }, - } - - defaultProject := &v1alpha1.AppProject{ - ObjectMeta: v1.ObjectMeta{ - Namespace: test.FakeArgoCDNamespace, - Name: "default", - }, - } - data := fakeData{ - apps: []runtime.Object{app, defaultProject}, - manifestResponse: &apiclient.ManifestResponse{ - Manifests: []string{}, - Namespace: test.FakeDestNamespace, - Server: test.FakeClusterURL, - Revision: "abc123", - }, - managedLiveObjs: make(map[kube.ResourceKey]*unstructured.Unstructured), - } - ctrl := newFakeController(&data) - - // Sync with source unspecified - opState := &v1alpha1.OperationState{Operation: v1alpha1.Operation{ - Sync: &v1alpha1.SyncOperation{}, - }} - ctrl.appStateManager.SyncAppState(app, opState) - // Ensure we record spec.syncPolicy.managedNamespaceMetadata into sync result - assert.Equal(t, app.Spec.SyncPolicy.ManagedNamespaceMetadata, opState.SyncResult.ManagedNamespaceMetadata) -} - func TestPersistRevisionHistoryRollback(t *testing.T) { app := newFakeApp() app.Status.OperationState = nil @@ -178,7 +139,8 @@ func TestSyncComparisonError(t *testing.T) { opState := &v1alpha1.OperationState{Operation: v1alpha1.Operation{ Sync: &v1alpha1.SyncOperation{}, }} - t.Setenv("ARGOCD_GPG_ENABLED", "true") + os.Setenv("ARGOCD_GPG_ENABLED", "true") + defer os.Setenv("ARGOCD_GPG_ENABLED", "false") ctrl.appStateManager.SyncAppState(app, opState) conditions := app.Status.GetConditions(map[v1alpha1.ApplicationConditionType]bool{v1alpha1.ApplicationConditionComparisonError: true}) diff --git a/docs/2.7-2.8.md b/docs/2.7-2.8.md new file mode 100644 index 0000000000000..32f9e4cf1759c --- /dev/null +++ b/docs/2.7-2.8.md @@ -0,0 +1,5 @@ +# 2.7 to 2.8 + +## Tini as entrypoint + +With the 2.8 release `entrypoint.sh` will be removed from the containers, because starting with 2.7, the implicit entrypoint is set to `tini` in the `Dockerfile` explicitly, and the kubernetes manifests has been updated to use it. Simply updating the containers without updating the deployment manifests will result in pod startup failures, as the old manifests are relying on `entrypoint.sh` instead of `tini`. Please make sure the manifests are updated properly before moving to 2.8. diff --git a/docs/assets/argocd-components.png b/docs/assets/argocd-components.png deleted file mode 100644 index 35e214a10ca7f..0000000000000 Binary files a/docs/assets/argocd-components.png and /dev/null differ diff --git a/docs/assets/argocd-core-components.png b/docs/assets/argocd-core-components.png deleted file mode 100644 index f274f7cb821bb..0000000000000 Binary files a/docs/assets/argocd-core-components.png and /dev/null differ diff --git a/docs/assets/azure-devops-webhook-config.png b/docs/assets/azure-devops-webhook-config.png deleted file mode 100644 index 26fb6d0683d63..0000000000000 Binary files a/docs/assets/azure-devops-webhook-config.png and /dev/null differ diff --git a/docs/assets/keycloak-add-client.png b/docs/assets/keycloak-add-client.png index acdb3e725b8bf..36d598318cbe3 100644 Binary files a/docs/assets/keycloak-add-client.png and b/docs/assets/keycloak-add-client.png differ diff --git a/docs/assets/keycloak-add-client_2.png b/docs/assets/keycloak-add-client_2.png deleted file mode 100644 index b765bf89e5698..0000000000000 Binary files a/docs/assets/keycloak-add-client_2.png and /dev/null differ diff --git a/docs/assets/keycloak-add-scope.png b/docs/assets/keycloak-add-scope.png index b2b759394619d..200486315e372 100644 Binary files a/docs/assets/keycloak-add-scope.png and b/docs/assets/keycloak-add-scope.png differ diff --git a/docs/assets/keycloak-client-scope-selected.png b/docs/assets/keycloak-client-scope-selected.png new file mode 100644 index 0000000000000..f3ec6ded54c69 Binary files /dev/null and b/docs/assets/keycloak-client-scope-selected.png differ diff --git a/docs/assets/keycloak-client-scope.png b/docs/assets/keycloak-client-scope.png index cd9609b5419b7..04d56583ab926 100644 Binary files a/docs/assets/keycloak-client-scope.png and b/docs/assets/keycloak-client-scope.png differ diff --git a/docs/assets/keycloak-client-secret.png b/docs/assets/keycloak-client-secret.png index c1a71c3d97f20..b4679b0e9d4eb 100644 Binary files a/docs/assets/keycloak-client-secret.png and b/docs/assets/keycloak-client-secret.png differ diff --git a/docs/assets/keycloak-configure-client.png b/docs/assets/keycloak-configure-client.png index cd711dfd602bf..d3805ed05df6a 100644 Binary files a/docs/assets/keycloak-configure-client.png and b/docs/assets/keycloak-configure-client.png differ diff --git a/docs/assets/keycloak-groups-mapper.png b/docs/assets/keycloak-groups-mapper.png index b1ccabb30013a..3610aa5737a1a 100644 Binary files a/docs/assets/keycloak-groups-mapper.png and b/docs/assets/keycloak-groups-mapper.png differ diff --git a/docs/assets/keycloak-user-group.png b/docs/assets/keycloak-user-group.png index 5c9c21d4f555f..ff9825b99d708 100644 Binary files a/docs/assets/keycloak-user-group.png and b/docs/assets/keycloak-user-group.png differ diff --git a/docs/cli_installation.md b/docs/cli_installation.md index 42938bcd751ba..639a9317639fe 100644 --- a/docs/cli_installation.md +++ b/docs/cli_installation.md @@ -115,11 +115,6 @@ $output = "argocd.exe" Invoke-WebRequest -Uri $url -OutFile $output ``` Also please note you will probably need to move the file into your PATH. -Use following command to add Argo CD into environment variables PATH - -```powershell -[Environment]::SetEnvironmentVariable("Path", "$env:Path;C:\Path\To\ArgoCD-CLI", "User") -``` After finishing the instructions above, you should now be able to run `argocd` commands. diff --git a/docs/developer-guide/api-docs.md b/docs/developer-guide/api-docs.md index 289e4d466652e..7b4b44bf9269e 100644 --- a/docs/developer-guide/api-docs.md +++ b/docs/developer-guide/api-docs.md @@ -1,6 +1,6 @@ # API Docs -You can find the Swagger docs by setting the path to `/swagger-ui` in your Argo CD UI. E.g. [http://localhost:8080/swagger-ui](http://localhost:8080/swagger-ui). +You can find the Swagger docs by setting the path to `/swagger-ui` in your Argo CD UI's. E.g. [http://localhost:8080/swagger-ui](http://localhost:8080/swagger-ui). ## Authorization @@ -17,17 +17,4 @@ Then pass using the HTTP `Authorization` header, prefixing with `Bearer `: $ curl $ARGOCD_SERVER/api/v1/applications -H "Authorization: Bearer $ARGOCD_TOKEN" {"metadata":{"selfLink":"/apis/argoproj.io/v1alpha1/namespaces/argocd/applications","resourceVersion":"37755"},"items":...} ``` - -## Services - -### Applications API - -#### How to Avoid 403 Errors for Missing Applications - -All endpoints of the Applications API accept an optional `project` query string parameter. If the parameter is -specified, and the specified Application does not exist, or if the Application does exist but is not in the given -project, the API will return a `404` error. - -If the `project` query string parameter is specified, and the Application does not exist, the API will return a `403` -error. This is to prevent leaking information about the existence of Applications to users who do not have access to -them. + diff --git a/docs/developer-guide/architecture/components.md b/docs/developer-guide/architecture/components.md deleted file mode 100644 index eb2904b531ccb..0000000000000 --- a/docs/developer-guide/architecture/components.md +++ /dev/null @@ -1,118 +0,0 @@ -# Component Architecture - -Argo CD is designed with a component based architecture. The goal is -to separate the responsibility in different deployable units in order -to have the following benefits: - -- **Modularity**: Provides great level of flexibility. Components - interact with each other via an interface. This means that as long - as the interface contract is respected, a given component can be - replaced without requiring the rest of the system to adapt. It is - also possible to run the system without certain components if a - specific group of functionality isn't desired. -- **Single responsibility**: Helps to determine where the different - types of functionality should be implemented which drives for - better system cohesiveness. -- **Reusability**: Clearly defined interfaces helps in functionality - discoverability which benefits reusability of services. - -The default Argo CD installation is composed by different components -and different Kubernetes controllers. The controllers aren't -categorized as components as they have proprietary interfaces (CRDs) -and therefore, miss the modular nature. There are more resources -created while installing Argo CD (ConfigMaps, Services, etc), but for -simplicity we are covering just the ones directly related with the -componentized architecture. - -## Dependencies - -The diagram below has represented all dependencies between the -different components used by the default Argo CD installation: - -![Components Diagram](../../assets/argocd-components.png) - -There are 4 logical layers represented in the diagram: - -- **UI**: This is the presentation layer. Users interact with Argo CD - mainly by components from this layer. -- **Application**: The capabilities required to support the components - from the UI layer. -- **Core**: The main Argo CD gitops functionality is implemented by - components and Kubernetes controllers from the Core layer. -- **Infra**: Represent the tools that Argo CD depends on as part of - its infrastructure. - -The logical layers also help making the diagram easier to follow as -dependencies are represented in a top-down relationship. This means -that components from the top layers will be allowed to depend on any -component from any of the bottom layers. However components from the -bottom layers will never depend on any ones from upper layers. - -## Responsibility - -Below you can refer to a brief description of Argo CD components and -its main responsibilities. - -### Webapp - -Argo CD ships with a powerful web interface that allows managing -applications deployed in a given Kubernetes cluster. - -### CLI - -Argo CD provides a CLI that can be used by users to interact with Argo -CD API. The CLI can also be used for automation and scripting. - -### API Server - -Defines the proprietary API exposed by Argo CD that powers the Webapp -and the CLI functionalities. - -### Application Controller - -The Application Controller is responsible for reconciling the -Application resource in Kubernetes syncronizing the desired -application state (provided in Git) with the live state (in -Kubernetes). The Application Controller is also responsible for -reconciling the Project resource. - -### ApplicationSet Controller - -The ApplicationSet Controller is responsible for reconciling the -ApplicationSet resource. - -### Repo Server - -Repo Server plays an important role in Argo CD architecture as it is -responsible for interacting with the Git repository to generate the -desired state for all Kubernetes resources that belongs to a given -application. - -### Redis - -Redis is used by Argo CD to provide a cache layer reducing requests -sent to the Kube API as well as to the Git provider. It also supports -a few UI operations. - -### Kube API - -Argo CD controllers will connect to the Kubernetes API in order to run -the reconciliation loop. - -### Git - -As a gitops tool Argo CD requires that the desired state of the -Kubernetes resources to be provided in a Git repository. - -We use "git" here to stand in for an actual git repo, a Helm repo, -or an OCI artifact repo. Argo CD supports all those options. - -### Dex - -Argo CD relies on Dex to provide authentication with external OIDC -providers. However other tools can be used instead of Dex. Check the -[user management -documentation](../../operator-manual/user-management/index.md) for -more details. - - diff --git a/docs/developer-guide/extensions/proxy-extensions.md b/docs/developer-guide/extensions/proxy-extensions.md index 8074537170811..4ab80006d2613 100644 --- a/docs/developer-guide/extensions/proxy-extensions.md +++ b/docs/developer-guide/extensions/proxy-extensions.md @@ -52,9 +52,6 @@ data: maxIdleConnections: 30 services: - url: http://httpbin.org - headers: - - name: some-header - value: '$some.argocd.secret.key' cluster: name: some-cluster server: https://some-cluster @@ -114,34 +111,6 @@ Defines a list with backend url by cluster. Is the address where the extension backend must be available. -#### `extensions.backend.services.headers` (*list*) - -If provided, the headers list will be added on all outgoing requests -for this service config. Existing headers in the incoming request with -the same name will be overriden by the one in this list. Reserved header -names will be ignored (see the [headers](#incoming-request-headers) below). - -#### `extensions.backend.services.headers.name` (*string*) -(mandatory) - -Defines the name of the header. It is a mandatory field if a header is -provided. - -#### `extensions.backend.services.headers.value` (*string*) -(mandatory) - -Defines the value of the header. It is a mandatory field if a header is -provided. The value can be provided as verbatim or as a reference to an -Argo CD secret key. In order to provide it as a reference, it is -necessary to prefix it with a dollar sign. - -Example: - - value: '$some.argocd.secret.key' - -In the example above, the value will be replaced with the one from -the argocd-secret with key 'some.argocd.secret.key'. - #### `extensions.backend.services.cluster` (*object*) (optional) @@ -197,14 +166,14 @@ configuration: └─────────────────┘ ``` -### Incoming Request Headers +### Headers Note that Argo CD API Server requires additional HTTP headers to be sent in order to enforce if the incoming request is authenticated and authorized before being proxied to the backend service. The headers are documented below: -#### `Cookie` +#### `Cookie` (*mandatory*) Argo CD UI keeps the authentication token stored in a cookie (`argocd.token`). This value needs to be sent in the `Cookie` header @@ -243,25 +212,6 @@ same headers are also sent to the backend service. The backend service must also validate if the validated headers are compatible with the rest of the incoming request. -### Outgoing Requests Headers - -Requests sent to backend services will be decorated with additional -headers. The outgoing request headers are documented below: - -#### `Argocd-Target-Cluster-Name` - -Will be populated with the value from `app.Spec.Destination.Name` if -it is not empty string in the application resource. - -#### `Argocd-Target-Cluster-URL` - -Will be populated with the value from `app.Spec.Destination.Server` if -it is not empty string is the Application resource. - -Note that additional pre-configured headers can be added to outgoing -request. See [backend service headers](#extensionsbackendservicesheaders-list) -section for more details. - ### Multi Backend Use-Case In some cases when Argo CD is configured to sync with multiple remote @@ -306,28 +256,6 @@ is then sanitized before being sent to the backend service. The request sanitization will remove sensitive information from the request like the `Cookie` and `Authorization` headers. -A new `Authorization` header can be added to the outgoing request by -defining it as a header in the `extensions.backend.services.headers` -configuration. Consider the following example: - -```yaml -extension.config: | - extensions: - - name: some-extension - backend: - services: - - url: http://extension-name.com:8080 - headers: - - name: Authorization - value: '$some-extension.authorization.header' -``` - -In the example above, all requests sent to -`http://extension-name.com:8080` will have an additional -`Authorization` header. The value of this header will be the one from -the [argocd-secret](../../operator-manual/argocd-secret-yaml.md) with -key `some-extension.authorization.header` - [1]: https://github.com/argoproj/argoproj/blob/master/community/feature-status.md [2]: https://argo-cd.readthedocs.io/en/stable/operator-manual/argocd-cm.yaml [3]: ../../operator-manual/rbac.md#the-extensions-resource diff --git a/docs/developer-guide/releasing.md b/docs/developer-guide/releasing.md index bb51ebfa8d14b..db4a83b10d682 100644 --- a/docs/developer-guide/releasing.md +++ b/docs/developer-guide/releasing.md @@ -1,8 +1,8 @@ # Releasing -## Introduction +## Automated release procedure -Argo CD is released in a 2 step automated fashion using GitHub actions. The release process takes about 60 minutes, +ArgoCD is released in a 2 step automated fashion using GitHub actions. The release process takes about 60 minutes, sometimes a little less, depending on the performance of GitHub Actions runners. The target release branch must already exist in the GitHub repository. If you for @@ -37,8 +37,6 @@ triggered. This will be automated in the very near future. * Update the stable tag when applicable * Update `VERSION` file in the master branch when a new release is GA -## Steps - ### Step 1 - Update Version and Manifest 1. Ensure that the TARGET_BRANCH already exist. @@ -49,38 +47,54 @@ and choose which branch you would like to work from. ![GitHub Release Action](../assets/release-action.png) -When the action is completed a pull request will be generated that contains the updated manifest and `Version` file. - -5. Merge the pull request and proceed to step 2. +1. When the action is completed a pull request will be generated that contains the updated manifest and `Version` file. +2. Merge the pull request and proceed to step 2. ### Step 2 - Tag Release Branch +The `Publish ArgoCD Release` workflow is triggered by pushing a tag to the repository. +The tag must be in one of the following formats to trigger the GH workflow: -The steps below need to be executed by someone with write access in Argo CD upstream repo. +* GA: `v..` +* Pre-release: `v..-rc` -1. Checkout the release branch. Example: `git fetch upstream && git - checkout release-2.7` -2. Run the script found at `hack/trigger-release.sh` as follows: +For example, consider you have configured the Git remote for the repository to +`github.com/argoproj/argo-cd` to be named `upstream` and are in your locally +checked out repo of the release branch: ```shell -./hack/trigger-release.sh +git pull upstream release-2.7 +git tag release-v2.7.0-rc1 +git push upstream release-v2.7.0-rc1 ``` +!!! tip + For convenience, there is a shell script in the tree that ensures all the + pre-requisites are met and that the trigger is well-formed before pushing + it to the GitHub repo. + +The script can be found at `hack/trigger-release.sh` and is used as follows: -Example: ```shell -./hack/trigger-release.sh v2.7.2 upstream +./hack/trigger-release.sh ``` -!!! tip - The tag must be in one of the following formats to trigger the GH workflow:
- * GA: `v..`
- * Pre-release: `v..-rc` +The `` identifier needs to be specified in the format of `v..-rc`, +so just specify it as `v2.7.0-rc1` for example. The `` +specifies the name of the remote used to push to the GitHub repository. -Once the script is executed successfully, a GitHub workflow will start -execution. You can follow its progress under the [Actions](https://github.com/argoproj/argo-cd/actions/workflows/release.yaml) tab, the name of the action is `Publish ArgoCD Release`. +!!! warning + It is strongly recommended to use this script to trigger the workflow + instead of manually pushing a tag to the repository. + +Once the trigger tag is pushed to the repo, the GitHub workflow will start +execution. You can follow its progress under the [Actions](https://github.com/argoproj/argo-cd/actions/workflows/release.yaml) tab, the name of the action is `Publish ArgoCD Release`. Don't get confused by the name of the running +workflow, it will be the last commit message of the latest commit to the release branch. !!! warning You cannot perform more than one release on the same release branch at the - same time. + same time. For example, both `v2.7.0` and `v2.7.1` would operate on the + `release-2.7` branch. You have to either cancel `v2.7.0` before submitting + `v2.7.1` or wait until it has finished. You can execute releases on different + release branches simultaneously, for example, `v2.7.5` and `v2.8.0-rc1` without problems. ### Verifying automated release @@ -106,7 +120,6 @@ have been performed, you will need to manually clean up. The release process does not allow a manual release process. Image signatures and provenance need to be created using GitHub Actions. ## Notable files that involve the release process. - | File | Description | |------------------------------------|--------------------------------------------------------| |goreleaser.yaml |Config to build CLI binaries, checksums, release-notes | diff --git a/docs/developer-guide/toolchain-guide.md b/docs/developer-guide/toolchain-guide.md index a11d27ac99c4a..ae3c91b8ac388 100644 --- a/docs/developer-guide/toolchain-guide.md +++ b/docs/developer-guide/toolchain-guide.md @@ -53,7 +53,7 @@ The following read will help you to submit a PR that meets the standards of our Please use a meaningful and concise title for your PR. This will help us to pick PRs for review quickly, and the PR title will also end up in the Changelog. -We use [PR title checker](https://github.com/marketplace/actions/pr-title-checker) to categorize your PR into one of the following categories: +We use the [Semantic PR title checker](https://github.com/zeke/semantic-pull-requests) to categorize your PR into one of the following categories: * `fix` - Your PR contains one or more code bug fixes * `feat` - Your PR contains a new feature @@ -157,9 +157,9 @@ Make sure you fulfill the pre-requisites above and run some preliminary tests. N * Run `docker version` * Run `go version` -### Build the required Docker image +### Build (or pull) the required Docker image -Build the required Docker image by running `make test-tools-image`. This image offers the environment of the virtualized toolchain. +Build the required Docker image by running `make test-tools-image` or pull the latest version by issuing `docker pull argoproj/argocd-test-tools`. The `Dockerfile` used to build these images can be found at `test/container/Dockerfile`. diff --git a/docs/faq.md b/docs/faq.md index 19273acc04d23..588415fc04d2d 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -139,7 +139,7 @@ See [#1482](https://github.com/argoproj/argo-cd/issues/1482). ## How often does Argo CD check for changes to my Git or Helm repository ? The default polling interval is 3 minutes (180 seconds). -You can change the setting by updating the `timeout.reconciliation` value in the [argocd-cm](https://github.com/argoproj/argo-cd/blob/2d6ce088acd4fb29271ffb6f6023dbb27594d59b/docs/operator-manual/argocd-cm.yaml#L279-L282) config map. If there are any Git changes, Argo CD will only update applications with the [auto-sync setting](user-guide/auto_sync.md) enabled. If you set it to `0` then Argo CD will stop polling Git repositories automatically and you can only use alternative methods such as [webhooks](operator-manual/webhook.md) and/or manual syncs for deploying applications. +You can change the setting by updating the `timeout.reconciliation` value in the [argocd-cm](https://github.com/argoproj/argo-cd/blob/2d6ce088acd4fb29271ffb6f6023dbb27594d59b/docs/operator-manual/argocd-cm.yaml#L279-L282) config map. If there are any Git changes, ArgoCD will only update applications with the [auto-sync setting](user-guide/auto_sync.md) enabled. If you set it to `0` then Argo CD will stop polling Git repositories automatically and you can only use alternative methods such as [webhooks](operator-manual/webhook.md) and/or manual syncs for deploying applications. ## Why Are My Resource Limits `Out Of Sync`? @@ -194,7 +194,7 @@ argocd ... --insecure ## I have configured Dex via `dex.config` in `argocd-cm`, it still says Dex is unconfigured. Why? -Most likely you forgot to set the `url` in `argocd-cm` to point to your Argo CD as well. See also +Most likely you forgot to set the `url` in `argocd-cm` to point to your ArgoCD as well. See also [the docs](./operator-manual/user-management/index.md#2-configure-argo-cd-for-sso). ## Why are `SealedSecret` resources reporting a `Status`? @@ -208,14 +208,14 @@ fixed CRD if you want this feature to work at all. ## Why are resources of type `SealedSecret` stuck in the `Progressing` state? The controller of the `SealedSecret` resource may expose the status condition on resource it provisioned. Since -version `v2.0.0` Argo CD picks up that status condition to derive a health status for the `SealedSecret`. +version `v2.0.0` ArgoCD picks up that status condition to derive a health status for the `SealedSecret`. Versions before `v0.15.0` of the `SealedSecret` controller are affected by an issue regarding this status conditions updates, which is why this feature is disabled by default in these versions. Status condition updates may be enabled by starting the `SealedSecret` controller with the `--update-status` command line parameter or by setting the `SEALED_SECRETS_UPDATE_STATUS` environment variable. -To disable Argo CD from checking the status condition on `SealedSecret` resources, add the following resource +To disable ArgoCD from checking the status condition on `SealedSecret` resources, add the following resource customization in your `argocd-cm` ConfigMap via `resource.customizations.health.` key. ```yaml diff --git a/docs/index.md b/docs/index.md index 6315ced37efad..975b4ae56cae4 100644 --- a/docs/index.md +++ b/docs/index.md @@ -25,7 +25,7 @@ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/st ``` Follow our [getting started guide](getting_started.md). Further user oriented [documentation](user-guide/) -is provided for additional features. If you are looking to upgrade Argo CD, see the [upgrade guide](./operator-manual/upgrading/overview.md). +is provided for additional features. If you are looking to upgrade ArgoCD, see the [upgrade guide](./operator-manual/upgrading/overview.md). Developer oriented [documentation](developer-guide/) is available for people interested in building third-party integrations. ## How it works diff --git a/docs/operator-manual/app-any-namespace.md b/docs/operator-manual/app-any-namespace.md index b59b046d3746b..ab4b0ca299d7b 100644 --- a/docs/operator-manual/app-any-namespace.md +++ b/docs/operator-manual/app-any-namespace.md @@ -130,7 +130,7 @@ For backwards compatibility, if the namespace of the Application is the control ### Application RBAC -The RBAC syntax for Application objects has been changed from `/` to `//` to accommodate the need to restrict access based on the source namespace of the Application to be managed. +The RBAC syntax for Application objects has been changed from `/` to `//` to accomodate the need to restrict access based on the source namespace of the Application to be managed. For backwards compatibility, Applications in the `argocd` namespace can still be refered to as `/` in the RBAC policy rules. diff --git a/docs/operator-manual/application.yaml b/docs/operator-manual/application.yaml index 076e348f30801..f7a612ae8cf98 100644 --- a/docs/operator-manual/application.yaml +++ b/docs/operator-manual/application.yaml @@ -51,7 +51,7 @@ spec: # Ignore locally missing valueFiles when installing Helm chart. Defaults to false ignoreMissingValueFiles: false - # Values file as block file. Prefer to use valuesObject if possible (see below) + # Values file as block file values: | ingress: enabled: true @@ -67,22 +67,6 @@ spec: hosts: - mydomain.example.com - # Values file as block file. This takes precedence over values - valuesObject: - ingress: - enabled: true - path: / - hosts: - - mydomain.example.com - annotations: - kubernetes.io/ingress.class: nginx - kubernetes.io/tls-acme: "true" - labels: {} - tls: - - secretName: mydomain-tls - hosts: - - mydomain.example.com - # Skip custom resource definition installation if chart contains custom resource definitions. Defaults to false skipCrds: false diff --git a/docs/operator-manual/applicationset.yaml b/docs/operator-manual/applicationset.yaml index 7e5a5b80d3583..2267343a7c489 100644 --- a/docs/operator-manual/applicationset.yaml +++ b/docs/operator-manual/applicationset.yaml @@ -11,9 +11,6 @@ spec: - cluster: https://kubernetes.default.svc # Determines whether go templating will be used in the `template` field below. goTemplate: false - # Optional list of go templating options, see https://pkg.go.dev/text/template#Template.Option - # This is only relevant if `goTemplate` is true - goTemplateOptions: ["missingkey="] # These fields are identical to the Application spec. template: metadata: diff --git a/docs/operator-manual/applicationset/Add-self-signed-TLS-Certs.md b/docs/operator-manual/applicationset/Add-self-signed-TLS-Certs.md deleted file mode 100644 index 4a4ed1b44426e..0000000000000 --- a/docs/operator-manual/applicationset/Add-self-signed-TLS-Certs.md +++ /dev/null @@ -1,9 +0,0 @@ -# Add support for self-signed TLS / Certificates for Gitlab SCM/PR Provider - -## Implementation details - -### Overview - -In order for a self-signed TLS certificate be used by an ApplicationSet's SCM / PR Gitlab Generator, the certificate needs to be mounted on the application-controller. The path of the mounted certificate must be explicitly set using the environment variable `ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH` or alternatively using parameter `--scm-root-ca-path`. The applicationset controller will read the mounted certificate to create the Gitlab client for SCM/PR Providers - -This can be achieved conveniently by setting `applicationsetcontroller.scm.root.ca.path` in the argocd-cmd-params-cm ConfigMap. Be sure to restart the ApplicationSet controller after setting this value. diff --git a/docs/operator-manual/applicationset/Appset-Any-Namespace.md b/docs/operator-manual/applicationset/Appset-Any-Namespace.md deleted file mode 100644 index 494b36dbdcf36..0000000000000 --- a/docs/operator-manual/applicationset/Appset-Any-Namespace.md +++ /dev/null @@ -1,221 +0,0 @@ -# ApplicationSet in any namespace - -**Current feature state**: Beta - -!!! warning - Please read this documentation carefully before you enable this feature. Misconfiguration could lead to potential security issues. - -## Introduction - -As of version 2.8, Argo CD supports managing `ApplicationSet` resources in namespaces other than the control plane's namespace (which is usually `argocd`), but this feature has to be explicitly enabled and configured appropriately. - -Argo CD administrators can define a certain set of namespaces where `ApplicationSet` resources may be created, updated and reconciled in. - -As Applications generated by an ApplicationSet are generated in the same namespace as the ApplicationSet itself, this works in combination with [App in any namespace](../app-any-namespace.md). - -## Prerequisites - -### App in any namespace configured - -This feature needs [App in any namespace](../app-any-namespace.md) feature activated. The list of namespaces must be the same. - -### Cluster-scoped Argo CD installation - -This feature can only be enabled and used when your Argo CD ApplicationSet controller is installed as a cluster-wide instance, so it has permissions to list and manipulate resources on a cluster scope. It will *not* work with an Argo CD installed in namespace-scoped mode. - -### SCM Providers secrets consideration - -By allowing ApplicationSet in any namespace you must be aware that any secrets can be exfiltrated using `scmProvider` or `pullRequest` generators. - -Here is an example: - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: myapps -spec: - generators: - - scmProvider: - gitea: - # The Gitea owner to scan. - owner: myorg - # With this malicious setting, user can send all request to a Pod that will log incoming requests including headers with tokens - api: http://my-service.my-namespace.svc.cluster.local - # If true, scan every branch of every repository. If false, scan only the default branch. Defaults to false. - allBranches: true - # By changing this token reference, user can exfiltrate any secrets - tokenRef: - secretName: gitea-token - key: token - template: -``` - -Therefore administrator must restrict the urls of the allowed SCM Providers (example: `https://git.mydomain.com/,https://gitlab.mydomain.com/`) by setting the environment variable `ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS` to argocd-cmd-params-cm `applicationsetcontroller.allowed.scm.providers`. If another url is used, it will be rejected by the applicationset controller. - - -For example: -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cmd-params-cm -data: - applicationsetcontroller.allowed.scm.providers: https://git.mydomain.com/,https://gitlab.mydomain.com/ -``` - -> Please note url used in the `api` field of the `ApplicationSet` must match the url declared by the Administrator including the protocol - -### Overview - -In order for an ApplicationSet to be managed and reconciled outside the Argo CD's control plane namespace, two prerequisites must match: - -1. The namespace list from which `argocd-applicationset-controller` can source `ApplicationSets` must be explicitly set using environment variable `ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES` or alternatively using parameter `--applicationset-namespaces`. -2. The enabled namespaces must be entirely covered by the [App in any namespace](../app-any-namespace.md), otherwise the generated Applications generated outside the allowed Application namespaces won't be reconciled - -It can be achieved by setting the environment variable `ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES` to argocd-cmd-params-cm `applicationsetcontroller.namespaces` - -`ApplicationSets` in different namespaces can be created and managed just like any other `ApplicationSet` in the `argocd` namespace previously, either declaratively or through the Argo CD API (e.g. using the CLI, the web UI, the REST API, etc). - -### Reconfigure Argo CD to allow certain namespaces - -#### Change workload startup parameters - -In order to enable this feature, the Argo CD administrator must reconfigure the and `argocd-applicationset-controller` workloads to add the `--applicationset-namespaces` parameter to the container's startup command. - -### Safely template project - -As [App in any namespace](../app-any-namespace.md) is a prerequisite, it is possible to safely template project. - -Let's take an example with two teams and an infra project: - -```yaml -kind: AppProject -apiVersion: argoproj.io/v1alpha1 -metadata: - name: infra-project - namespace: argocd -spec: - destinations: - - namespace: '*' -``` - -```yaml -kind: AppProject -apiVersion: argoproj.io/v1alpha1 -metadata: - name: team-one-project - namespace: argocd -spec: - sourceNamespaces: - - team-one-cd -``` - -```yaml -kind: AppProject -apiVersion: argoproj.io/v1alpha1 -metadata: - name: team-two-project - namespace: argocd -spec: - sourceNamespaces: - - team-two-cd -``` - -Creating following `ApplicationSet` generates two Applications `infra-escalation` and `team-two-escalation`. Both will be rejected as they are outside `argocd` namespace, therefore `sourceNamespaces` will be checked - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: team-one-product-one - namespace: team-one-cd -spec: - generators: - list: - - id: infra - project: infra-project - - id: team-two - project: team-two-project - template: - metadata: - name: '{{name}}-escalation' - spec: - project: "{{project}}" -``` - -### ApplicationSet names - -For the CLI, applicationSets are now referred to and displayed as in the format `/`. - -For backwards compatibility, if the namespace of the ApplicationSet is the control plane's namespace (i.e. `argocd`), the `` can be omitted from the applicationset name when referring to it. For example, the application names `argocd/someappset` and `someappset` are semantically the same and refer to the same application in the CLI and the UI. - -### Applicationsets RBAC - -The RBAC syntax for Application objects has been changed from `/` to `//` to accommodate the need to restrict access based on the source namespace of the Application to be managed. - -For backwards compatibility, Applications in the argocd namespace can still be referred to as `/` in the RBAC policy rules. - -Wildcards do not make any distinction between project and applicationset namespaces yet. For example, the following RBAC rule would match any application belonging to project foo, regardless of the namespace it is created in: - - -``` -p, somerole, applicationsets, get, foo/*, allow -``` - -If you want to restrict access to be granted only to `ApplicationSets` with project `foo` within namespace `bar`, the rule would need to be adapted as follows: - -``` -p, somerole, applicationsets, get, foo/bar/*, allow -``` - -## Managing applicationSets in other namespaces - -### Using the CLI - -You can use all existing Argo CD CLI commands for managing applications in other namespaces, exactly as you would use the CLI to manage applications in the control plane's namespace. - -For example, to retrieve the `ApplicationSet` named `foo` in the namespace `bar`, you can use the following CLI command: - -```shell -argocd appset get foo/bar -``` - -Likewise, to manage this applicationSet, keep referring to it as `foo/bar`: - -```bash -# Delete the application -argocd appset delete foo/bar -``` - -There is no change on the create command as it is using a file. You just need to add the namespace in the `metadata.namespace` field. - -As stated previously, for applicationSets in the Argo CD's control plane namespace, you can omit the namespace from the application name. - -### Using the REST API - -If you are using the REST API, the namespace for `ApplicationSet` cannot be specified as the application name, and resources need to be specified using the optional `appNamespace` query parameter. For example, to work with the `ApplicationSet` resource named `foo` in the namespace `bar`, the request would look like follows: - -```bash -GET /api/v1/applicationsets/foo?appsetNamespace=bar -``` - -For other operations such as `POST` and `PUT`, the `appNamespace` parameter must be part of the request's payload. - -For `ApplicationSet` resources in the control plane namespace, this parameter can be omitted. - -## Clusters secrets consideration - -By allowing ApplicationSet in any namespace you must be aware that clusters can be discovered and used. - -Example: - -Following will discover all clusters - -```yaml -spec: - generators: - - clusters: {} # Automatically use all clusters defined within Argo CD -``` - -If you don't want to allow users to discover all clusters with ApplicationSets from other namespaces you may consider deploying ArgoCD in namespace scope or use OPA rules. \ No newline at end of file diff --git a/docs/operator-manual/applicationset/Controlling-Resource-Modification.md b/docs/operator-manual/applicationset/Controlling-Resource-Modification.md index b9c383cda404f..0e1e29f43359c 100644 --- a/docs/operator-manual/applicationset/Controlling-Resource-Modification.md +++ b/docs/operator-manual/applicationset/Controlling-Resource-Modification.md @@ -14,51 +14,17 @@ To enable dry-run, add `--dryrun true` to the ApplicationSet Deployment's contai See 'How to modify ApplicationSet container parameters' below for detailed steps on how to add this parameter to the controller. -### Managed Applications modification Policies +### Policy - `create-only`: Prevent ApplicationSet controller from modifying or deleting Applications The ApplicationSet controller supports a parameter `--policy`, which is specified on launch (within the controller Deployment container), and which restricts what types of modifications will be made to managed Argo CD `Application` resources. -The `--policy` parameter takes four values: `sync`, `create-only`, `create-delete`, and `create-update`. (`sync` is the default, which is used if the `--policy` parameter is not specified; the other policies are described below). - -It is also possible to set this policy per ApplicationSet. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -spec: - # (...) - syncPolicy: - applicationsSync: create-only # create-update, create-delete sync - -``` - -- Policy `create-only`: Prevents ApplicationSet controller from modifying or deleting Applications. -- Policy `create-update`: Prevents ApplicationSet controller from deleting Applications. Update is allowed. -- Policy `create-delete`: Prevents ApplicationSet controller from modifying Applications. Delete is allowed. -- Policy `sync`: Update and Delete are allowed. - -If the controller parameter `--policy` is set, it takes precedence on the field `applicationsSync`. It is possible to allow per ApplicationSet sync policy by setting variable `ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE` to argocd-cmd-params-cm `applicationsetcontroller.enable.policy.override` or directly with controller parameter `--enable-policy-override` (default to `false`). - -This does not prevent deletion of Applications if the ApplicationSet is deleted - -#### Controller parameter +The `--policy` parameter takes one of the following valid values: `sync`, `create-only`, `create-update`, and `create-delete`. (`sync` is the default, which is used if the `--policy` parameter is not specified; the other policies are described below). To allow the ApplicationSet controller to *create* `Application` resources, but prevent any further modification, such as deletion, or modification of Application fields, add this parameter in the ApplicationSet controller: ``` --policy create-only ``` -At ApplicationSet level - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -spec: - # (...) - syncPolicy: - applicationsSync: create-only -``` - ### Policy - `create-update`: Prevent ApplicationSet controller from deleting Applications To allow the ApplicationSet controller to create or modify `Application` resources, but prevent Applications from being deleted, add the following parameter to the ApplicationSet controller `Deployment`: @@ -68,15 +34,11 @@ To allow the ApplicationSet controller to create or modify `Application` resourc This may be useful to users looking for additional protection against deletion of the Applications generated by the controller. -At ApplicationSet level +### Policy - `create-delete`: Prevent ApplicationSet controller from updating Applications -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -spec: - # (...) - syncPolicy: - applicationsSync: create-update +To allow the ApplicationSet controller to create or delete `Application` resources, but prevent Applications from being updated, add the following parameter to the ApplicationSet controller `Deployment`: +``` +--policy create-delete ``` ### Prevent an `Application`'s child resources from being deleted, when the parent Application is deleted @@ -95,7 +57,6 @@ spec: More information on the specific behaviour of `preserveResourcesOnDeletion`, and deletion in ApplicationSet controller and Argo CD in general, can be found on the [Application Deletion](Application-Deletion.md) page. - ### Prevent an Application's child resources from being modified Changes made to the ApplicationSet will propagate to the Applications managed by the ApplicationSet, and then Argo CD will propagate the Application changes to the underlying cluster resources (as per [Argo CD Integration](Argo-CD-Integration.md)). @@ -195,6 +156,10 @@ By default, the Argo CD notifications and the Argo CD refresh type annotations a Here is a list of commonly requested resource modification features which are not supported as of the current release. This lack of support is *not* necessarily by design; rather these behaviours are documented here to provide clear, concise descriptions of the current state of the feature. +### Limitation: Control resource modification on a per ApplicationSet basis + +There is currently no way to restrict modification/deletion of the Applications that are owned by an *individual* ApplicationSet. The global `--policy` parameters described above only allow targeting of *all* ApplicationSets (eg it is 'all or nothing'). + ### Limitation: No support for manual edits to individual Applications There is currently no way to allow modification of a single child Application of an ApplicationSet, for example, if you wanted to make manual edits to a single Application for debugging/testing purposes. diff --git a/docs/operator-manual/applicationset/Generators-Git-File-Globbing.md b/docs/operator-manual/applicationset/Generators-Git-File-Globbing.md deleted file mode 100644 index 4f8967b5937fa..0000000000000 --- a/docs/operator-manual/applicationset/Generators-Git-File-Globbing.md +++ /dev/null @@ -1,85 +0,0 @@ -# Git File Generator Globbing - -## Problem Statement - -The original and default implementation of the Git file generator does very greedy globbing. This can trigger errors or catch users off-guard. For example, consider the following repository layout: - -``` -└── cluster-charts/ - ├── cluster1 - │ ├── mychart/ - │ │  ├── charts/ - │ │   │   └── mysubchart/ - │ │ │ ├── values.yaml - │ │   │   └── etc… - │ │   ├── values.yaml - │ │ └── etc… - │ └── myotherchart/ - │ ├── values.yaml - │ └── etc… - └── cluster2 - └── etc… -``` - -In `cluster1` we have two charts, one of them with a subchart. - -Assuming we need the ApplicationSet to template values in the `values.yaml`, then we need to use a Git file generator instead of a directory generator. The value of the `path` key of the Git file generator should be set to: - -``` -path: cluster-charts/*/*/values.yaml -``` - -However, the default implementation will interpret the above pattern as: - -``` -path: cluster-charts/**/values.yaml -``` - -Meaning, for `mychart` in `cluster1`, that it will pick up both the chart's `values.yaml` but also the one from its subchart. This will most likely fail, and even if it didn't it would be wrong. - -There are multiple other ways this undesirable globbing can fail. For example: - -``` -path: some-path/*.yaml -``` - -This will return all YAML files in any directory at any level under `some-path`, instead of only those directly under it. - -## Enabling the New Globbing - -Since some users may rely on the old behavior it was decided to make the fix optional and not enabled by default. - -It can be enabled in any of these ways: - -1. Pass `--enable-new-git-file-globbing` to the ApplicationSet controller args. -1. Set `ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING=true` in the ApplicationSet controller environment variables. -1. Set `applicationsetcontroller.enable.new.git.file.globbing: true` in the Argo CD ConfigMap. - -Note that the default may change in the future. - -## Usage - -The new Git file generator globbing uses the `doublestar` package. You can find it [here](https://github.com/bmatcuk/doublestar). - -Below is a short excerpt from its documentation. - -doublestar patterns match files and directories recursively. For example, if -you had the following directory structure: - -```bash -grandparent -`-- parent - |-- child1 - `-- child2 -``` - -You could find the children with patterns such as: `**/child*`, -`grandparent/**/child?`, `**/parent/*`, or even just `**` by itself (which will -return all files and directories recursively). - -Bash's globstar is doublestar's inspiration and, as such, works similarly. -Note that the doublestar must appear as a path component by itself. A pattern -such as `/path**` is invalid and will be treated the same as `/path*`, but -`/path*/**` should achieve the desired result. Additionally, `/path/**` will -match all directories and files under the path directory, but `/path/**/` will -only match directories. diff --git a/docs/operator-manual/applicationset/Generators-Git.md b/docs/operator-manual/applicationset/Generators-Git.md index 25923a4a75d83..eb6b4f01c9fe2 100644 --- a/docs/operator-manual/applicationset/Generators-Git.md +++ b/docs/operator-manual/applicationset/Generators-Git.md @@ -37,8 +37,6 @@ metadata: name: cluster-addons namespace: argocd spec: - goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/argoproj/argo-cd.git @@ -47,16 +45,16 @@ spec: - path: applicationset/examples/git-generator-directory/cluster-addons/* template: metadata: - name: '{{.path.basename}}' + name: '{{path.basename}}' spec: project: "my-project" source: repoURL: https://github.com/argoproj/argo-cd.git targetRevision: HEAD - path: '{{.path.path}}' + path: '{{path}}' destination: server: https://kubernetes.default.svc - namespace: '{{.path.basename}}' + namespace: '{{path.basename}}' syncPolicy: syncOptions: - CreateNamespace=true @@ -65,14 +63,14 @@ spec: The generator parameters are: -- `{{.path.path}}`: The directory paths within the Git repository that match the `path` wildcard. -- `{{index .path.segments n}}`: The directory paths within the Git repository that match the `path` wildcard, split into array elements (`n` - array index) -- `{{.path.basename}}`: For any directory path within the Git repository that matches the `path` wildcard, the right-most path name is extracted (e.g. `/directory/directory2` would produce `directory2`). -- `{{.path.basenameNormalized}}`: This field is the same as `path.basename` with unsupported characters replaced with `-` (e.g. a `path` of `/directory/directory_2`, and `path.basename` of `directory_2` would produce `directory-2` here). +- `{{path}}`: The directory paths within the Git repository that match the `path` wildcard. +- `{{path[n]}}`: The directory paths within the Git repository that match the `path` wildcard, split into array elements (`n` - array index) +- `{{path.basename}}`: For any directory path within the Git repository that matches the `path` wildcard, the right-most path name is extracted (e.g. `/directory/directory2` would produce `directory2`). +- `{{path.basenameNormalized}}`: This field is the same as `path.basename` with unsupported characters replaced with `-` (e.g. a `path` of `/directory/directory_2`, and `path.basename` of `directory_2` would produce `directory-2` here). -**Note**: The right-most path name always becomes `{{.path.basename}}`. For example, for `- path: /one/two/three/four`, `{{.path.basename}}` is `four`. +**Note**: The right-most path name always becomes `{{path.basename}}`. For example, for `- path: /one/two/three/four`, `{{path.basename}}` is `four`. -**Note**: If the `pathParamPrefix` option is specified, all `path`-related parameter names above will be prefixed with the specified value and a dot separator. E.g., if `pathParamPrefix` is `myRepo`, then the generated parameter name would be `.myRepo.path` instead of `.path`. Using this option is necessary in a Matrix generator where both child generators are Git generators (to avoid conflicts when merging the child generators’ items). +**Note**: If the `pathParamPrefix` option is specified, all `path`-related parameter names above will be prefixed with the specified value and a dot separator. E.g., if `pathParamPrefix` is `myRepo`, then the generated parameter name would be `myRepo.path` instead of `path`. Using this option is necessary in a Matrix generator where both child generators are Git generators (to avoid conflicts when merging the child generators’ items). Whenever a new Helm chart/Kustomize YAML/Application/plain subdirectory is added to the Git repository, the ApplicationSet controller will detect this change and automatically deploy the resulting manifests within new `Application` resources. @@ -91,8 +89,6 @@ metadata: name: cluster-addons namespace: argocd spec: - goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/argoproj/argo-cd.git @@ -103,16 +99,16 @@ spec: exclude: true template: metadata: - name: '{{.path.basename}}' + name: '{{path.basename}}' spec: project: "my-project" source: repoURL: https://github.com/argoproj/argo-cd.git targetRevision: HEAD - path: '{{.path.path}}' + path: '{{path}}' destination: server: https://kubernetes.default.svc - namespace: '{{.path.basename}}' + namespace: '{{path.basename}}' ``` (*The full example can be found [here](https://github.com/argoproj/argo-cd/tree/master/applicationset/examples/git-generator-directory/excludes).*) @@ -174,8 +170,6 @@ metadata: name: cluster-addons namespace: argocd spec: - goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/example/example-repo.git @@ -184,40 +178,6 @@ spec: - path: '*' - path: donotdeploy exclude: true - template: - metadata: - name: '{{.path.basename}}' - spec: - project: "my-project" - source: - repoURL: https://github.com/example/example-repo.git - targetRevision: HEAD - path: '{{.path.path}}' - destination: - server: https://kubernetes.default.svc - namespace: '{{.path.basename}}' -``` - -### Pass additional key-value pairs via `values` field - -You may pass additional, arbitrary string key-value pairs via the `values` field of the git directory generator. Values added via the `values` field are added as `values.(field)`. - -In this example, a `cluster` parameter value is passed. It is interpolated from the `branch` and `path` variable, to then be used to determine the destination namespace. -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: cluster-addons - namespace: argocd -spec: - generators: - - git: - repoURL: https://github.com/example/example-repo.git - revision: HEAD - directories: - - path: '*' - values: - cluster: '{{branch}}-{{path}}' template: metadata: name: '{{path.basename}}' @@ -229,14 +189,9 @@ spec: path: '{{path}}' destination: server: https://kubernetes.default.svc - namespace: '{{values.cluster}}' + namespace: '{{path.basename}}' ``` -!!! note - The `values.` prefix is always prepended to values provided via `generators.git.values` field. Ensure you include this prefix in the parameter name within the `template` when using it. - -In `values` we can also interpolate all fields set by the git directory generator as mentioned above. - ## Git Generator: Files The Git file generator is the second subtype of the Git generator. The Git file generator generates parameters using the contents of JSON/YAML files found within a specified repository. @@ -294,8 +249,6 @@ metadata: name: guestbook namespace: argocd spec: - goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/argoproj/argo-cd.git @@ -304,7 +257,7 @@ spec: - path: "applicationset/examples/git-generator-files-discovery/cluster-config/**/config.json" template: metadata: - name: '{{.cluster.name}}-guestbook' + name: '{{cluster.name}}-guestbook' spec: project: default source: @@ -312,7 +265,7 @@ spec: targetRevision: HEAD path: "applicationset/examples/git-generator-files-discovery/apps/guestbook" destination: - server: '{{.cluster.address}}' + server: '{{cluster.address}}' namespace: guestbook ``` (*The full example can be found [here](https://github.com/argoproj/argo-cd/tree/master/applicationset/examples/git-generator-files-discovery).*) @@ -335,47 +288,6 @@ The filename can always be accessed using `{{path.filename}}`. **Note**: If the `pathParamPrefix` option is specified, all `path`-related parameter names above will be prefixed with the specified value and a dot separator. E.g., if `pathParamPrefix` is `myRepo`, then the generated parameter name would be `myRepo.path` instead of `path`. Using this option is necessary in a Matrix generator where both child generators are Git generators (to avoid conflicts when merging the child generators’ items). -**Note**: The default behavior of the Git file generator is very greedy. Please see [Git File Generator Globbing](./Generators-Git-File-Globbing.md) for more information. - -### Pass additional key-value pairs via `values` field - -You may pass additional, arbitrary string key-value pairs via the `values` field of the git files generator. Values added via the `values` field are added as `values.(field)`. - -In this example, a `base_dir` parameter value is passed. It is interpolated from `path` segments, to then be used to determine the source path. -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: guestbook - namespace: argocd -spec: - generators: - - git: - repoURL: https://github.com/argoproj/argo-cd.git - revision: HEAD - files: - - path: "applicationset/examples/git-generator-files-discovery/cluster-config/**/config.json" - values: - base_dir: "{{path[0]}}/{{path[1]}}/{{path[2]}}" - template: - metadata: - name: '{{cluster.name}}-guestbook' - spec: - project: default - source: - repoURL: https://github.com/argoproj/argo-cd.git - targetRevision: HEAD - path: "{{values.base_dir}}/apps/guestbook" - destination: - server: '{{cluster.address}}' - namespace: guestbook -``` - -!!! note - The `values.` prefix is always prepended to values provided via `generators.git.values` field. Ensure you include this prefix in the parameter name within the `template` when using it. - -In `values` we can also interpolate all fields set by the git files generator as mentioned above. - ## Webhook Configuration When using a Git generator, ApplicationSet polls Git repositories every three minutes to detect changes. To eliminate diff --git a/docs/operator-manual/applicationset/Generators-List.md b/docs/operator-manual/applicationset/Generators-List.md index 7cee47ae60f0e..12ba0b820fb61 100644 --- a/docs/operator-manual/applicationset/Generators-List.md +++ b/docs/operator-manual/applicationset/Generators-List.md @@ -64,7 +64,6 @@ metadata: namespace: argocd spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - matrix: generators: @@ -113,4 +112,4 @@ key: releaseName: component2 repoUrl: "ghcr.io/stefanprodan/charts" namespace: component2 -``` +``` \ No newline at end of file diff --git a/docs/operator-manual/applicationset/Generators-Matrix.md b/docs/operator-manual/applicationset/Generators-Matrix.md index d918a1ff205a8..c0316d61c333c 100644 --- a/docs/operator-manual/applicationset/Generators-Matrix.md +++ b/docs/operator-manual/applicationset/Generators-Matrix.md @@ -332,14 +332,3 @@ For example, the below example would be invalid (cluster-generator must come aft revision: HEAD files: - path: "examples/git-generator-files-discovery/cluster-config/engineering/{{name}}**/config.json" # {{name}} is produced by cluster generator - -1. When using a Matrix generator nested inside another Matrix or Merge generator, [Post Selectors](../../user-guide/application-set.md#post-selector-all-generators) for this nested generator's generators will only be applied when enabled via `spec.applyNestedSelectors`. - - - matrix: - generators: - - matrix: - generators: - - list - elements: - - # (...) - selector: { } # Only applied when applyNestedSelectors is true diff --git a/docs/operator-manual/applicationset/Generators-Merge.md b/docs/operator-manual/applicationset/Generators-Merge.md index b074acac0f082..eb32343accbf4 100644 --- a/docs/operator-manual/applicationset/Generators-Merge.md +++ b/docs/operator-manual/applicationset/Generators-Merge.md @@ -111,70 +111,6 @@ When merged with the updated base parameters, the `values.redis` value for the p values.redis: 'true' ``` -## Example: Use value interpolation in merge - -Some generators support additional values and interpolating from generated variables to selected values. This can be used to teach the merge generator which generated variables to use to combine different generators. - -The following example combines discovered clusters and a git repository by cluster labels and the branch name: -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: cluster-git -spec: - generators: - # merge 'parent' generator: - # Use the selector set by both child generators to combine them. - - merge: - mergeKeys: - # Note that this would not work with goTemplate enabled, - # nested merge keys are not supported there. - - values.selector - generators: - # Assuming, all configured clusters have a label for their location: - # Set the selector to this location. - - clusters: - values: - selector: '{{ metadata.labels.location }}' - # The git repo may have different directories which correspond to the - # cluster locations, using these as a selector. - - git: - repoURL: https://github.com/argoproj/argocd-example-apps/ - revision: HEAD - directories: - - path: '*' - values: - selector: '{{ path }}' - template: - metadata: - name: '{{name}}' - spec: - project: '{{metadata.labels.environment}}' - source: - repoURL: https://github.com/argoproj/argocd-example-apps/ - # The cluster values field for each generator will be substituted here: - targetRevision: HEAD - path: '{{path}}' - destination: - server: '{{server}}' - namespace: default -``` - -Assuming a cluster named `germany01` with the label `metadata.labels.location=Germany` and a git repository containing a directory called `Germany`, this could combine to values as follows: - -```yaml - # From the cluster generator -- name: germany01 - server: https://1.2.3.4 - # From the git generator - path: Germany - # Combining selector with the merge generator - values.selector: 'Germany' - # More values from cluster & git generator - # […] -``` - - ## Restrictions 1. You should specify only a single generator per array entry. This is not valid: @@ -206,23 +142,3 @@ Assuming a cluster named `germany01` with the label `metadata.labels.location=Ge - list: elements: - # (...) - -1. Merging on nested values while using `goTemplate: true` is currently not supported, this will not work - - spec: - goTemplate: true - generators: - - merge: - mergeKeys: - - values.merge - -1. When using a Merge generator nested inside another Matrix or Merge generator, [Post Selectors](../../user-guide/application-set.md#post-selector-all-generators) for this nested generator's generators will only be applied when enabled via `spec.applyNestedSelectors`. - - - merge: - generators: - - merge: - generators: - - list - elements: - - # (...) - selector: { } # Only applied when applyNestedSelectors is true diff --git a/docs/operator-manual/applicationset/Generators-Plugin.md b/docs/operator-manual/applicationset/Generators-Plugin.md deleted file mode 100644 index 3747c38865df5..0000000000000 --- a/docs/operator-manual/applicationset/Generators-Plugin.md +++ /dev/null @@ -1,341 +0,0 @@ -# Plugin Generator - -Plugins allow you to provide your own generator. - -- You can write in any language -- Simple: a plugin just responds to RPC HTTP requests. -- You can use it in a sidecar, or standalone deployment. -- You can get your plugin running today, no need to wait 3-5 months for review, approval, merge and an Argo software - release. -- You can combine it with Matrix or Merge. - -To start working on your own plugin, you can generate a new repository based on the example -[applicationset-hello-plugin](https://github.com/argoproj-labs/applicationset-hello-plugin). - -## Simple example - -Using a generator plugin without combining it with Matrix or Merge. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: myplugin -spec: - generators: - - plugin: - # Specify the configMap where the plugin configuration is located. - configMapRef: - name: my-plugin - # You can pass arbitrary parameters to the plugin. `input.parameters` is a map, but values may be any type. - # These parameters will also be available on the generator's output under the `generator.input.parameters` key. - input: - parameters: - key1: "value1" - key2: "value2" - list: ["list", "of", "values"] - boolean: true - map: - key1: "value1" - key2: "value2" - key3: "value3" - - # You can also attach arbitrary values to the generator's output under the `values` key. These values will be - # available in templates under the `values` key. - values: - value1: something - - # When using a Plugin generator, the ApplicationSet controller polls every `requeueAfterSeconds` interval (defaulting to every 30 minutes) to detect changes. - requeueAfterSeconds: 30 - template: - metadata: - name: myplugin - annotations: - example.from.input.parameters: "{{ generator.input.parameters.map.key1 }}" - example.from.values: "{{ values.value1 }}" - # The plugin determines what else it produces. - example.from.plugin.output: "{{ something.from.the.plugin }}" -``` - -- `configMapRef.name`: A `ConfigMap` name containing the plugin configuration to use for RPC call. -- `input.parameters`: Input parameters included in the RPC call to the plugin. (Optional) - -!!! note - The concept of the plugin should not undermine the spirit of GitOps by externalizing data outside of Git. The goal is to be complementary in specific contexts. - For example, when using one of the PullRequest generators, it's impossible to retrieve parameters related to the CI (only the commit hash is available), which limits the possibilities. By using a plugin, it's possible to retrieve the necessary parameters from a separate data source and use them to extend the functionality of the generator. - -### Add a ConfigMap to configure the access of the plugin - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: my-plugin - namespace: argocd -data: - token: "$plugin.myplugin.token" # Alternatively $:plugin.myplugin.token - baseUrl: "http://myplugin.plugin-ns.svc.cluster.local." -``` - -- `token`: Pre-shared token used to authenticate HTTP request (points to the right key you created in the `argocd-secret` Secret) -- `baseUrl`: BaseUrl of the k8s service exposing your plugin in the cluster. - -### Store credentials - -```yaml -apiVersion: v1 -kind: Secret -metadata: - name: argocd-secret - namespace: argocd - labels: - app.kubernetes.io/name: argocd-secret - app.kubernetes.io/part-of: argocd -type: Opaque -data: - # ... - # The secret value must be base64 encoded **once**. - # this value corresponds to: `printf "strong-password" | base64`. - plugin.myplugin.token: "c3Ryb25nLXBhc3N3b3Jk" - # ... -``` - -#### Alternative - -If you want to store sensitive data in **another** Kubernetes `Secret`, instead of `argocd-secret`, ArgoCD knows how to check the keys under `data` in your Kubernetes `Secret` for a corresponding key whenever a value in a configmap starts with `$`, then your Kubernetes `Secret` name and `:` (colon) followed by the key name. - -Syntax: `$:` - -> NOTE: Secret must have label `app.kubernetes.io/part-of: argocd` - -##### Example - -`another-secret`: - -```yaml -apiVersion: v1 -kind: Secret -metadata: - name: another-secret - namespace: argocd - labels: - app.kubernetes.io/part-of: argocd -type: Opaque -data: - # ... - # Store client secret like below. - # The secret value must be base64 encoded **once**. - # This value corresponds to: `printf "strong-password" | base64`. - plugin.myplugin.token: "c3Ryb25nLXBhc3N3b3Jk" -``` - -### HTTP server - -#### A Simple Python Plugin - -You can deploy it either as a sidecar or as a standalone deployment (the latter is recommended). - -In the example, the token is stored in a file at this location : `/var/run/argo/token` - -``` -strong-password -``` - -```python -import json -from http.server import BaseHTTPRequestHandler, HTTPServer - -with open("/var/run/argo/token") as f: - plugin_token = f.read().strip() - - -class Plugin(BaseHTTPRequestHandler): - - def args(self): - return json.loads(self.rfile.read(int(self.headers.get('Content-Length')))) - - def reply(self, reply): - self.send_response(200) - self.end_headers() - self.wfile.write(json.dumps(reply).encode("UTF-8")) - - def forbidden(self): - self.send_response(403) - self.end_headers() - - def unsupported(self): - self.send_response(404) - self.end_headers() - - def do_POST(self): - if self.headers.get("Authorization") != "Bearer " + plugin_token: - self.forbidden() - - if self.path == '/api/v1/getparams.execute': - args = self.args() - self.reply({ - "output": { - "parameters": [ - { - "key1": "val1", - "key2": "val2" - }, - { - "key1": "val2", - "key2": "val2" - } - ] - } - }) - else: - self.unsupported() - - -if __name__ == '__main__': - httpd = HTTPServer(('', 4355), Plugin) - httpd.serve_forever() -``` - -Execute getparams with curl : - -``` -curl http://localhost:4355/api/v1/getparams.execute -H "Authorization: Bearer strong-password" -d \ -'{ - "applicationSetName": "fake-appset", - "input": { - "parameters": { - "param1": "value1" - } - } -}' -``` - -Some things to note here: - -- You only need to implement the calls `/api/v1/getparams.execute` -- You should check that the `Authorization` header contains the same bearer value as `/var/run/argo/token`. Return 403 if not -- The input parameters are included in the request body and can be accessed using the `input.parameters` variable. -- The output must always be a list of object maps nested under the `output.parameters` key in a map. -- `generator.input.parameters` and `values` are reserved keys. If present in the plugin output, these keys will be overwritten by the - contents of the `input.parameters` and `values` keys in the ApplicationSet's plugin generator spec. - -## With matrix and pull request example - -In the following example, the plugin implementation is returning a set of image digests for the given branch. The returned list contains only one item corresponding to the latest built image for the branch. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: fb-matrix -spec: - goTemplate: true - generators: - - matrix: - generators: - - pullRequest: - github: ... - requeueAfterSeconds: 30 - - plugin: - configMapRef: - name: cm-plugin - input: - parameters: - branch: "{{.branch}}" # provided by generator pull request - values: - branchLink: "https://git.example.com/org/repo/tree/{{.branch}}" - template: - metadata: - name: "fb-matrix-{{.branch}}" - spec: - source: - repoURL: "https://github.com/myorg/myrepo.git" - targetRevision: "HEAD" - path: charts/my-chart - helm: - releaseName: fb-matrix-{{.branch}} - valueFiles: - - values.yaml - values: | - front: - image: myregistry:{{.branch}}@{{ .digestFront }} # digestFront is generated by the plugin - back: - image: myregistry:{{.branch}}@{{ .digestBack }} # digestBack is generated by the plugin - project: default - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true - destination: - server: https://kubernetes.default.svc - namespace: "{{.branch}}" - info: - - name: Link to the Application's branch - value: "{{values.branchLink}}" -``` - -To illustrate : - -- The generator pullRequest would return, for example, 2 branches: `feature-branch-1` and `feature-branch-2`. - -- The generator plugin would then perform 2 requests as follows : - -```shell -curl http://localhost:4355/api/v1/getparams.execute -H "Authorization: Bearer strong-password" -d \ -'{ - "applicationSetName": "fb-matrix", - "input": { - "parameters": { - "branch": "feature-branch-1" - } - } -}' -``` - -Then, - -```shell -curl http://localhost:4355/api/v1/getparams.execute -H "Authorization: Bearer strong-password" -d \ -'{ - "applicationSetName": "fb-matrix", - "input": { - "parameters": { - "branch": "feature-branch-2" - } - } -}' -``` - -For each call, it would return a unique result such as : - -```json -{ - "output": { - "parameters": [ - { - "digestFront": "sha256:a3f18c17771cc1051b790b453a0217b585723b37f14b413ad7c5b12d4534d411", - "digestBack": "sha256:4411417d614d5b1b479933b7420079671facd434fd42db196dc1f4cc55ba13ce" - } - ] - } -} -``` - -Then, - -```json -{ - "output": { - "parameters": [ - { - "digestFront": "sha256:7c20b927946805124f67a0cb8848a8fb1344d16b4d0425d63aaa3f2427c20497", - "digestBack": "sha256:e55e7e40700bbab9e542aba56c593cb87d680cefdfba3dd2ab9cfcb27ec384c2" - } - ] - } -} -``` - -In this example, by combining the two, you ensure that one or more pull requests are available and that the generated tag has been properly generated. This wouldn't have been possible with just a commit hash because a hash alone does not certify the success of the build. diff --git a/docs/operator-manual/applicationset/Generators-Post-Selector.md b/docs/operator-manual/applicationset/Generators-Post-Selector.md index d8570859084ff..20f367ada7a1f 100644 --- a/docs/operator-manual/applicationset/Generators-Post-Selector.md +++ b/docs/operator-manual/applicationset/Generators-Post-Selector.md @@ -36,24 +36,8 @@ spec: ``` The List generator + Post Selector generates a single set of parameters: - ```yaml - cluster: engineering-dev url: https://kubernetes.default.svc env: staging -``` - -It is also possible to use `matchExpressions` for more powerful selectors. - -```yaml -spec: - generators: - - clusters: {} - selector: - matchExpressions: - - key: server - operator: In - values: - - https://kubernetes.default.svc - - https://some-other-cluster -``` +``` \ No newline at end of file diff --git a/docs/operator-manual/applicationset/Generators-Pull-Request.md b/docs/operator-manual/applicationset/Generators-Pull-Request.md index 693b43ac96415..d90eb2d0f4695 100644 --- a/docs/operator-manual/applicationset/Generators-Pull-Request.md +++ b/docs/operator-manual/applicationset/Generators-Pull-Request.md @@ -91,8 +91,6 @@ spec: - preview # MR state is used to filter MRs only with a certain state. (optional) pullRequestState: opened - # If true, skips validating the SCM provider's TLS certificate - useful for self-signed certificates. - insecure: false requeueAfterSeconds: 1800 template: # ... @@ -103,9 +101,6 @@ spec: * `tokenRef`: A `Secret` name and key containing the GitLab access token to use for requests. If not specified, will make anonymous requests which have a lower rate limit and can only see public repositories. (Optional) * `labels`: Labels is used to filter the MRs that you want to target. (Optional) * `pullRequestState`: PullRequestState is an additional MRs filter to get only those with a certain state. Default: "" (all states) -* `insecure`: By default (false) - Skip checking the validity of the SCM's certificate - useful for self-signed TLS certificates. - -As a preferable alternative to setting `insecure` to true, you can configure self-signed TLS certificates for Gitlab by [mounting self-signed certificate to the applicationset controller](./Add-self-signed-TLS-Certs.md). ## Gitea @@ -185,102 +180,6 @@ If you want to access a private repository, you must also provide the credential * `username`: The username to authenticate with. It only needs read access to the relevant repo. * `passwordRef`: A `Secret` name and key containing the password or personal access token to use for requests. -## Bitbucket Cloud - -Fetch pull requests from a repo hosted on a Bitbucket Cloud. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: myapps -spec: - generators: - - pullRequest: - bitbucket: - # Workspace name where the repoistory is stored under. Required. - owner: myproject - # Repository slug. Required. - repo: myrepository - # URL of the Bitbucket Server. (optional) Will default to 'https://api.bitbucket.org/2.0'. - api: https://api.bitbucket.org/2.0 - # Credentials for Basic authentication (App Password). Either basicAuth or bearerToken - # authentication is required to access private repositories - basicAuth: - # The username to authenticate with - username: myuser - # Reference to a Secret containing the password or personal access token. - passwordRef: - secretName: mypassword - key: password - # Credentials for Bearer Token (App Token) authentication. Either basicAuth or bearerToken - # authentication is required to access private repositories - bearerToken: - tokenRef: - secretName: repotoken - key: token - # Labels are not supported by Bitbucket Cloud, so filtering by label is not possible. - # Filter PRs using the source branch name. (optional) - filters: - - branchMatch: ".*-argocd" - template: - # ... -``` - -- `owner`: Required name of the Bitbucket workspace -- `repo`: Required name of the Bitbucket repository. -- `api`: Optional URL to access the Bitbucket REST API. For the example above, an API request would be made to `https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/pullrequests`. If not set, defaults to `https://api.bitbucket.org/2.0` -- `branchMatch`: Optional regexp filter which should match the source branch name. This is an alternative to labels which are not supported by Bitbucket server. - -If you want to access a private repository, Argo CD will need credentials to access repository in Bitbucket Cloud. You can use Bitbucket App Password (generated per user, with access to whole workspace), or Bitbucket App Token (generated per repository, with access limited to repository scope only). If both App Password and App Token are defined, App Token will be used. - -To use Bitbucket App Password, use `basicAuth` section. -- `username`: The username to authenticate with. It only needs read access to the relevant repo. -- `passwordRef`: A `Secret` name and key containing the password or personal access token to use for requests. - -In case of Bitbucket App Token, go with `bearerToken` section. -- `tokenRef`: A `Secret` name and key containing the app token to use for requests. - -## Azure DevOps - -Specify the organization, project and repository from which you want to fetch pull requests. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: myapps -spec: - generators: - - pullRequest: - azuredevops: - # Azure DevOps org to scan. Required. - organization: myorg - # Azure DevOps project name to scan. Required. - project: myproject - # Azure DevOps repo name to scan. Required. - repo: myrepository - # The Azure DevOps API URL to talk to. If blank, use https://dev.azure.com/. - api: https://dev.azure.com/ - # Reference to a Secret containing an access token. (optional) - tokenRef: - secretName: azure-devops-token - key: token - # Labels is used to filter the PRs that you want to target. (optional) - labels: - - preview - requeueAfterSeconds: 1800 - template: - # ... -``` - -* `organization`: Required name of the Azure DevOps organization. -* `project`: Required name of the Azure DevOps project. -* `repo`: Required name of the Azure DevOps repository. -* `api`: If using self-hosted Azure DevOps Repos, the URL to access it. (Optional) -* `tokenRef`: A `Secret` name and key containing the Azure DevOps access token to use for requests. If not specified, will make anonymous requests which have a lower rate limit and can only see public repositories. (Optional) -* `labels`: Filter the PRs to those containing **all** of the labels listed. (Optional) - ## Filters Filters allow selecting which pull requests to generate for. Each filter can declare one or more conditions, all of which must pass. If multiple filters are present, any can match for a repository to be included. If no filters are specified, all pull requests will be processed. @@ -303,7 +202,6 @@ spec: ``` * `branchMatch`: A regexp matched against source branch names. -* `targetBranchMatch`: A regexp matched against target branch names. [GitHub](#github) and [GitLab](#gitlab) also support a `labels` filter. @@ -374,11 +272,8 @@ spec: * `number`: The ID number of the pull request. * `branch`: The name of the branch of the pull request head. * `branch_slug`: The branch name will be cleaned to be conform to the DNS label standard as defined in [RFC 1123](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names), and truncated to 50 characters to give room to append/suffix-ing it with 13 more characters. -* `target_branch`: The name of the target branch of the pull request. -* `target_branch_slug`: The target branch name will be cleaned to be conform to the DNS label standard as defined in [RFC 1123](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names), and truncated to 50 characters to give room to append/suffix-ing it with 13 more characters. * `head_sha`: This is the SHA of the head of the pull request. * `head_short_sha`: This is the short SHA of the head of the pull request (8 characters long or the length of the head SHA if it's shorter). -* `head_short_sha_7`: This is the short SHA of the head of the pull request (7 characters long or the length of the head SHA if it's shorter). * `labels`: The array of pull request labels. (Supported only for Go Template ApplicationSet manifests.) ## Webhook Configuration diff --git a/docs/operator-manual/applicationset/Generators-SCM-Provider.md b/docs/operator-manual/applicationset/Generators-SCM-Provider.md index 3992289e02e4d..e8f8cfe5abbcc 100644 --- a/docs/operator-manual/applicationset/Generators-SCM-Provider.md +++ b/docs/operator-manual/applicationset/Generators-SCM-Provider.md @@ -87,17 +87,10 @@ spec: allBranches: true # If true, recurses through subgroups. If false, it searches only in the base group. Defaults to false. includeSubgroups: true - # If true and includeSubgroups is also true, include Shared Projects, which is gitlab API default. - # If false only search Projects under the same path. Defaults to true. - includeSharedProjects: false - # filter projects by topic. A single topic is supported by Gitlab API. Defaults to "" (all topics). - topic: "my-topic" # Reference to a Secret containing an access token. (optional) tokenRef: secretName: gitlab-token key: token - # If true, skips validating the SCM provider's TLS certificate - useful for self-signed certificates. - insecure: false template: # ... ``` @@ -106,12 +99,7 @@ spec: * `api`: If using self-hosted GitLab, the URL to access it. * `allBranches`: By default (false) the template will only be evaluated for the default branch of each repo. If this is true, every branch of every repository will be passed to the filters. If using this flag, you likely want to use a `branchMatch` filter. * `includeSubgroups`: By default (false) the controller will only search for repos directly in the base group. If this is true, it will recurse through all the subgroups searching for repos to scan. -* `includeSharedProjects`: If true and includeSubgroups is also true, include Shared Projects, which is gitlab API default. If false only search Projects under the same path. In general most would want the behaviour when set to false. Defaults to true. -* `topic`: filter projects by topic. A single topic is supported by Gitlab API. Defaults to "" (all topics). * `tokenRef`: A `Secret` name and key containing the GitLab access token to use for requests. If not specified, will make anonymous requests which have a lower rate limit and can only see public repositories. -* `insecure`: By default (false) - Skip checking the validity of the SCM's certificate - useful for self-signed TLS certificates. - -As a preferable alternative to setting `insecure` to true, you can configure self-signed TLS certificates for Gitlab by [mounting self-signed certificate to the applicationset controller](./Add-self-signed-TLS-Certs.md). For label filtering, the repository tags are used. @@ -267,87 +255,6 @@ This SCM provider does not yet support label filtering Available clone protocols are `ssh` and `https`. -## AWS CodeCommit (Alpha) - -Uses AWS ResourceGroupsTagging and AWS CodeCommit APIs to scan repos across AWS accounts and regions. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: myapps -spec: - generators: - - scmProvider: - awsCodeCommit: - # AWS region to scan repos. - # default to the environmental region from ApplicationSet controller. - region: us-east-1 - # AWS role to assume to scan repos. - # default to the environmental role from ApplicationSet controller. - role: arn:aws:iam::111111111111:role/argocd-application-set-discovery - # If true, scan every branch of every repository. If false, scan only the main branch. Defaults to false. - allBranches: true - # AWS resource tags to filter repos with. - # see https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetResources.html#resourcegrouptagging-GetResources-request-TagFilters for details - # default to no tagFilters, to include all repos in the region. - tagFilters: - - key: organization - value: platform-engineering - - key: argo-ready - template: - # ... -``` - -* `region`: (Optional) AWS region to scan repos. By default, use ApplicationSet controller's current region. -* `role`: (Optional) AWS role to assume to scan repos. By default, use ApplicationSet controller's current role. -* `allBranches`: (Optional) If `true`, scans every branch of eligible repositories. If `false`, check only the default branch of the eligible repositories. Default `false`. -* `tagFilters`: (Optional) A list of tagFilters to filter AWS CodeCommit repos with. See [AWS ResourceGroupsTagging API](https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_GetResources.html#resourcegrouptagging-GetResources-request-TagFilters) for details. By default, no filter is included. - -This SCM provider does not support the following features - -* label filtering -* `sha`, `short_sha` and `short_sha_7` template parameters - -Available clone protocols are `ssh`, `https` and `https-fips`. - -### AWS IAM Permission Considerations - -In order to call AWS APIs to discover AWS CodeCommit repos, ApplicationSet controller must be configured with valid environmental AWS config, like current AWS region and AWS credentials. -AWS config can be provided via all standard options, like Instance Metadata Service (IMDS), config file, environment variables, or IAM roles for service accounts (IRSA). - -Depending on whether `role` is provided in `awsCodeCommit` property, AWS IAM permission requirement is different. - -#### Discover AWS CodeCommit Repositories in the same AWS Account as ApplicationSet Controller - -Without specifying `role`, ApplicationSet controller will use its own AWS identity to scan AWS CodeCommit repos. -This is suitable when you have a simple setup that all AWS CodeCommit repos reside in the same AWS account as your Argo CD. - -As the ApplicationSet controller AWS identity is used directly for repo discovery, it must be granted below AWS permissions. - -* `tag:GetResources` -* `codecommit:ListRepositories` -* `codecommit:GetRepository` -* `codecommit:GetFolder` -* `codecommit:ListBranches` - -#### Discover AWS CodeCommit Repositories across AWS Accounts and Regions - -By specifying `role`, ApplicationSet controller will first assume the `role`, and use it for repo discovery. -This enables more complicated use cases to discover repos from different AWS accounts and regions. - -The ApplicationSet controller AWS identity should be granted permission to assume target AWS roles. - -* `sts:AssumeRole` - -All AWS roles must have repo discovery related permissions. - -* `tag:GetResources` -* `codecommit:ListRepositories` -* `codecommit:GetRepository` -* `codecommit:GetFolder` -* `codecommit:ListBranches` - ## Filters Filters allow selecting which repositories to generate for. Each filter can declare one or more conditions, all of which must pass. If multiple filters are present, any can match for a repository to be included. If no filters are specified, all repositories will be processed. @@ -412,50 +319,5 @@ spec: * `branch`: The default branch of the repository. * `sha`: The Git commit SHA for the branch. * `short_sha`: The abbreviated Git commit SHA for the branch (8 chars or the length of the `sha` if it's shorter). -* `short_sha_7`: The abbreviated Git commit SHA for the branch (7 chars or the length of the `sha` if it's shorter). * `labels`: A comma-separated list of repository labels. * `branchNormalized`: The value of `branch` normalized to contain only lowercase alphanumeric characters, '-' or '.'. - -## Pass additional key-value pairs via `values` field - -You may pass additional, arbitrary string key-value pairs via the `values` field of any SCM generator. Values added via the `values` field are added as `values.(field)`. - -In this example, a `name` parameter value is passed. It is interpolated from `organization` and `repository` to generate a different template name. -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: myapps -spec: - generators: - - scmProvider: - bitbucketServer: - project: myproject - api: https://mycompany.bitbucket.org - allBranches: true - basicAuth: - username: myuser - passwordRef: - secretName: mypassword - key: password - values: - name: "{{organization}}-{{repository}}" - - template: - metadata: - name: '{{ values.name }}' - spec: - source: - repoURL: '{{ url }}' - targetRevision: '{{ branch }}' - path: kubernetes/ - project: default - destination: - server: https://kubernetes.default.svc - namespace: default -``` - -!!! note - The `values.` prefix is always prepended to values provided via `generators.scmProvider.values` field. Ensure you include this prefix in the parameter name within the `template` when using it. - -In `values` we can also interpolate all fields set by the SCM generator as mentioned above. diff --git a/docs/operator-manual/applicationset/Generators.md b/docs/operator-manual/applicationset/Generators.md index 78600c771fddd..654662f88daf0 100644 --- a/docs/operator-manual/applicationset/Generators.md +++ b/docs/operator-manual/applicationset/Generators.md @@ -4,7 +4,7 @@ Generators are responsible for generating *parameters*, which are then rendered Generators are primarily based on the data source that they use to generate the template parameters. For example: the List generator provides a set of parameters from a *literal list*, the Cluster generator uses the *Argo CD cluster list* as a source, the Git generator uses files/directories from a *Git repository*, and so. -As of this writing there are nine generators: +As of this writing there are eight generators: - [List generator](Generators-List.md): The List generator allows you to target Argo CD Applications to clusters based on a fixed list of any chosen key/value element pairs. - [Cluster generator](Generators-Cluster.md): The Cluster generator allows you to target Argo CD Applications to clusters, based on the list of clusters defined within (and managed by) Argo CD (which includes automatically responding to cluster addition/removal events from Argo CD). @@ -14,7 +14,6 @@ As of this writing there are nine generators: - [SCM Provider generator](Generators-SCM-Provider.md): The SCM Provider generator uses the API of an SCM provider (eg GitHub) to automatically discover repositories within an organization. - [Pull Request generator](Generators-Pull-Request.md): The Pull Request generator uses the API of an SCMaaS provider (eg GitHub) to automatically discover open pull requests within an repository. - [Cluster Decision Resource generator](Generators-Cluster-Decision-Resource.md): The Cluster Decision Resource generator is used to interface with Kubernetes custom resources that use custom resource-specific logic to decide which set of Argo CD clusters to deploy to. -- [Plugin generator](Generators-Plugin.md): The Plugin generator make RPC HTTP request to provide parameters. All generators can be filtered by using the [Post Selector](Generators-Post-Selector.md) diff --git a/docs/operator-manual/applicationset/GoTemplate.md b/docs/operator-manual/applicationset/GoTemplate.md index e8700ea8d31d2..ee14c5214ab08 100644 --- a/docs/operator-manual/applicationset/GoTemplate.md +++ b/docs/operator-manual/applicationset/GoTemplate.md @@ -12,14 +12,6 @@ An additional `normalize` function makes any string parameter usable as a valid with hyphens and truncating at 253 characters. This is useful when making parameters safe for things like Application names. -If you want to customize [options defined by text/template](https://pkg.go.dev/text/template#Template.Option), you can -add the `goTemplateOptions: ["opt1", "opt2", ...]` key to your ApplicationSet next to `goTemplate: true`. Note that at -the time of writing, there is only one useful option defined, which is `missingkey=error`. - -The recommended setting of `goTemplateOptions` is `["missingkey=error"]`, which ensures that if undefined values are -looked up by your template then an error is reported instead of being ignored silently. This is not currently the default -behavior, for backwards compatibility. - ## Motivation Go Template is the Go Standard for string templating. It is also more powerful than fasttemplate (the default templating @@ -37,7 +29,6 @@ possible with Go text templates: kind: ApplicationSet spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] template: spec: source: @@ -51,7 +42,6 @@ possible with Go text templates: kind: ApplicationSet spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] template: spec: syncPolicy: "{{.syncPolicy}}" # This field may NOT be templated, because it is an object field. @@ -63,7 +53,6 @@ possible with Go text templates: kind: ApplicationSet spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] template: spec: source: @@ -141,7 +130,6 @@ metadata: name: cluster-addons spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - git: repoURL: https://github.com/argoproj/argo-cd.git @@ -186,7 +174,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - list: elements: @@ -222,7 +209,6 @@ metadata: name: guestbook spec: goTemplate: true - goTemplateOptions: ["missingkey=error"] generators: - list: elements: @@ -233,7 +219,7 @@ spec: nameSuffix: -my-name-suffix template: metadata: - name: '{{.cluster}}{{dig "nameSuffix" . ""}}' + name: '{{.cluster}}{{default "" .nameSuffix}}' spec: project: default source: @@ -247,7 +233,3 @@ spec: This ApplicationSet will produce an Application called `engineering-dev` and another called `engineering-prod-my-name-suffix`. - -Note that unset parameters are an error, so you need to avoid looking up a property that doesn't exist. Instead, use -template functions like `dig` to do the lookup with a default. If you prefer to have unset parameters default to zero, -you can remove `goTemplateOptions: ["missingkey=error"]` or set it to `goTemplateOptions: ["missingkey=invalid"]` diff --git a/docs/operator-manual/applicationset/Progressive-Syncs.md b/docs/operator-manual/applicationset/Progressive-Syncs.md index 8864151e9dcb7..e4d65d86a69fc 100644 --- a/docs/operator-manual/applicationset/Progressive-Syncs.md +++ b/docs/operator-manual/applicationset/Progressive-Syncs.md @@ -94,7 +94,6 @@ spec: - env-prod maxUpdate: 10% # maxUpdate supports both integer and percentage string values (rounds down, but floored at 1 Application for >0%) goTemplate: true - goTemplateOptions: ["missingkey=error"] template: metadata: name: '{{.cluster}}-guestbook' diff --git a/docs/operator-manual/applicationset/applicationset-specification.md b/docs/operator-manual/applicationset/applicationset-specification.md deleted file mode 100644 index 8899057bf7ff6..0000000000000 --- a/docs/operator-manual/applicationset/applicationset-specification.md +++ /dev/null @@ -1,7 +0,0 @@ -# ApplicationSet Specification - -The following describes all the available fields of an ApplicationSet: - -```yaml -{!docs/operator-manual/applicationset.yaml!} -``` diff --git a/docs/operator-manual/argocd-cm-yaml.md b/docs/operator-manual/argocd-cm-yaml.md deleted file mode 100644 index 666e78d03fc1b..0000000000000 --- a/docs/operator-manual/argocd-cm-yaml.md +++ /dev/null @@ -1,7 +0,0 @@ -# argocd-cm.yaml example - -An example of an argocd-cm.yaml file: - -```yaml -{!docs/operator-manual/argocd-cm.yaml!} -``` diff --git a/docs/operator-manual/argocd-cm.yaml b/docs/operator-manual/argocd-cm.yaml index 748471498798a..549c01ff58774 100644 --- a/docs/operator-manual/argocd-cm.yaml +++ b/docs/operator-manual/argocd-cm.yaml @@ -85,7 +85,6 @@ data: # Configuration to customize resource behavior (optional) can be configured via splitted sub keys. # Keys are in the form: resource.customizations.ignoreDifferences., resource.customizations.health. # resource.customizations.actions., resource.customizations.knownTypeFields. - # resource.customizations.ignoreResourceUpdates. resource.customizations.ignoreDifferences.admissionregistration.k8s.io_MutatingWebhookConfiguration: | jsonPointers: - /webhooks/0/clientConfig/caBundle @@ -102,33 +101,6 @@ data: jsonPointers: - /spec/replicas - # Enable resource.customizations.ignoreResourceUpdates rules. If "false," those rules are not applied, and all updates - # to resources are applied to the cluster cache. Default is false. - resource.ignoreResourceUpdatesEnabled: "false" - - # Configuration to define customizations ignoring differences during watched resource updates to skip application reconciles. - resource.customizations.ignoreResourceUpdates.all: | - jsonPointers: - - /metadata/resourceVersion - - # Configuration to define customizations ignoring differences during watched resource updates can be configured via splitted sub key. - resource.customizations.ignoreResourceUpdates.argoproj.io_Application: | - jsonPointers: - - /status - - # jsonPointers and jqPathExpressions can be specified. - resource.customizations.ignoreResourceUpdates.autoscaling_HorizontalPodAutoscaler: | - jqPathExpressions: - - '.metadata.annotations."autoscaling.alpha.kubernetes.io/behavior"' - - '.metadata.annotations."autoscaling.alpha.kubernetes.io/conditions"' - - '.metadata.annotations."autoscaling.alpha.kubernetes.io/metrics"' - - '.metadata.annotations."autoscaling.alpha.kubernetes.io/current-metrics"' - jsonPointers: - - /metadata/annotations/autoscaling.alpha.kubernetes.io~1behavior - - /metadata/annotations/autoscaling.alpha.kubernetes.io~1conditions - - /metadata/annotations/autoscaling.alpha.kubernetes.io~1metrics - - /metadata/annotations/autoscaling.alpha.kubernetes.io~1current-metrics - resource.customizations.health.certmanager.k8s.io-Certificate: | hs = {} if obj.status ~= nil then diff --git a/docs/operator-manual/argocd-cmd-params-cm-yaml.md b/docs/operator-manual/argocd-cmd-params-cm-yaml.md deleted file mode 100644 index 1cdba010fcfc6..0000000000000 --- a/docs/operator-manual/argocd-cmd-params-cm-yaml.md +++ /dev/null @@ -1,7 +0,0 @@ -# argocd-cmd-params-cm.yaml example - -An example of an argocd-cmd-params-cm.yaml file: - -```yaml -{!docs/operator-manual/argocd-cmd-params-cm.yaml!} -``` diff --git a/docs/operator-manual/argocd-cmd-params-cm.yaml b/docs/operator-manual/argocd-cmd-params-cm.yaml index d4a754f0e44b9..c2e348202ca79 100644 --- a/docs/operator-manual/argocd-cmd-params-cm.yaml +++ b/docs/operator-manual/argocd-cmd-params-cm.yaml @@ -9,10 +9,13 @@ data: # Repo server address. (default "argocd-repo-server:8081") repo.server: "argocd-repo-server:8081" + # Dex server address (default "http://argocd-dex-server:5556") + dex.server: "http://argocd-dex-server:5556" + # Redis server hostname and port (e.g. argocd-redis:6379) redis.server: "argocd-redis:6379" - # Enable compression for data sent to Redis with the required compression algorithm. (default 'gzip') - redis.compression: gzip + # Enable compression for data sent to Redis with the required compression algorithm. (default 'none') + redis.compression: none # Redis database redis.db: @@ -54,16 +57,10 @@ data: controller.resource.health.persist: "true" # Cache expiration default (default 24h0m0s) controller.default.cache.expiration: "24h0m0s" - # Sharding algorithm used to balance clusters accross application controller shards (default "legacy") - controller.sharding.algorithm: legacy # Number of allowed concurrent kubectl fork/execs. Any value less than 1 means no limit. controller.kubectl.parallelism.limit: "20" ## Server properties - # Listen on given address for incoming connections (default "0.0.0.0") - server.listen.address: "0.0.0.0" - # Listen on given address for metrics (default "0.0.0.0") - server.metrics.listen.address: "0.0.0.0" # Run server without TLS server.insecure: "false" # Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / (default "/") @@ -83,16 +80,14 @@ data: server.repo.server.plaintext: "false" # Perform strict validation of TLS certificates when connecting to repo server server.repo.server.strict.tls: "false" - # Dex server address (default "http://argocd-dex-server:5556") - server.dex.server: "http://argocd-dex-server:5556" # Use a plaintext client (non-TLS) to connect to dex server server.dex.server.plaintext: "false" # Perform strict validation of TLS certificates when connecting to dex server server.dex.server.strict.tls: "false" # Disable client authentication server.disable.auth: "false" - # Toggle GZIP compression - server.enable.gzip: "true" + # Enable GZIP compression + server.enable.gzip: "false" # Set X-Frame-Options header in HTTP responses to value. To disable, set to "". (default "sameorigin") server.x.frame.options: "sameorigin" # The minimum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.2") @@ -115,10 +110,6 @@ data: server.enable.proxy.extension: "false" ## Repo-server properties - # Listen on given address for incoming connections (default "0.0.0.0") - reposerver.listen.address: "0.0.0.0" - # Listen on given address for metrics (default "0.0.0.0") - reposerver.metrics.listen.address: "0.0.0.0" # Set the logging format. One of: text|json (default "text") reposerver.log.format: "text" # Set the logging level. One of: debug|info|warn|error (default "info") @@ -161,6 +152,8 @@ data: ## ApplicationSet Controller Properties # Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager. applicationsetcontroller.enable.leader.election: "false" + # Argo CD repo namespace (default: argocd) + applicationsetcontroller.namespace: "" # "Modify how application is synced between the generator and the cluster. Default is 'sync' (create & update & delete), options: 'create-only', 'create-update' (no deletion), 'create-delete' (no update)" applicationsetcontroller.policy: "sync" # Print debug logs. Takes precedence over loglevel @@ -175,18 +168,3 @@ data: applicationsetcontroller.enable.git.submodule: "true" # Enables use of the Progressive Syncs capability applicationsetcontroller.enable.progressive.syncs: "false" - # A list of glob patterns specifying where to look for ApplicationSet resources. (default is only the ns where the controller is installed) - applicationsetcontroller.namespaces: "argocd,argocd-appsets-*" - # Path of the self-signed TLS certificate for SCM/PR Gitlab Generator - applicationsetcontroller.scm.root.ca.path: "" - # A comma separated list of allowed SCM providers (default "" is all SCM providers). - # Setting this field is required when using ApplicationSets-in-any-namespace, to prevent users from - # sending secrets from `tokenRef`s to disallowed `api` domains. - # The url used in the scm generator must exactly match one in the list - applicationsetcontroller.allowed.scm.providers: "https://git.example.com/,https://gitlab.example.com/" - - ## Argo CD Notifications Controller Properties - # Set the logging level. One of: debug|info|warn|error (default "info") - notificationscontroller.log.level: "info" - # Set the logging format. One of: text|json (default "text") - notificationscontroller.log.format: "text" diff --git a/docs/operator-manual/argocd-rbac-cm-yaml.md b/docs/operator-manual/argocd-rbac-cm-yaml.md deleted file mode 100644 index c0dbcde428543..0000000000000 --- a/docs/operator-manual/argocd-rbac-cm-yaml.md +++ /dev/null @@ -1,7 +0,0 @@ -# argocd-rbac-cm.yaml example - -An example of an argocd-rbac-cm.yaml file: - -```yaml -{!docs/operator-manual/argocd-rbac-cm.yaml!} -``` diff --git a/docs/operator-manual/argocd-rbac-cm.yaml b/docs/operator-manual/argocd-rbac-cm.yaml index b68d93ecc4f89..12ec17f8e9e14 100644 --- a/docs/operator-manual/argocd-rbac-cm.yaml +++ b/docs/operator-manual/argocd-rbac-cm.yaml @@ -19,15 +19,6 @@ data: # Grant all members of 'my-org:team-beta' admins g, my-org:team-beta, role:admin - # it is possible to provide additional entries in this configmap to compose the final policy csv. - # In this case the key must follow the pattern 'policy..csv'. Argo CD will concatenate - # all additional policies it finds with this pattern below the main one ('policy.csv'). This is useful - # to allow composing policies in config management tools like Kustomize, Helm, etc. - policy.overlay.csv: | - p, role:tester, applications, *, */*, allow - p, role:tester, projects, *, *, allow - g, my-org:team-qa, role:tester - # policy.default is the name of the default role which Argo CD will falls back to, when # authorizing API requests (optional). If omitted or empty, users may be still be able to login, # but will see no apps, projects, etc... diff --git a/docs/operator-manual/argocd-repo-creds-yaml.md b/docs/operator-manual/argocd-repo-creds-yaml.md deleted file mode 100644 index dca214068405c..0000000000000 --- a/docs/operator-manual/argocd-repo-creds-yaml.md +++ /dev/null @@ -1,7 +0,0 @@ -# argocd-repo-creds.yaml example - -An example of an argocd-repo-creds.yaml file: - -```yaml -{!docs/operator-manual/argocd-repo-creds.yaml!} -``` diff --git a/docs/operator-manual/argocd-repositories-yaml.md b/docs/operator-manual/argocd-repositories-yaml.md deleted file mode 100644 index c9c99357c391a..0000000000000 --- a/docs/operator-manual/argocd-repositories-yaml.md +++ /dev/null @@ -1,7 +0,0 @@ -# argocd-repositories.yaml example - -An example of an argocd-repositories.yaml file: - -```yaml -{!docs/operator-manual/argocd-repositories.yaml!} -``` diff --git a/docs/operator-manual/argocd-secret-yaml.md b/docs/operator-manual/argocd-secret-yaml.md deleted file mode 100644 index 33a88a8e96ee2..0000000000000 --- a/docs/operator-manual/argocd-secret-yaml.md +++ /dev/null @@ -1,7 +0,0 @@ -# argocd-secret.yaml example - -An example of an argocd-secret.yaml file: - -```yaml -{!docs/operator-manual/argocd-secret.yaml!} -``` diff --git a/docs/operator-manual/argocd-ssh-known-hosts-cm-yaml.md b/docs/operator-manual/argocd-ssh-known-hosts-cm-yaml.md deleted file mode 100644 index 4a5977f61e842..0000000000000 --- a/docs/operator-manual/argocd-ssh-known-hosts-cm-yaml.md +++ /dev/null @@ -1,7 +0,0 @@ -# argocd-ssh-known-hosts-cm.yaml example - -An example of an argocd-ssh-known-hosts-cm.yaml file: - -```yaml -{!docs/operator-manual/argocd-ssh-known-hosts-cm.yaml!} -``` diff --git a/docs/operator-manual/argocd-tls-certs-cm-yaml.md b/docs/operator-manual/argocd-tls-certs-cm-yaml.md deleted file mode 100644 index e18b54d6e117e..0000000000000 --- a/docs/operator-manual/argocd-tls-certs-cm-yaml.md +++ /dev/null @@ -1,7 +0,0 @@ -# argocd-tls-certs-cm.yaml example - -An example of an argocd-tls-certs-cm.yaml file: - -```yaml -{!docs/operator-manual/argocd-tls-certs-cm.yaml!} -``` diff --git a/docs/operator-manual/config-management-plugins.md b/docs/operator-manual/config-management-plugins.md index 3550dbd81f143..cf94c9012a73d 100644 --- a/docs/operator-manual/config-management-plugins.md +++ b/docs/operator-manual/config-management-plugins.md @@ -18,6 +18,18 @@ The following sections will describe how to create, install, and use plugins. Ch ## Installing a config management plugin +There are two ways to install a Config Management Plugin: + + * **Sidecar plugin** + + This is a good option for a more complex plugin that would clutter the Argo CD ConfigMap. A copy of the repository is + sent to the sidecar container as a tarball and processed individually per application. + + * **ConfigMap plugin** (**this method is deprecated and will be removed in a future + version**) + + The repo-server container will run your plugin's commands. + ### Sidecar plugin An operator can configure a plugin tool via a sidecar to repo-server. The following changes are required to configure a new plugin: @@ -204,11 +216,45 @@ volumes: 2. Make sure that sidecar container is running as user 999. 3. Make sure that plugin configuration file is present at `/home/argocd/cmp-server/config/plugin.yaml`. It can either be volume mapped via configmap or baked into image. +### ConfigMap plugin + +!!! warning "Deprecated" + ConfigMap plugins are deprecated and will no longer be supported in 2.7. + +The following changes are required to configure a new plugin: + +1. Make sure required binaries are available in `argocd-repo-server` pod. The binaries can be added via volume mounts or + using a custom image (see [custom_tools](../operator-manual/custom_tools.md) for examples of both). +2. Register a new plugin in `argocd-cm` ConfigMap: + + data: + configManagementPlugins: | + - name: pluginName + init: # Optional command to initialize application source directory + command: ["sample command"] + args: ["sample args"] + generate: # Command to generate manifests YAML + command: ["sample command"] + args: ["sample args"] + lockRepo: true # Defaults to false. See below. + + The `generate` command must print a valid YAML or JSON stream to stdout. Both `init` and `generate` commands are executed inside the application source directory or in `path` when specified for the app. + +3. [Create an Application which uses your new CMP](#using-a-cmp). + +More CMP examples are available in [argocd-example-apps](https://github.com/argoproj/argocd-example-apps/tree/master/plugins). + +!!!note "Repository locking" + If your plugin makes use of `git` (e.g. `git crypt`), it is advised to set + `lockRepo` to `true` so that your plugin will have exclusive access to the + repository at the time it is executed. Otherwise, two applications synced + at the same time may result in a race condition and sync failure. + ### Using environment variables in your plugin Plugin commands have access to -1. The system environment variables of the sidecar +1. The system environment variables (of the repo-server container for argocd-cm plugins or of the sidecar for sidecar plugins) 2. [Standard build environment variables](../user-guide/build-environment.md) 3. Variables in the Application spec (References to system and build variables will get interpolated in the variables' values): @@ -222,12 +268,19 @@ Plugin commands have access to value: bar - name: REV value: test-$ARGOCD_APP_REVISION + + !!! note + The `discover.find.command` command only has access to the above environment starting with v2.4. Before reaching the `init.command`, `generate.command`, and `discover.find.command` commands, Argo CD prefixes all user-supplied environment variables (#3 above) with `ARGOCD_ENV_`. This prevents users from directly setting potentially-sensitive environment variables. + + If your plugin was written before 2.4 and depends on user-supplied environment variables, then you will need to update + your plugin's behavior to work with 2.4. If you use a third-party plugin, make sure they explicitly advertise support + for 2.4. -4. Parameters in the Application spec: +4. (Starting in v2.6) Parameters in the Application spec: apiVersion: argoproj.io/v1alpha1 kind: Application @@ -274,7 +327,14 @@ Plugin commands have access to ## Using a config management plugin with an Application -You may leave the `name` field +If your CMP is defined in the `argocd-cm` ConfigMap, you can create a new Application using the CLI. Replace +`` with the name configured in `argocd-cm`. + +```bash +argocd app create --config-management-plugin +``` + +If your CMP is defined as a sidecar, you must manually define the Application manifest. You may leave the `name` field empty in the `plugin` section for the plugin to be automatically matched with the Application based on its discovery rules. If you do mention the name make sure it is either `-` if version is mentioned in the `ConfigManagementPlugin` spec or else just ``. When name is explicitly specified only that particular plugin will be used iff its discovery pattern/command matches the provided application repo. @@ -292,6 +352,7 @@ spec: targetRevision: HEAD path: guestbook plugin: + # For either argocd-cm- or sidecar-installed CMPs, you can pass environment variables to the CMP. env: - name: FOO value: bar @@ -304,7 +365,7 @@ If you don't need to set any environment variables, you can set an empty plugin ``` !!! important - If your CMP command runs too long, the command will be killed, and the UI will show an error. The CMP server + If your sidecar CMP command runs too long, the command will be killed, and the UI will show an error. The CMP server respects the timeouts set by the `server.repo.server.timeout.seconds` and `controller.repo.server.timeout.seconds` items in `argocd-cm`. Increase their values from the default of 60s. diff --git a/docs/operator-manual/core.md b/docs/operator-manual/core.md deleted file mode 100644 index 01b394d6e9d8c..0000000000000 --- a/docs/operator-manual/core.md +++ /dev/null @@ -1,99 +0,0 @@ -# Argo CD Core - -## Introduction - -Argo CD Core is a different installation that runs Argo CD in headless -mode. With this installation, you will have a fully functional GitOps -engine capable of getting the desired state from Git repositories and -applying it in Kubernetes. - -The following groups of features won't be available in this -installation: - -- Argo CD RBAC model -- Argo CD API -- OIDC based authentication - -The following features will be partially available (see the -[usage](#using) section below for more details): - -- Argo CD Web UI -- Argo CD CLI -- Multi-tenancy (strictly GitOps based on git push permissions) - -A few use-cases that justify running Argo CD Core are: - -- As a cluster admin, I want to rely on Kubernetes RBAC only. -- As a devops engineer, I don't want to learn a new API or depend on - another CLI to automate my deployments. I want instead rely in - Kubernetes API only. -- As a cluster admin, I don't want to provide Argo CD UI or Argo CD - CLI to developers. - -## Architecture - -Because Argo CD is designed with a component based architecture in -mind, it is possible to have a more minimalist installation. In this -case fewer components are installed and yet the main GitOps -functionality remains operational. - -In the diagram below, the Core box, shows the components that will be -installed while opting for Argo CD Core: - -![Argo CD Core](../assets/argocd-core-components.png) - -Note that even if the Argo CD controller can run without Redis, it -isn't recommended. The Argo CD controller uses Redis as an important -caching mechanism reducing the load on Kube API and in Git. For this -reason, Redis is also included in this installation method. - -## Installing - -Argo CD Core can be installed by applying a single manifest file that -contains all the required resources. - -Example: - -``` -export ARGOCD_VERSION= -kubectl create namespace argocd -kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/$ARGOCD_VERSION/manifests/core-install.yaml -``` - -## Using - -Once Argo CD Core is installed, users will be able to interact with it -by relying on GitOps. The available Kubernetes resources will be the -`Application` and the `ApplicationSet` CRDs. By using those resources, -users will be able to deploy and manage applications in Kubernetes. - -It is still possible to use Argo CD CLI even when running Argo CD -Core. In this case, the CLI will spawn a local API server process that -will be used to handle the CLI command. Once the command is concluded, -the local API Server process will also be terminated. This happens -transparently for the user with no additional command required. Note -that Argo CD Core will rely only on Kubernetes RBAC and the user (or -the process) invoking the CLI needs to have access to the Argo CD -namespace with the proper permission in the `Application` and -`ApplicationSet` resources for executing a given command. - -To use Argo CD CLI in core mode, it is required to pass the `--core` -flag with the `login` subcommand. - -Example: - -```bash -kubectl config set-context --current --namespace=argocd # change current kube context to argocd namespace -argocd login --core -``` - -Similarly, users can also run the Web UI locally if they prefer to -interact with Argo CD using this method. The Web UI can be started -locally by running the following command: - -``` -argocd admin dashboard -n argocd -``` - -Argo CD Web UI will be available at `http://localhost:8080` - diff --git a/docs/operator-manual/custom-styles.md b/docs/operator-manual/custom-styles.md index 8f2499a2d636a..21fa79efeeb2f 100644 --- a/docs/operator-manual/custom-styles.md +++ b/docs/operator-manual/custom-styles.md @@ -56,7 +56,7 @@ metadata: name: argocd-styles-cm data: my-styles.css: | - .sidebar { + .nav-bar { background: linear-gradient(to bottom, #999, #777, #333, #222, #111); } ``` diff --git a/docs/operator-manual/declarative-setup.md b/docs/operator-manual/declarative-setup.md index ef711cb982c9a..2a1a8b11953c4 100644 --- a/docs/operator-manual/declarative-setup.md +++ b/docs/operator-manual/declarative-setup.md @@ -8,16 +8,16 @@ All resources, including `Application` and `AppProject` specs, have to be instal ### Atomic configuration -| Sample File | Resource Name | Kind | Description | -|-----------------------------------------------------------------------|------------------------------------------------------------------------------------|-----------|--------------------------------------------------------------------------------------| -| [`argocd-cm.yaml`](argocd-cm-yaml.md) | argocd-cm | ConfigMap | General Argo CD configuration | -| [`argocd-repositories.yaml`](argocd-repositories-yaml.md) | my-private-repo / istio-helm-repo / private-helm-repo / private-repo | Secrets | Sample repository connection details | -| [`argocd-repo-creds.yaml`](argocd-repo-creds-yaml.md) | argoproj-https-creds / argoproj-ssh-creds / github-creds / github-enterprise-creds | Secrets | Sample repository credential templates | -| [`argocd-cmd-params-cm.yaml`](argocd-cmd-params-cm-yaml.md) | argocd-cmd-params-cm | ConfigMap | Argo CD env variables configuration | -| [`argocd-secret.yaml`](argocd-secret-yaml.md) | argocd-secret | Secret | User Passwords, Certificates (deprecated), Signing Key, Dex secrets, Webhook secrets | -| [`argocd-rbac-cm.yaml`](argocd-rbac-cm-yaml.md) | argocd-rbac-cm | ConfigMap | RBAC Configuration | -| [`argocd-tls-certs-cm.yaml`](argocd-tls-certs-cm-yaml.md) | argocd-tls-certs-cm | ConfigMap | Custom TLS certificates for connecting Git repositories via HTTPS (v1.2 and later) | -| [`argocd-ssh-known-hosts-cm.yaml`](argocd-ssh-known-hosts-cm-yaml.md) | argocd-ssh-known-hosts-cm | ConfigMap | SSH known hosts data for connecting Git repositories via SSH (v1.2 and later) | +| Sample File | Resource Name | Kind | Description | +|-------------|---------------|------|-------------| +| [`argocd-cm.yaml`](argocd-cm.yaml) | argocd-cm | ConfigMap | General Argo CD configuration | +| [`argocd-repositories.yaml`](argocd-repositories.yaml) | my-private-repo / istio-helm-repo / private-helm-repo / private-repo | Secrets | Sample repository connection details | +| [`argocd-repo-creds.yaml`](argocd-repo-creds.yaml) | argoproj-https-creds / argoproj-ssh-creds / github-creds / github-enterprise-creds | Secrets | Sample repository credential templates | +| [`argocd-cmd-params-cm.yaml`](argocd-cmd-params-cm.yaml) | argocd-cmd-params-cm | ConfigMap | Argo CD env variables configuration | +| [`argocd-secret.yaml`](argocd-secret.yaml) | argocd-secret | Secret | User Passwords, Certificates (deprecated), Signing Key, Dex secrets, Webhook secrets | +| [`argocd-rbac-cm.yaml`](argocd-rbac-cm.yaml) | argocd-rbac-cm | ConfigMap | RBAC Configuration | +| [`argocd-tls-certs-cm.yaml`](argocd-tls-certs-cm.yaml) | argocd-tls-certs-cm | ConfigMap | Custom TLS certificates for connecting Git repositories via HTTPS (v1.2 and later) | +| [`argocd-ssh-known-hosts-cm.yaml`](argocd-ssh-known-hosts-cm.yaml) | argocd-ssh-known-hosts-cm | ConfigMap | SSH known hosts data for connecting Git repositories via SSH (v1.2 and later) | For each specific kind of ConfigMap and Secret resource, there is only a single supported resource name (as listed in the above table) - if you need to merge things you need to do it before creating them. @@ -26,11 +26,11 @@ For each specific kind of ConfigMap and Secret resource, there is only a single ### Multiple configuration objects -| Sample File | Kind | Description | -|------------------------------------------------------------------|-------------|--------------------------| -| [`application.yaml`](../user-guide/application-specification.md) | Application | Example application spec | -| [`project.yaml`](./project-specification.md) | AppProject | Example project spec | -| - | Secret | Repository credentials | +| Sample File | Kind | Description | +|-------------|------|-------------| +| [`application.yaml`](application.yaml) | Application | Example application spec | +| [`project.yaml`](project.yaml) | AppProject | Example project spec | +| - | Secret | Repository credentials | For `Application` and `AppProject` resources, the name of the resource equals the name of the application or project within Argo CD. This also means that application and project names are unique within a given Argo CD installation - you cannot have the same application name for two different applications. @@ -209,7 +209,7 @@ metadata: argocd.argoproj.io/secret-type: repository stringData: type: git - url: git@github.com:argoproj/my-private-repository.git + url: git@github.com:argoproj/my-private-repository sshPrivateKey: | -----BEGIN OPENSSH PRIVATE KEY----- ... @@ -602,8 +602,6 @@ stringData: } ``` -### EKS - EKS cluster secret example using argocd-k8s-auth and [IRSA](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html): ```yaml @@ -729,7 +727,6 @@ data: "rolearn": ":role/" "username": "" ``` -### GKE GKE cluster secret example using argocd-k8s-auth and [Workload Identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity): @@ -760,99 +757,6 @@ stringData: Note that you must enable Workload Identity on your GKE cluster, create GCP service account with appropriate IAM role and bind it to Kubernetes service account for argocd-application-controller and argocd-server (showing Pod logs on UI). See [Use Workload Identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity) and [Authenticating to the Kubernetes API server](https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication). -### AKS - -Azure cluster secret example using argocd-k8s-auth and [kubelogin](https://github.com/Azure/kubelogin). The option *azure* to the argocd-k8s-auth execProviderConfig encapsulates the *get-token* command for kubelogin. Depending upon which authentication flow is desired (devicecode, spn, ropc, msi, azurecli, workloadidentity), set the environment variable AAD_LOGIN_METHOD with this value. Set other appropriate environment variables depending upon which authentication flow is desired. - -|Variable Name|Description| -|-------------|-----------| -|AAD_LOGIN_METHOD|One of devicecode, spn, ropc, msi, azurecli, or workloadidentity| -|AAD_SERVICE_PRINCIPAL_CLIENT_CERTIFICATE|AAD client cert in pfx. Used in spn login| -|AAD_SERVICE_PRINCIPAL_CLIENT_ID|AAD client application ID| -|AAD_SERVICE_PRINCIPAL_CLIENT_SECRET|AAD client application secret| -|AAD_USER_PRINCIPAL_NAME|Used in the ropc flow| -|AAD_USER_PRINCIPAL_PASSWORD|Used in the ropc flow| -|AZURE_TENANT_ID|The AAD tenant ID.| -|AZURE_AUTHORITY_HOST|Used in the WorkloadIdentityLogin flow| -|AZURE_FEDERATED_TOKEN_FILE|Used in the WorkloadIdentityLogin flow| -|AZURE_CLIENT_ID|Used in the WorkloadIdentityLogin flow| - -In addition to the environment variables above, argocd-k8s-auth accepts two extra environment variables to set the AAD environment, and to set the AAD server application ID. The AAD server application ID will default to 6dae42f8-4368-4678-94ff-3960e28e3630 if not specified. See [here](https://github.com/azure/kubelogin#exec-plugin-format) for details. - -|Variable Name|Description| -|-------------|-----------| -|AAD_ENVIRONMENT_NAME|The azure environment to use, default of AzurePublicCloud| -|AAD_SERVER_APPLICATION_ID|The optional AAD server application ID, defaults to 6dae42f8-4368-4678-94ff-3960e28e3630| - -This is an example of using the [federated workload login flow](https://github.com/Azure/kubelogin#azure-workload-federated-identity-non-interactive). The federated token file needs to be mounted as a secret into argoCD, so it can be used in the flow. The location of the token file needs to be set in the environment variable AZURE_FEDERATED_TOKEN_FILE. - -```yaml -apiVersion: v1 -kind: Secret -metadata: - name: mycluster-secret - labels: - argocd.argoproj.io/secret-type: cluster -type: Opaque -stringData: - name: mycluster.com - server: https://mycluster.com - config: | - { - "execProviderConfig": { - "command": "argocd-k8s-auth", - "env": { - "AAD_ENVIRONMENT_NAME": "AzurePublicCloud", - "AZURE_CLIENT_ID": "fill in client id", - "AZURE_TENANT_ID": "fill in tenant id", - "AZURE_FEDERATED_TOKEN_FILE": "/opt/path/to/federated_file.json", - "AZURE_AUTHORITY_HOST": "https://login.microsoftonline.com/", - "AAD_LOGIN_METHOD": "workloadidentity" - }, - "args": ["azure"], - "apiVersion": "client.authentication.k8s.io/v1beta1" - }, - "tlsClientConfig": { - "insecure": false, - "caData": "" - } - } -``` - -This is an example of using the spn (service principal name) flow. - -```yaml -apiVersion: v1 -kind: Secret -metadata: - name: mycluster-secret - labels: - argocd.argoproj.io/secret-type: cluster -type: Opaque -stringData: - name: mycluster.com - server: https://mycluster.com - config: | - { - "execProviderConfig": { - "command": "argocd-k8s-auth", - "env": { - "AAD_ENVIRONMENT_NAME": "AzurePublicCloud", - "AAD_SERVICE_PRINCIPAL_CLIENT_SECRET": "fill in your service principal client secret", - "AZURE_TENANT_ID": "fill in tenant id", - "AAD_SERVICE_PRINCIPAL_CLIENT_ID": "fill in your service principal client id", - "AAD_LOGIN_METHOD": "spn" - }, - "args": ["azure"], - "apiVersion": "client.authentication.k8s.io/v1beta1" - }, - "tlsClientConfig": { - "insecure": false, - "caData": "" - } - } -``` - ## Helm Chart Repositories Non standard Helm Chart repositories have to be registered explicitly. @@ -893,7 +797,7 @@ stringData: ## Resource Exclusion/Inclusion -Resources can be excluded from discovery and sync so that Argo CD is unaware of them. For example, the apiGroup/kind `events.k8s.io/*`, `metrics.k8s.io/*`, `coordination.k8s.io/Lease`, and `""/Endpoints` are always excluded. Use cases: +Resources can be excluded from discovery and sync so that Argo CD is unaware of them. For example, `events.k8s.io` and `metrics.k8s.io` are always excluded. Use cases: * You have temporal issues and you want to exclude problematic resources. * There are many of a kind of resources that impacts Argo CD's performance. diff --git a/docs/operator-manual/deep_links.md b/docs/operator-manual/deep_links.md index c166a1d25d75d..df46cced2ae90 100644 --- a/docs/operator-manual/deep_links.md +++ b/docs/operator-manual/deep_links.md @@ -37,7 +37,7 @@ Each link in the list has five subfields: As mentioned earlier the links and conditions can be templated to use data from the resource, each category of links can access different types of data linked to that resource. Overall we have these 4 resources available for templating in the system: -- `app` or `application`: this key is used to access the application resource data. +- `application`: this key is used to access the application resource data. - `resource`: this key is used to access values for the actual k8s resource. - `cluster`: this key is used to access the related destination cluster data like name, server, namespaces etc. - `project`: this key is used to access the project resource data. @@ -45,7 +45,7 @@ Overall we have these 4 resources available for templating in the system: The above resources are accessible in particular link categories, here's a list of resources available in each category: - `resource.links`: `resource`, `application`, `cluster` and `project` -- `application.links`: `app`/`application` and `cluster` +- `application.links`: `application` and `cluster` - `project.links`: `project` An example `argocd-cm.yaml` file with deep links and their variations : @@ -60,16 +60,16 @@ An example `argocd-cm.yaml` file with deep links and their variations : # sample application level links application.links: | # pkg.go.dev/text/template is used for evaluating url templates - - url: https://mycompany.splunk.com?search={{.app.spec.destination.namespace}}&env={{.project.metadata.labels.env}} + - url: https://mycompany.splunk.com?search={{.application.spec.destination.namespace}}&env={{.project.metadata.labels.env}} title: Splunk # conditionally show link e.g. for specific project # github.com/antonmedv/expr is used for evaluation of conditions - - url: https://mycompany.splunk.com?search={{.app.spec.destination.namespace}} + - url: https://mycompany.splunk.com?search={{.application.spec.destination.namespace}} title: Splunk if: application.spec.project == "default" - - url: https://{{.app.metadata.annotations.splunkhost}}?search={{.app.spec.destination.namespace}} + - url: https://{{.application.metadata.annotations.splunkhost}}?search={{.application.spec.destination.namespace}} title: Splunk - if: app.metadata.annotations.splunkhost != "" + if: application.metadata.annotations.splunkhost != "" # sample resource level links resource.links: | - url: https://mycompany.splunk.com?search={{.resource.metadata.name}}&env={{.project.metadata.labels.env}} diff --git a/docs/operator-manual/health.md b/docs/operator-manual/health.md index ad37e06437e17..4afa5882dca7b 100644 --- a/docs/operator-manual/health.md +++ b/docs/operator-manual/health.md @@ -137,11 +137,9 @@ setting `resource.customizations.useOpenLibs.`. In the following exa ```yaml data: - resource.customizations: | - cert-manager.io/Certificate: - health.lua.useOpenLibs: true - health.lua: | - # Lua standard libraries are enabled for this script + resource.customizations.useOpenLibs.cert-manager.io_Certificate: "true" + resource.customizations.health.cert-manager.io_Certificate: + -- Lua standard libraries are enabled for this script ``` ### Way 2. Contribute a Custom Health Check diff --git a/docs/operator-manual/high_availability.md b/docs/operator-manual/high_availability.md index 499e7de954956..8e69c0cfb01ef 100644 --- a/docs/operator-manual/high_availability.md +++ b/docs/operator-manual/high_availability.md @@ -64,8 +64,6 @@ controller replicas. To enable sharding increase the number of replicas in `argo and repeat the number of replicas in the `ARGOCD_CONTROLLER_REPLICAS` environment variable. The strategic merge patch below demonstrates changes required to configure two controller replicas. -* By default, the controller will update the cluster information every 10 seconds. If there is a problem with your cluster network environment that is causing the update time to take a long time, you can try modifying the environment variable `ARGO_CD_UPDATE_CLUSTER_INFO_TIMEOUT` to increase the timeout (the unit is seconds). - ```yaml apiVersion: apps/v1 kind: StatefulSet @@ -82,34 +80,6 @@ spec: value: "2" ``` -* The shard distribution algorithm of the `argocd-application-controller` can be set by using the `--sharding-method` parameter. Supported sharding methods are : [legacy (default), round-robin]. `legacy` mode uses an `uid` based distribution (non-uniform). `round-robin` uses an equal distribution across all shards. The `--sharding-method` parameter can also be overriden by setting the key `controller.sharding.algorithm` in the `argocd-cmd-params-cm` `configMap` (preferably) or by setting the `ARGOCD_CONTROLLER_SHARDING_ALGORITHM` environment variable and by specifiying the same possible values. - -!!! warning "Alpha Feature" - The `round-robin` shard distribution algorithm is an experimental feature. Reshuffling is known to occur in certain scenarios with cluster removal. If the cluster at rank-0 is removed, reshuffling all clusters across shards will occur and may temporarily have negative performance impacts. - -* A cluster can be manually assigned and forced to a `shard` by patching the `shard` field in the cluster secret to contain the shard number, e.g. -```yaml -apiVersion: v1 -kind: Secret -metadata: - name: mycluster-secret - labels: - argocd.argoproj.io/secret-type: cluster -type: Opaque -stringData: - shard: 1 - name: mycluster.com - server: https://mycluster.com - config: | - { - "bearerToken": "", - "tlsClientConfig": { - "insecure": false, - "caData": "" - } - } -``` - * `ARGOCD_ENABLE_GRPC_TIME_HISTOGRAM` - environment variable that enables collecting RPC performance metrics. Enable it if you need to troubleshoot performance issues. Note: This metric is expensive to both query and store! **metrics** diff --git a/docs/operator-manual/ingress.md b/docs/operator-manual/ingress.md index 84b2bcaf34a67..fb9c9eb00f38d 100644 --- a/docs/operator-manual/ingress.md +++ b/docs/operator-manual/ingress.md @@ -189,7 +189,7 @@ metadata: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "true" spec: - ingressClassName: nginx + ingressClassName: "nginx" rules: - host: argocd.example.com http: @@ -218,13 +218,14 @@ metadata: namespace: argocd annotations: cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "true" # If you encounter a redirect loop or are getting a 307 response code # then you need to force the nginx ingress to connect to the backend using HTTPS. # nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: - ingressClassName: nginx + ingressClassName: "nginx" rules: - host: argocd.example.com http: @@ -239,14 +240,13 @@ spec: tls: - hosts: - argocd.example.com - secretName: argocd-server-tls # as expected by argocd-server + secretName: argocd-secret # do not change, this is provided by Argo CD ``` -### Option 2: SSL Termination at Ingress Controller +### Option 2: Multiple Ingress Objects And Hosts -An alternative approach is to perform the SSL termination at the Ingress. Since an `ingress-nginx` Ingress supports only a single protocol per Ingress object, two Ingress objects need to be defined using the `nginx.ingress.kubernetes.io/backend-protocol` annotation, one for HTTP/HTTPS and the other for gRPC. - -Each ingress will be for a different domain (`argocd.example.com` and `grpc.argocd.example.com`). This requires that the Ingress resources use different TLS `secretName`s to avoid unexpected behavior. +Since ingress-nginx Ingress supports only a single protocol per Ingress object, an alternative +way would be to define two Ingress objects. One for HTTP/HTTPS, and the other for gRPC: HTTP/HTTPS Ingress: ```yaml @@ -259,7 +259,7 @@ metadata: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" spec: - ingressClassName: nginx + ingressClassName: "nginx" rules: - http: paths: @@ -274,7 +274,7 @@ spec: tls: - hosts: - argocd.example.com - secretName: argocd-ingress-http + secretName: argocd-secret # do not change, this is provided by Argo CD ``` gRPC Ingress: @@ -287,7 +287,7 @@ metadata: annotations: nginx.ingress.kubernetes.io/backend-protocol: "GRPC" spec: - ingressClassName: nginx + ingressClassName: "nginx" rules: - http: paths: @@ -302,7 +302,7 @@ spec: tls: - hosts: - grpc.argocd.example.com - secretName: argocd-ingress-grpc + secretName: argocd-secret # do not change, this is provided by Argo CD ``` The API server should then be run with TLS disabled. Edit the `argocd-server` deployment to add the @@ -414,132 +414,6 @@ Once we create this service, we can configure the Ingress to conditionally route - argocd.argoproj.io ``` -## [Istio](https://www.istio.io) -You can put Argo CD behind Istio using following configurations. Here we will achive both serving Argo CD behind istio and using subpath on Istio - -First we need to make sure that we can run Argo CD with subpath (ie /argocd). For this we have used install.yaml from argocd project as is - -```bash -curl -kLs -o install.yaml https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml -``` - -save following file as kustomization.yml - -```yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- ./install.yaml - -patches: -- path: ./patch.yml -``` - -And following lines as patch.yml - -```yaml -# Use --insecure so Ingress can send traffic with HTTP -# --bashref /argocd is the subpath like https://IP/argocd -# env was added because of https://github.com/argoproj/argo-cd/issues/3572 error ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-server -spec: - template: - spec: - containers: - - args: - - /usr/local/bin/argocd-server - - --staticassets - - /shared/app - - --redis - - argocd-redis-ha-haproxy:6379 - - --insecure - - --basehref - - /argocd - - --rootpath - - /argocd - name: argocd-server - env: - - name: ARGOCD_MAX_CONCURRENT_LOGIN_REQUESTS_COUNT - value: "0" -``` - -After that install Argo CD (there should be only 3 yml file defined above in current directory ) - -```bash -kubectl apply -k ./ -n argocd --wait=true -``` - -Be sure you create secret for Isito ( in our case secretname is argocd-server-tls on argocd Namespace). After that we create Istio Resources - -```yaml -apiVersion: networking.istio.io/v1alpha3 -kind: Gateway -metadata: - name: argocd-gateway - namespace: argocd -spec: - selector: - istio: ingressgateway - servers: - - port: - number: 80 - name: http - protocol: HTTP - hosts: - - "*" - tls: - httpsRedirect: true - - port: - number: 443 - name: https - protocol: HTTPS - hosts: - - "*" - tls: - credentialName: argocd-server-tls - maxProtocolVersion: TLSV1_3 - minProtocolVersion: TLSV1_2 - mode: SIMPLE - cipherSuites: - - ECDHE-ECDSA-AES128-GCM-SHA256 - - ECDHE-RSA-AES128-GCM-SHA256 - - ECDHE-ECDSA-AES128-SHA - - AES128-GCM-SHA256 - - AES128-SHA - - ECDHE-ECDSA-AES256-GCM-SHA384 - - ECDHE-RSA-AES256-GCM-SHA384 - - ECDHE-ECDSA-AES256-SHA - - AES256-GCM-SHA384 - - AES256-SHA ---- -apiVersion: networking.istio.io/v1alpha3 -kind: VirtualService -metadata: - name: argocd-virtualservice - namespace: argocd -spec: - hosts: - - "*" - gateways: - - argocd-gateway - http: - - match: - - uri: - prefix: /argocd - route: - - destination: - host: argocd-server - port: - number: 80 -``` - -And now we can browse http://{{ IP }}/argocd (it will be rewritten to https://{{ IP }}/argocd - - ## Google Cloud load balancers with Kubernetes Ingress You can make use of the integration of GKE with Google Cloud to deploy Load Balancers using just Kubernetes objects. @@ -712,7 +586,7 @@ Once the DNS change is propagated, you're ready to use Argo with your Google Clo ## Authenticating through multiple layers of authenticating reverse proxies -Argo CD endpoints may be protected by one or more reverse proxies layers, in that case, you can provide additional headers through the `argocd` CLI `--header` parameter to authenticate through those layers. +ArgoCD endpoints may be protected by one or more reverse proxies layers, in that case, you can provide additional headers through the `argocd` CLI `--header` parameter to authenticate through those layers. ```shell $ argocd login : --header 'x-token1:foo' --header 'x-token2:bar' # can be repeated multiple times @@ -720,7 +594,7 @@ $ argocd login : --header 'x-token1:foo,x-token2:bar' # headers can ``` ## ArgoCD Server and UI Root Path (v1.5.3) -Argo CD server and UI can be configured to be available under a non-root path (e.g. `/argo-cd`). +ArgoCD server and UI can be configured to be available under a non-root path (e.g. `/argo-cd`). To do this, add the `--rootpath` flag into the `argocd-server` deployment command: ```yaml diff --git a/docs/operator-manual/installation.md b/docs/operator-manual/installation.md index 11c6fcdb22bd5..c900d38ac66f5 100644 --- a/docs/operator-manual/installation.md +++ b/docs/operator-manual/installation.md @@ -48,17 +48,19 @@ High Availability installation is recommended for production use. This bundle in ## Core -The Argo CD Core installation is primarily used to deploy Argo CD in -headless mode. This type of installation is most suitable for cluster -administrators who independently use Argo CD and don't need -multi-tenancy features. This installation includes fewer components -and is easier to setup. The bundle does not include the API server or -UI, and installs the lightweight (non-HA) version of each component. +The core installation is most suitable for cluster administrators who independently use Argo CD and don't need multi-tenancy features. This installation +includes fewer components and is easier to setup. The bundle does not include the API server or UI, and installs the lightweight (non-HA) version of each component. -Installation manifest is available at [core-install.yaml](https://github.com/argoproj/argo-cd/blob/master/manifests/core-install.yaml). +The end-users need Kubernetes access to manage Argo CD. The `argocd` CLI has to be configured using the following commands: -For more details about Argo CD Core please refer to the [official -documentation](./core.md) +```bash +kubectl config set-context --current --namespace=argocd # change current kube context to argocd namespace +argocd login --core +``` + +The Web UI is also available and can be started using the `argocd admin dashboard` command. + +Installation manifests are available at [core-install.yaml](https://github.com/argoproj/argo-cd/blob/master/manifests/core-install.yaml). ## Kustomize @@ -72,12 +74,9 @@ kind: Kustomization namespace: argocd resources: -- https://raw.githubusercontent.com/argoproj/argo-cd/v2.7.2/manifests/install.yaml +- github.com/argoproj/argo-cd/manifests/ha/base?ref=v2.6.2 ``` -For an example of this, see the [kustomization.yaml](https://github.com/argoproj/argoproj-deployments/blob/master/argocd/kustomization.yaml) -used to deploy the [Argoproj CI/CD infrastructure](https://github.com/argoproj/argoproj-deployments#argoproj-deployments). - ## Helm The Argo CD can be installed using [Helm](https://helm.sh/). The Helm chart is currently community maintained and available at @@ -98,10 +97,4 @@ For example if the latest minor version of ArgoCD are 2.4.3 and 2.3.5 while sup * Argo CD 2.4.3 on Kubernetes 1.22 * Argo CD 2.3.5 on Kubernetes 1.24 * Argo CD 2.3.5 on Kubernetes 1.23 -* Argo CD 2.3.5 on Kubernetes 1.22 - -## Tested versions - -The following table shows the versions of Kubernetes that are tested with each version of Argo CD. - -{!docs/operator-manual/tested-kubernetes-versions.md!} +* Argo CD 2.3.5 on Kubernetes 1.22 \ No newline at end of file diff --git a/docs/operator-manual/metrics.md b/docs/operator-manual/metrics.md index 174b08fd75c2c..da816f82f519b 100644 --- a/docs/operator-manual/metrics.md +++ b/docs/operator-manual/metrics.md @@ -7,7 +7,7 @@ Metrics about applications. Scraped at the `argocd-metrics:8082/metrics` endpoin | Metric | Type | Description | |--------|:----:|-------------| -| `argocd_app_info` | gauge | Information about Applications. It contains labels such as `sync_status` and `health_status` that reflect the application state in Argo CD. | +| `argocd_app_info` | gauge | Information about Applications. It contains labels such as `sync_status` and `health_status` that reflect the application state in ArgoCD. | | `argocd_app_k8s_request_total` | counter | Number of kubernetes requests executed during application reconciliation | | `argocd_app_labels` | gauge | Argo Application labels converted to Prometheus labels. Disabled by default. See section below about how to enable it. | | `argocd_app_reconcile` | histogram | Application reconciliation performance. | @@ -23,7 +23,7 @@ Metrics about applications. Scraped at the `argocd-metrics:8082/metrics` endpoin | `argocd_redis_request_duration` | histogram | Redis requests duration. | | `argocd_redis_request_total` | counter | Number of redis requests executed during application reconciliation | -If you use Argo CD with many application and project creation and deletion, +If you use ArgoCD with many application and project creation and deletion, the metrics page will keep in cache your application and project's history. If you are having issues because of a large number of metrics cardinality due to deleted resources, you can schedule a metrics reset to clean the @@ -32,16 +32,16 @@ history with an application controller flag. Example: ### Exposing Application labels as Prometheus metrics -There are use-cases where Argo CD Applications contain labels that are desired to be exposed as Prometheus metrics. +There are use-cases where ArgoCD Applications contain labels that are desired to be exposed as Prometheus metrics. Some examples are: * Having the team name as a label to allow routing alerts to specific receivers * Creating dashboards broken down by business units As the Application labels are specific to each company, this feature is disabled by default. To enable it, add the -`--metrics-application-labels` flag to the Argo CD application controller. +`--metrics-application-labels` flag to the ArgoCD application controller. -The example below will expose the Argo CD Application labels `team-name` and `business-unit` to Prometheus: +The example below will expose the ArgoCD Application labels `team-name` and `business-unit` to Prometheus: containers: - command: diff --git a/docs/operator-manual/notifications/services/email.md b/docs/operator-manual/notifications/services/email.md index b81ab6cde8b4c..e3c4b7d9e6380 100755 --- a/docs/operator-manual/notifications/services/email.md +++ b/docs/operator-manual/notifications/services/email.md @@ -46,7 +46,7 @@ data: ## Template -[Notification templates](../templates.md) support specifying subject for email notifications: +Notification templates support specifying subject for email notifications: ```yaml apiVersion: v1 diff --git a/docs/operator-manual/notifications/services/github.md b/docs/operator-manual/notifications/services/github.md index c24ea00f433d7..2b5bbf1e8c6ce 100755 --- a/docs/operator-manual/notifications/services/github.md +++ b/docs/operator-manual/notifications/services/github.md @@ -12,7 +12,7 @@ The GitHub notification service changes commit status using [GitHub Apps](https: ## Configuration 1. Create a GitHub Apps using https://github.com/settings/apps/new -2. Change repository permissions to enable write commit statuses and/or deployments +2. Change repository permissions to enable write commit statuses ![2](https://user-images.githubusercontent.com/18019529/108397381-3ca57980-725b-11eb-8d17-5b8992dc009e.png) 3. Generate a private key, and download it automatically ![3](https://user-images.githubusercontent.com/18019529/108397926-d4a36300-725b-11eb-83fe-74795c8c3e03.png) @@ -69,12 +69,6 @@ template.app-deployed: | state: success label: "continuous-delivery/{{.app.metadata.name}}" targetURL: "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true" - deployment: - state: success - environment: production - environmentURL: "https://{{.app.metadata.name}}.example.com" - logURL: "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true" - requiredContexts: [] ``` **Notes**: diff --git a/docs/operator-manual/notifications/services/pagerduty.md b/docs/operator-manual/notifications/services/pagerduty.md index 0e1ab965332e1..849b4db802d9d 100755 --- a/docs/operator-manual/notifications/services/pagerduty.md +++ b/docs/operator-manual/notifications/services/pagerduty.md @@ -35,7 +35,7 @@ data: ## Template -[Notification templates](../templates.md) support specifying subject for pagerduty notifications: +Notification templates support specifying subject for pagerduty notifications: ```yaml apiVersion: v1 @@ -63,4 +63,4 @@ kind: Rollout metadata: annotations: notifications.argoproj.io/subscribe.on-rollout-aborted.pagerduty: "" -``` +``` \ No newline at end of file diff --git a/docs/operator-manual/notifications/services/pagerduty_v2.md b/docs/operator-manual/notifications/services/pagerduty_v2.md deleted file mode 100755 index 21e8d942e4e93..0000000000000 --- a/docs/operator-manual/notifications/services/pagerduty_v2.md +++ /dev/null @@ -1,78 +0,0 @@ -# PagerDuty V2 - -## Parameters - -The PagerDuty notification service is used to trigger PagerDuty events and requires specifying the following settings: - -* `serviceKeys` - a dictionary with the following structure: - * `service-name: $pagerduty-key-service-name` where `service-name` is the name you want to use for the service to make events for, and `$pagerduty-key-service-name` is a reference to the secret that contains the actual PagerDuty integration key (Events API v2 integration) - -If you want multiple Argo apps to trigger events to their respective PagerDuty services, create an integration key in each service you want to setup alerts for. - -To create a PagerDuty integration key, [follow these instructions](https://support.pagerduty.com/docs/services-and-integrations#create-a-generic-events-api-integration) to add an Events API v2 integration to the service of your choice. - -## Configuration - -The following snippet contains sample PagerDuty service configuration. It assumes the service you want to alert on is called `my-service`. - -```yaml -apiVersion: v1 -kind: Secret -metadata: - name: -stringData: - pagerduty-key-my-service: -``` - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: -data: - service.pagerdutyv2: | - serviceKeys: - my-service: $pagerduty-key-my-service -``` - -## Template - -[Notification templates](../templates.md) support specifying subject for PagerDuty notifications: - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: -data: - template.rollout-aborted: | - message: Rollout {{.rollout.metadata.name}} is aborted. - pagerdutyv2: - summary: "Rollout {{.rollout.metadata.name}} is aborted." - severity: "critical" - source: "{{.rollout.metadata.name}}" -``` - -The parameters for the PagerDuty configuration in the template generally match with the payload for the Events API v2 endpoint. All parameters are strings. - -* `summary` - (required) A brief text summary of the event, used to generate the summaries/titles of any associated alerts. -* `severity` - (required) The perceived severity of the status the event is describing with respect to the affected system. Allowed values: `critical`, `warning`, `error`, `info` -* `source` - (required) The unique location of the affected system, preferably a hostname or FQDN. -* `component` - Component of the source machine that is responsible for the event. -* `group` - Logical grouping of components of a service. -* `class` - The class/type of the event. -* `url` - The URL that should be used for the link "View in ArgoCD" in PagerDuty. - -The `timestamp` and `custom_details` parameters are not currently supported. - -## Annotation - -Annotation sample for PagerDuty notifications: - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Rollout -metadata: - annotations: - notifications.argoproj.io/subscribe.on-rollout-aborted.pagerdutyv2: "" -``` diff --git a/docs/operator-manual/notifications/services/rocketchat.md b/docs/operator-manual/notifications/services/rocketchat.md index f1157050139d0..554f42a808f01 100755 --- a/docs/operator-manual/notifications/services/rocketchat.md +++ b/docs/operator-manual/notifications/services/rocketchat.md @@ -64,7 +64,7 @@ metadata: ## Templates -[Notification templates](../templates.md) can be customized with RocketChat [attachments](https://developer.rocket.chat/api/rest-api/methods/chat/postmessage#attachments-detail). +Notification templates can be customized with RocketChat [attachments](https://developer.rocket.chat/api/rest-api/methods/chat/postmessage#attachments-detail). *Note: Attachments structure in Rocketchat is same with Slack attachments [feature](https://api.slack.com/messaging/composing/layouts).* diff --git a/docs/operator-manual/notifications/services/slack.md b/docs/operator-manual/notifications/services/slack.md index 876445bfec61e..0cd9a0f17708e 100755 --- a/docs/operator-manual/notifications/services/slack.md +++ b/docs/operator-manual/notifications/services/slack.md @@ -50,7 +50,7 @@ The Slack notification service configuration includes following settings: token: $slack-token ``` -1. Add annotation in application yaml file to enable notifications for specific argocd app. The following example uses the [on-sync-succeeded trigger](../catalog.md#triggers): +1. Add annotation in application yaml file to enable notifications for specific argocd app ```yaml apiVersion: argoproj.io/v1alpha1 @@ -60,7 +60,7 @@ The Slack notification service configuration includes following settings: notifications.argoproj.io/subscribe.on-sync-succeeded.slack: my_channel ``` -1. Annotation with more than one [trigger](../catalog.md#triggers), with multiple destinations and recipients +1. Annotation with more than one trigger multiple of destinations and recipients ```yaml apiVersion: argoproj.io/v1alpha1 @@ -82,7 +82,7 @@ The Slack notification service configuration includes following settings: ## Templates -[Notification templates](../templates.md) can be customized to leverage slack message blocks and attachments +Notification templates can be customized to leverage slack message blocks and attachments [feature](https://api.slack.com/messaging/composing/layouts). ![](https://user-images.githubusercontent.com/426437/72776856-6dcef880-3bc8-11ea-8e3b-c72df16ee8e6.png) diff --git a/docs/operator-manual/notifications/services/teams.md b/docs/operator-manual/notifications/services/teams.md index b5b9a228c43eb..eb50f5538c8b6 100755 --- a/docs/operator-manual/notifications/services/teams.md +++ b/docs/operator-manual/notifications/services/teams.md @@ -48,7 +48,7 @@ metadata: ![](https://user-images.githubusercontent.com/18019529/114271500-9d2b8880-9a4c-11eb-85c1-f6935f0431d5.png) -[Notification templates](../templates.md) can be customized to leverage teams message sections, facts, themeColor, summary and potentialAction [feature](https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/connectors-using). +Notification templates can be customized to leverage teams message sections, facts, themeColor, summary and potentialAction [feature](https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/connectors-using). ```yaml template.app-sync-succeeded: | @@ -123,4 +123,4 @@ You can set a summary of the message that will be shown on Notifcation & Activit template.app-sync-succeeded: | teams: summary: "Sync Succeeded" -``` +``` \ No newline at end of file diff --git a/docs/operator-manual/notifications/triggers.md b/docs/operator-manual/notifications/triggers.md index c5fe7aa68967f..aecaee81b80c6 100644 --- a/docs/operator-manual/notifications/triggers.md +++ b/docs/operator-manual/notifications/triggers.md @@ -28,6 +28,7 @@ The end users just need to subscribe to the trigger and specify the notification triggers might include multiple conditions with a different set of templates for each condition. For example, the following trigger covers all stages of sync status operation and use a different template for different cases: + ```yaml apiVersion: v1 kind: ConfigMap @@ -65,10 +66,6 @@ data: send: [app-sync-succeeded] ``` -**Mono Repo Usage** - -When one repo is used to sync multiple applications, the `oncePer: app.status.sync.revision` field will trigger a notification for each commit. For mono repos, the better approach will be using `oncePer: app.status.operationState.syncResult.revision` statement. This way a notification will be sent only for a particular Application's revision. - ### oncePer The `oncePer` filed is supported like as follows. diff --git a/docs/operator-manual/project-specification.md b/docs/operator-manual/project-specification.md deleted file mode 100644 index 4d18eb1a9dd1b..0000000000000 --- a/docs/operator-manual/project-specification.md +++ /dev/null @@ -1,7 +0,0 @@ -# Project Specification - -The following describes all the available fields of a Project: - -```yaml -{!docs/operator-manual/project.yaml!} -``` diff --git a/docs/operator-manual/rbac.md b/docs/operator-manual/rbac.md index 205ec9e2271bc..47d841d76ef3c 100644 --- a/docs/operator-manual/rbac.md +++ b/docs/operator-manual/rbac.md @@ -143,10 +143,6 @@ data: p, role:org-admin, repositories, create, *, allow p, role:org-admin, repositories, update, *, allow p, role:org-admin, repositories, delete, *, allow - p, role:org-admin, projects, get, *, allow - p, role:org-admin, projects, create, *, allow - p, role:org-admin, projects, update, *, allow - p, role:org-admin, projects, delete, *, allow p, role:org-admin, logs, get, *, allow p, role:org-admin, exec, create, */*, allow @@ -171,63 +167,6 @@ g, db-admins, role:staging-db-admins This example defines a *role* called `staging-db-admins` with *nine permissions* that allow that role to perform the *actions* (`create`/`delete`/`get`/`override`/`sync`/`update` applications, `get` logs, `create` exec and `get` appprojects) against `*` (all) objects in the `staging-db-admins` Argo CD AppProject. -!!! note - The `scopes` field controls which OIDC scopes to examine during rbac - enforcement (in addition to `sub` scope). If omitted, defaults to: - `'[groups]'`. The scope value can be a string, or a list of strings. - -Following example shows targeting `email` as well as `groups` from your OIDC provider. - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-rbac-cm - namespace: argocd - labels: - app.kubernetes.io/name: argocd-rbac-cm - app.kubernetes.io/part-of: argocd -data: - policy.csv: | - p, my-org:team-alpha, applications, sync, my-project/*, allow - g, my-org:team-beta, role:admin - g, user@example.org, role:admin - policy.default: role:readonly - scopes: '[groups, email]' -``` - -For more information on `scopes` please review the [User Management Documentation](user-management/index.md). - -## Policy CSV Composition - -It is possible to provide additional entries in the `argocd-rbac-cm` -configmap to compose the final policy csv. In this case the key must -follow the pattern `policy..csv`. Argo CD will concatenate -all additional policies it finds with this pattern below the main one -('policy.csv'). The order of additional provided policies are -determined by the key string. Example: if two additional policies are -provided with keys `policy.A.csv` and `policy.B.csv`, it will first -concatenate `policy.A.csv` and then `policy.B.csv`. - -This is useful to allow composing policies in config management tools -like Kustomize, Helm, etc. - -The example below shows how a Kustomize patch can be provided in an -overlay to add additional configuration to an existing RBAC policy. - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-rbac-cm - namespace: argocd -data: - policy.tester-overlay.csv: | - p, role:tester, applications, *, */*, allow - p, role:tester, projects, *, *, allow - g, my-org:team-qa, role:tester -``` - ## Anonymous Access The anonymous access to Argo CD can be enabled using `users.anonymous.enabled` field in `argocd-cm` (see [argocd-cm.yaml](argocd-cm.yaml)). diff --git a/docs/operator-manual/reconcile.md b/docs/operator-manual/reconcile.md deleted file mode 100644 index a956cd9cf7b28..0000000000000 --- a/docs/operator-manual/reconcile.md +++ /dev/null @@ -1,113 +0,0 @@ -# Reconcile Optimization - -By default, an Argo CD Application is refreshed every time a resource that belongs to it changes. - -Kubernetes controllers often update the resources they watch periodically, causing continuous reconcile operation on the Application -and a high CPU usage on the `argocd-application-controller`. Argo CD allows you to optionally ignore resource updates on specific fields -for [tracked resources](../user-guide/resource_tracking.md). - -When a resource update is ignored, if the resource's [health status](./health.md) does not change, the Application that this resource belongs to will not be reconciled. - -## System-Level Configuration - -Argo CD allows ignoring resource updates at a specific JSON path, using [RFC6902 JSON patches](https://tools.ietf.org/html/rfc6902) and [JQ path expressions](https://stedolan.github.io/jq/manual/#path(path_expression)). It can be configured for a specified group and kind -in `resource.customizations` key of the `argocd-cm` ConfigMap. - -!!!important "Enabling the feature" - The feature is behind a flag. To enable it, set `resource.ignoreResourceUpdatesEnabled` to `"true"` in the `argocd-cm` ConfigMap. - -Following is an example of a customization which ignores the `refreshTime` status field of an [`ExternalSecret`](https://external-secrets.io/main/api/externalsecret/) resource: - -```yaml -data: - resource.customizations.ignoreResourceUpdates.external-secrets.io_ExternalSecret: | - jsonPointers: - - /status/refreshTime - # JQ equivalent of the above: - # jqPathExpressions: - # - .status.refreshTime -``` - -It is possible to configure `ignoreResourceUpdates` to be applied to all tracked resources in every Application managed by an Argo CD instance. In order to do so, resource customizations can be configured like in the example below: - -```yaml -data: - resource.customizations.ignoreResourceUpdates.all: | - jsonPointers: - - /status -``` - -### Using ignoreDifferences to ignore reconcile - -It is possible to use existing system-level `ignoreDifferences` customizations to ignore resource updates as well. Instead of copying all configurations, -the `ignoreDifferencesOnResourceUpdates` setting can be used to add all ignored differences as ignored resource updates: - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cm -data: - resource.compareoptions: | - ignoreDifferencesOnResourceUpdates: true -``` - -## Default Configuration - -By default, the metadata fields `generation`, `resourceVersion` and `managedFields` are always ignored for all resources. - -## Finding Resources to Ignore - -The application controller logs when a resource change triggers a refresh. You can use these logs to find -high-churn resource kinds and then inspect those resources to find which fields to ignore. - -To find these logs, search for `"Requesting app refresh caused by object update"`. The logs include structured -fields for `api-version` and `kind`. Counting the number of refreshes triggered, by api-version/kind should -reveal the high-churn resource kinds. - -!!!note - These logs are at the `debug` level. Configure the application-controller's log level to `debug`. - -Once you have identified some resources which change often, you can try to determine which fields are changing. Here is -one approach: - -```shell -kubectl get -o yaml > /tmp/before.yaml -# Wait a minute or two. -kubectl get -o yaml > /tmp/after.yaml -diff /tmp/before.yaml /tmp/after -``` - -The diff can give you a sense for which fields are changing and should perhaps be ignored. - -## Checking Whether Resource Updates are Ignored - -Whenever Argo CD skips a refresh due to an ignored resource update, the controller logs the following line: -"Ignoring change of object because none of the watched resource fields have changed". - -Search the application-controller logs for this line to confirm that your resource ignore rules are being applied. - -!!!note - These logs are at the `debug` level. Configure the application-controller's log level to `debug`. - -## Examples - -### argoproj.io/Application - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cm -data: - resource.customizations.ignoreResourceUpdates.argoproj.io_Application: | - jsonPointers: - # Ignore when ownerReferences change, for example when a parent ApplicationSet changes often. - - /metadata/ownerReferences - # Ignore reconciledAt, since by itself it doesn't indicate any important change. - - /status/reconciledAt - jqPathExpressions: - # Ignore lastTransitionTime for conditions; helpful when SharedResourceWarnings are being regularly updated but not - # actually changing in content. - - .status.conditions[].lastTransitionTime -``` diff --git a/docs/operator-manual/resource_actions.md b/docs/operator-manual/resource_actions.md index b720f589ae8d0..2dbe58749cad4 100644 --- a/docs/operator-manual/resource_actions.md +++ b/docs/operator-manual/resource_actions.md @@ -12,30 +12,11 @@ Argo CD supports custom resource actions written in [Lua](https://www.lua.org/). * Have a custom resource for which Argo CD does not provide any built-in actions. * Have a commonly performed manual task that might be error prone if executed by users via `kubectl` -The resource actions act on a single object. - You can define your own custom resource actions in the `argocd-cm` ConfigMap. -### Custom Resource Action Types - -#### An action that modifies the source resource - -This action modifies and returns the source resource. -This kind of action was the only one available till 2.8, and it is still supported. - -#### An action that produces a list of new or modified resources - -**An alpha feature, introduced in 2.8.** - -This action returns a list of impacted resources, each impacted resource has a K8S resource and an operation to perform on. -Currently supported operations are "create" and "patch", "patch" is only supported for the source resource. -Creating new resources is possible, by specifying a "create" operation for each such resource in the returned list. -One of the returned resources can be the modified source object, with a "patch" operation, if needed. -See the definition examples below. - ### Define a Custom Resource Action in `argocd-cm` ConfigMap -Custom resource actions can be defined in `resource.customizations.actions.` field of `argocd-cm`. Following example demonstrates a set of custom actions for `CronJob` resources, each such action returns the modified CronJob. +Custom resource actions can be defined in `resource.customizations.actions.` field of `argocd-cm`. Following example demonstrates a set of custom actions for `CronJob` resources. The customizations key is in the format of `resource.customizations.actions.`. ```yaml @@ -70,114 +51,4 @@ resource.customizations.actions.batch_CronJob: | The `discovery.lua` script must return a table where the key name represents the action name. You can optionally include logic to enable or disable certain actions based on the current object state. -Each action name must be represented in the list of `definitions` with an accompanying `action.lua` script to control the resource modifications. The `obj` is a global variable which contains the resource. Each action script returns an optionally modified version of the resource. In this example, we are simply setting `.spec.suspend` to either `true` or `false`. - -#### Creating new resources with a custom action - -!!! important - Creating resources via the Argo CD UI is an intentional, strategic departure from GitOps principles. We recommend - that you use this feature sparingly and only for resources that are not part of the desired state of the - application. - -The resource the action is invoked on would be referred to as the `source resource`. -The new resource and all the resources implicitly created as a result, must be permitted on the AppProject level, otherwise the creation will fail. - -##### Creating a source resource child resources with a custom action - -If the new resource represents a k8s child of the source resource, the source resource ownerReference must be set on the new resource. -Here is an example Lua snippet, that takes care of constructing a Job resource that is a child of a source CronJob resource - the `obj` is a global variable, which contains the source resource: - -```lua --- ... -ownerRef = {} -ownerRef.apiVersion = obj.apiVersion -ownerRef.kind = obj.kind -ownerRef.name = obj.metadata.name -ownerRef.uid = obj.metadata.uid -job = {} -job.metadata = {} -job.metadata.ownerReferences = {} -job.metadata.ownerReferences[1] = ownerRef --- ... -``` - -##### Creating independent child resources with a custom action - -If the new resource is independent of the source resource, the default behavior of such new resource is that it is not known by the App of the source resource (as it is not part of the desired state and does not have an `ownerReference`). -To make the App aware of the new resource, the `app.kubernetes.io/instance` label (or other ArgoCD tracking label, if configured) must be set on the resource. -It can be copied from the source resource, like this: - -```lua --- ... -newObj = {} -newObj.metadata = {} -newObj.metadata.labels = {} -newObj.metadata.labels["app.kubernetes.io/instance"] = obj.metadata.labels["app.kubernetes.io/instance"] --- ... -``` - -While the new resource will be part of the App with the tracking label in place, it will be immediately deleted if auto prune is set on the App. -To keep the resource, set `Prune=false` annotation on the resource, with this Lua snippet: - -```lua --- ... -newObj.metadata.annotations = {} -newObj.metadata.annotations["argocd.argoproj.io/sync-options"] = "Prune=false" --- ... -``` - -(If setting `Prune=false` behavior, the resource will not be deleted upon the deletion of the App, and will require a manual cleanup). - -The resource and the App will now appear out of sync - which is the expected ArgoCD behavior upon creating a resource that is not part of the desired state. - -If you wish to treat such an App as a synced one, add the following resource annotation in Lua code: - -```lua --- ... -newObj.metadata.annotations["argocd.argoproj.io/compare-options"] = "IgnoreExtraneous" --- ... -``` - -#### An action that produces a list of resources - a complete example: - -```yaml -resource.customizations.actions.ConfigMap: | - discovery.lua: | - actions = {} - actions["do-things"] = {} - return actions - definitions: - - name: do-things - action.lua: | - -- Create a new ConfigMap - cm1 = {} - cm1.apiVersion = "v1" - cm1.kind = "ConfigMap" - cm1.metadata = {} - cm1.metadata.name = "cm1" - cm1.metadata.namespace = obj.metadata.namespace - cm1.metadata.labels = {} - -- Copy ArgoCD tracking label so that the resource is recognized by the App - cm1.metadata.labels["app.kubernetes.io/instance"] = obj.metadata.labels["app.kubernetes.io/instance"] - cm1.metadata.annotations = {} - -- For Apps with auto-prune, set the prune false on the resource, so it does not get deleted - cm1.metadata.annotations["argocd.argoproj.io/sync-options"] = "Prune=false" - -- Keep the App synced even though it has a resource that is not in Git - cm1.metadata.annotations["argocd.argoproj.io/compare-options"] = "IgnoreExtraneous" - cm1.data = {} - cm1.data.myKey1 = "myValue1" - impactedResource1 = {} - impactedResource1.operation = "create" - impactedResource1.resource = cm1 - - -- Patch the original cm - obj.metadata.labels["aKey"] = "aValue" - impactedResource2 = {} - impactedResource2.operation = "patch" - impactedResource2.resource = obj - - result = {} - result[1] = impactedResource1 - result[2] = impactedResource2 - return result -``` \ No newline at end of file +Each action name must be represented in the list of `definitions` with an accompanying `action.lua` script to control the resource modifications. The `obj` is a global variable which contains the resource. Each action script must return an optionally modified version of the resource. In this example, we are simply setting `.spec.suspend` to either `true` or `false`. diff --git a/docs/operator-manual/secret-management.md b/docs/operator-manual/secret-management.md index 0756734c7b822..54795fe4cc56c 100644 --- a/docs/operator-manual/secret-management.md +++ b/docs/operator-manual/secret-management.md @@ -10,7 +10,7 @@ Here are some ways people are doing GitOps secrets: * [Bitnami Sealed Secrets](https://github.com/bitnami-labs/sealed-secrets) * [External Secrets Operator](https://github.com/external-secrets/external-secrets) * [Hashicorp Vault](https://www.vaultproject.io) -* [Bank-Vaults]((https://bank-vaults.dev/)) +* [Banzai Cloud Bank-Vaults](https://github.com/banzaicloud/bank-vaults) * [Helm Secrets](https://github.com/jkroepke/helm-secrets) * [Kustomize secret generator plugins](https://github.com/kubernetes-sigs/kustomize/blob/fd7a353df6cece4629b8e8ad56b71e30636f38fc/examples/kvSourceGoPlugin.md#secret-values-from-anywhere) * [aws-secret-operator](https://github.com/mumoshu/aws-secret-operator) diff --git a/docs/operator-manual/security.md b/docs/operator-manual/security.md index 3ba9fdfe39363..593030e1756e4 100644 --- a/docs/operator-manual/security.md +++ b/docs/operator-manual/security.md @@ -173,7 +173,7 @@ kubectl edit clusterrole argocd-application-controller ``` !!! tip - If you want to deny Argo CD access to a kind of resource then add it as an [excluded resource](declarative-setup.md#resource-exclusion). + If you want to deny ArgoCD access to a kind of resource then add it as an [excluded resource](declarative-setup.md#resource-exclusion). ## Auditing diff --git a/docs/operator-manual/server-commands/argocd-application-controller.md b/docs/operator-manual/server-commands/argocd-application-controller.md index d21763afa7404..048e9546d1db0 100644 --- a/docs/operator-manual/server-commands/argocd-application-controller.md +++ b/docs/operator-manual/server-commands/argocd-application-controller.md @@ -46,7 +46,7 @@ argocd-application-controller [flags] --redis-ca-certificate string Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation. --redis-client-certificate string Path to Redis client certificate (e.g. /etc/certs/redis/client.crt). --redis-client-key string Path to Redis client key (e.g. /etc/certs/redis/client.crt). - --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none) (default "gzip") + --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: none, gzip) (default "none") --redis-insecure-skip-tls-verify Skip Redis server certificate validation. --redis-use-tls Use TLS when connecting to Redis. --redisdb int Redis database. @@ -59,7 +59,6 @@ argocd-application-controller [flags] --sentinel stringArray Redis sentinel hostname and port (e.g. argocd-redis-ha-announce-0:6379). --sentinelmaster string Redis sentinel master group name. (default "master") --server string The address and port of the Kubernetes API server - --sharding-method string Enables choice of sharding method. Supported sharding methods are : [legacy, round-robin] (default "legacy") --status-processors int Number of application status processors (default 20) --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server diff --git a/docs/operator-manual/server-commands/argocd-repo-server.md b/docs/operator-manual/server-commands/argocd-repo-server.md index 35d8cbe8dfed5..322886acbba50 100644 --- a/docs/operator-manual/server-commands/argocd-repo-server.md +++ b/docs/operator-manual/server-commands/argocd-repo-server.md @@ -13,7 +13,6 @@ argocd-repo-server [flags] ### Options ``` - --address string Listen on given address for incoming connections (default "0.0.0.0") --allow-oob-symlinks Allow out-of-bounds symlinks in repositories (not recommended) --default-cache-expiration duration Cache expiration default (default 24h0m0s) --disable-tls Disable TLS on the gRPC endpoint @@ -21,7 +20,6 @@ argocd-repo-server [flags] --logformat string Set the logging format. One of: text|json (default "text") --loglevel string Set the logging level. One of: debug|info|warn|error (default "info") --max-combined-directory-manifests-size string Max combined size of manifest files in a directory-type Application (default "10M") - --metrics-address string Listen on given address for metrics (default "0.0.0.0") --metrics-port int Start metrics server on given port (default 8084) --otlp-address string OpenTelemetry collector address to send traces to --parallelismlimit int Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. @@ -31,7 +29,7 @@ argocd-repo-server [flags] --redis-ca-certificate string Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation. --redis-client-certificate string Path to Redis client certificate (e.g. /etc/certs/redis/client.crt). --redis-client-key string Path to Redis client key (e.g. /etc/certs/redis/client.crt). - --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none) (default "gzip") + --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: none, gzip) (default "none") --redis-insecure-skip-tls-verify Skip Redis server certificate validation. --redis-use-tls Use TLS when connecting to Redis. --redisdb int Redis database. diff --git a/docs/operator-manual/server-commands/argocd-server.md b/docs/operator-manual/server-commands/argocd-server.md index e120c757b2ec1..461ac194fa341 100644 --- a/docs/operator-manual/server-commands/argocd-server.md +++ b/docs/operator-manual/server-commands/argocd-server.md @@ -13,7 +13,6 @@ argocd-server [flags] ### Options ``` - --address string Listen on given address (default "0.0.0.0") --app-state-cache-expiration duration Cache expiration for app state (default 1h0m0s) --application-namespaces strings List of additional namespaces where application resources can be managed in --as string Username to impersonate for the operation @@ -32,7 +31,7 @@ argocd-server [flags] --dex-server-plaintext Use a plaintext client (non-TLS) to connect to dex server --dex-server-strict-tls Perform strict validation of TLS certificates when connecting to dex server --disable-auth Disable client authentication - --enable-gzip Enable GZIP compression (default true) + --enable-gzip Enable GZIP compression --enable-proxy-extension Enable Proxy Extension feature --gloglevel int Set the glog logging level -h, --help help for argocd-server @@ -42,7 +41,6 @@ argocd-server [flags] --logformat string Set the logging format. One of: text|json (default "text") --login-attempts-expiration duration Cache expiration for failed login attempts (default 24h0m0s) --loglevel string Set the logging level. One of: debug|info|warn|error (default "info") - --metrics-address string Listen for metrics on given address (default "0.0.0.0") --metrics-port int Start metrics on given port (default 8083) -n, --namespace string If present, the namespace scope for this CLI request --oidc-cache-expiration duration Cache expiration for OIDC state (default 3m0s) @@ -54,7 +52,7 @@ argocd-server [flags] --redis-ca-certificate string Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation. --redis-client-certificate string Path to Redis client certificate (e.g. /etc/certs/redis/client.crt). --redis-client-key string Path to Redis client key (e.g. /etc/certs/redis/client.crt). - --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none) (default "gzip") + --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: none, gzip) (default "none") --redis-insecure-skip-tls-verify Skip Redis server certificate validation. --redis-use-tls Use TLS when connecting to Redis. --redisdb int Redis database. diff --git a/docs/operator-manual/signed-release-assets.md b/docs/operator-manual/signed-release-assets.md index 9aec6bb071047..4944f70ac1cb8 100644 --- a/docs/operator-manual/signed-release-assets.md +++ b/docs/operator-manual/signed-release-assets.md @@ -136,13 +136,11 @@ slsa-verifier verify-artifact argocd-linux-amd64 \ ## Verification of Sbom -A single attestation (`argocd-sbom.intoto.jsonl`) from each release is provided along with the sbom (`sbom.tar.gz`). This can be used with [slsa-verifier](https://github.com/slsa-framework/slsa-verifier#verification-for-github-builders) to verify that the SBOM was generated using Argo CD workflows on GitHub and ensures it was cryptographically signed. - ```bash -slsa-verifier verify-artifact sbom.tar.gz \ - --provenance-path argocd-sbom.intoto.jsonl \ - --source-uri github.com/argoproj/argo-cd \ - --source-tag v2.7.0 +cosign verify-blob --signature sbom.tar.gz.sig --certificate sbom.tar.gz.pem \ +--certificate-identity-regexp ^https://github.com/argoproj/argo-cd/.github/workflows/release.yaml@refs/tags/v \ +--certificate-oidc-issuer https://token.actions.githubusercontent.com \ + ~/Downloads/sbom.tar.gz | jq ``` *** diff --git a/docs/operator-manual/tested-kubernetes-versions.md b/docs/operator-manual/tested-kubernetes-versions.md deleted file mode 100644 index 897620296a515..0000000000000 --- a/docs/operator-manual/tested-kubernetes-versions.md +++ /dev/null @@ -1,6 +0,0 @@ -| Argo CD version | Kubernetes versions | -|-----------------|---------------------| -| 2.7 | v1.26, v1.25, v1.24, v1.23 | -| 2.6 | v1.24, v1.23, v1.22 | -| 2.5 | v1.24, v1.23, v1.22 | - diff --git a/docs/operator-manual/tls.md b/docs/operator-manual/tls.md index 43409fc568f43..3b80e765f17dd 100644 --- a/docs/operator-manual/tls.md +++ b/docs/operator-manual/tls.md @@ -224,10 +224,7 @@ to not use TLS at all. In this case, you will need to: * Configure `argocd-repo-server` with TLS on the gRPC API disabled by specifying - the `--disable-tls` parameter to the pod container's startup arguments. - Also, consider restricting listening addresses to the loopback interface by specifying - `--listen 127.0.0.1` parameter, so that insecure endpoint is not exposed on - the pod's network interfaces, but still available to the side-car container. + the `--disable-tls` parameter to the pod container's startup arguments * Configure `argocd-server` and `argocd-application-controller` to not use TLS for connections to the `argocd-repo-server` by specifying the parameter `--repo-server-plaintext` to the pod container's startup arguments diff --git a/docs/operator-manual/upgrading/2.7-2.8.md b/docs/operator-manual/upgrading/2.7-2.8.md deleted file mode 100644 index 8ee91cdf984c6..0000000000000 --- a/docs/operator-manual/upgrading/2.7-2.8.md +++ /dev/null @@ -1,72 +0,0 @@ -# v2.7 to 2.8 - -## Support dropped for argocd-cm plugins - -Config Management Plugins installed via the argocd-cm ConfigMap will not work starting with v2.8. - -See the [migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) -to upgrade your plugin. - -## Tini as entrypoint - -With the 2.8 release `entrypoint.sh` will be removed from the containers, -because starting with 2.7, the implicit entrypoint is set to `tini` in the -`Dockerfile` explicitly, and the kubernetes manifests has been updated to use -it. Simply updating the containers without updating the deployment manifests -will result in pod startup failures, as the old manifests are relying on -`entrypoint.sh` instead of `tini`. Please make sure the manifests are updated -properly before moving to 2.8. - -## Filtering applied to cluster `List` API endpoint - -Prior to `v2.8`, the `List` endpoint on the `ClusterService` did **not** filter -clusters when responding, despite accepting query parameters. This bug has -been addressed, and query parameters are now taken into account to filter the -resulting list of clusters. - -## Configure RBAC to account for new actions - -2.8 introduces three new actions: -* Create a Job from a CronJob -* Create a Workflow from a CronWorkflow -* Create a Workflow from a WorkflowTemplate - -When you upgrade to 2.8, RBAC policies with `applications` in the *resource* -field and `*` or `action/*` in the action field, it will automatically grant the -ability to use these new actions. - -If you would like to avoid granting these new permissions, you can update your RBAC policies to be more specific. - -### Example - -Old: - -```csv -p, role:action-runner, applications, actions/, *, allow -``` - -New: - -```csv -p, role:action-runner, applications, action/argoproj.io/Rollout/abort, *, allow -p, role:action-runner, applications, action/argoproj.io/Rollout/promote-full, *, allow -p, role:action-runner, applications, action/argoproj.io/Rollout/retry, *, allow -p, role:action-runner, applications, action/argoproj.io/Rollout/resume, *, allow -p, role:action-runner, applications, action/argoproj.io/Rollout/restart, *, allow -p, role:action-runner, applications, action/argoproj.io/AnalysisRun/terminate, *, allow -p, role:action-runner, applications, action/apps/DaemonSet/restart, *, allow -p, role:action-runner, applications, action/apps/StatefulSet/restart, *, allow -p, role:action-runner, applications, action/apps/Deployment/pause, *, allow -p, role:action-runner, applications, action/apps/Deployment/resume, *, allow -p, role:action-runner, applications, action/apps/Deployment/restart, *, allow - -# If you don't want to grant the new permissions, don't include the following lines -p, role:action-runner, applications, action/argoproj.io/WorkflowTemplate/create-workflow, *, allow -p, role:action-runner, applications, action/argoproj.io/CronWorkflow/create-workflow, *, allow -p, role:action-runner, applications, action/batch/CronJob/create-job, *, allow -``` - -## Change default file open mode - -In version 2.7, the CMP plugin was changed to open Git/Helm files with all executable bits set (unless `preserveFileMode` was specified). -Version 2.8 removes the executable bits in cases where they are not necessary. diff --git a/docs/operator-manual/upgrading/overview.md b/docs/operator-manual/upgrading/overview.md index 419fc7bbb1353..0c1ede757c324 100644 --- a/docs/operator-manual/upgrading/overview.md +++ b/docs/operator-manual/upgrading/overview.md @@ -37,7 +37,6 @@ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/ -* [v2.7 to v2.8](./2.7-2.8.md) * [v2.6 to v2.7](./2.6-2.7.md) * [v2.5 to v2.6](./2.5-2.6.md) * [v2.4 to v2.5](./2.4-2.5.md) diff --git a/docs/operator-manual/user-management/index.md b/docs/operator-manual/user-management/index.md index 1b3b96cd72104..5bac93db92d06 100644 --- a/docs/operator-manual/user-management/index.md +++ b/docs/operator-manual/user-management/index.md @@ -44,24 +44,6 @@ Each user might have two capabilities: * apiKey - allows generating authentication tokens for API access * login - allows to login using UI -### Delete user - -In order to delete a user, you must remove the corresponding entry defined in the `argocd-cm` ConfigMap: - -Example: - -```bash -kubectl patch -n argocd cm argocd-cm --type='json' -p='[{"op": "remove", "path": "/data/accounts.alice"}]' -``` - -It is recommended to also remove the password entry in the `argocd-secret` Secret: - -Example: - -```bash -kubectl patch -n argocd secrets argocd-secret --type='json' -p='[{"op": "remove", "path": "/data/accounts.alice.password"}]' -``` - ### Disable admin user As soon as additional users are created it is recommended to disable `admin` user: diff --git a/docs/operator-manual/user-management/keycloak.md b/docs/operator-manual/user-management/keycloak.md index 6f0c99de0dec2..f43f82b3e0113 100644 --- a/docs/operator-manual/user-management/keycloak.md +++ b/docs/operator-manual/user-management/keycloak.md @@ -9,24 +9,19 @@ to determine privileges in Argo. ## Creating a new client in Keycloak First we need to setup a new client. Start by logging into your keycloak server, select the realm you want to use (`master` by default) -and then go to __Clients__ and click the __Create client__ button at the top. +and then go to __Clients__ and click the __create__ button top right. ![Keycloak add client](../../assets/keycloak-add-client.png "Keycloak add client") -Enable the __Client authentication__. +Configure the client by setting the __Access Type__ to _confidential_ and set the Valid Redirect URIs to the callback url for your ArgoCD +hostname. It should be https://{hostname}/auth/callback (you can also leave the default less secure https://{hostname}/* ). You can also set the +__Base URL__ to _/applications_. -![Keycloak add client Step 2](../../assets/keycloak-add-client_2.png "Keycloak add client Step 2") - -Configure the client by setting the __Root URL__, __Web origins__, __Admin URL__ to the hostname (https://{hostname}). - -Also you can set __Home URL__ to your _/applications_ path and __Valid Post logout redirect URIs__ to "+". - -The Valid Redirect URIs should be set to https://{hostname}/auth/callback (you can also set the less secure https://{hostname}/* for testing/development purposes, -but it's not recommended in production). +If you want to allow command line access, __Access Type__ must be set to _public_ and you also need to add http://localhost:8085/auth/callback in the list of Valid Redirect URIs. Then users can login using `argocd login {hostname} --sso`. ![Keycloak configure client](../../assets/keycloak-configure-client.png "Keycloak configure client") -Make sure to click __Save__. There should be a tab called __Credentials__. You can copy the Secret that we'll use in our ArgoCD +Make sure to click __Save__. You should now have a new tab called __Credentials__. You can copy the Secret that we'll use in our ArgoCD configuration. ![Keycloak client secret](../../assets/keycloak-client-secret.png "Keycloak client secret") @@ -39,18 +34,21 @@ To do this we'll start by creating a new __Client Scope__ called _groups_. ![Keycloak add scope](../../assets/keycloak-add-scope.png "Keycloak add scope") Once you've created the client scope you can now add a Token Mapper which will add the groups claim to the token when the client requests -the groups scope. In the Tab "Mappers", click on "Configure a new mapper" and choose __Group Membership__. -Make sure to set the __Name__ as well as the __Token Claim Name__ to _groups_. Also disable the "Full group path". +the groups scope. Make sure to set the __Name__ as well as the __Token Claim Name__ to _groups_. ![Keycloak groups mapper](../../assets/keycloak-groups-mapper.png "Keycloak groups mapper") -We can now configure the client to provide the _groups_ scope. Go back to the client we've created earlier and go to the Tab "Client Scopes". -Click on "Add client scope", choose the _groups_ scope and add it either to the __Default__ or to the __Optional__ Client Scope. If you put it in the Optional -category you will need to make sure that ArgoCD requests the scope in its OIDC configuration. Since we will always want group information, I recommend -using the Default category. +We can now configure the client to provide the _groups_ scope. You can now assign the _groups_ scope either to the __Assigned Default Client Scopes__ +or to the __Assigned Optional Client Scopes__. If you put it in the Optional category you will need to make sure that ArgoCD requests the scope in +it's OIDC configuration. ![Keycloak client scope](../../assets/keycloak-client-scope.png "Keycloak client scope") +Since we will always want group information, I recommend using the Default category. Make sure you click __Add selected__ +and that the _groups_ claim is in the correct list on the __right__. + +![Keycloak client scope selected](../../assets/keycloak-client-scope-selected.png "Keycloak client scope selected") + Create a group called _ArgoCDAdmins_ and have your current user join the group. ![Keycloak user group](../../assets/keycloak-user-group.png "Keycloak user group") diff --git a/docs/operator-manual/webhook.md b/docs/operator-manual/webhook.md index 1d5ad5ec79c96..9a93d6ff0208c 100644 --- a/docs/operator-manual/webhook.md +++ b/docs/operator-manual/webhook.md @@ -4,7 +4,7 @@ Argo CD polls Git repositories every three minutes to detect changes to the manifests. To eliminate this delay from polling, the API server can be configured to receive webhook events. Argo CD supports -Git webhook notifications from GitHub, GitLab, Bitbucket, Bitbucket Server, Azure DevOps and Gogs. The following explains how to configure +Git webhook notifications from GitHub, GitLab, Bitbucket, Bitbucket Server and Gogs. The following explains how to configure a Git webhook for GitHub, but the same process should be applicable to other providers. !!! note @@ -12,28 +12,19 @@ a Git webhook for GitHub, but the same process should be applicable to other pro the same. A hook event for a push to branch `x` will trigger a refresh for an app pointing at the same repo with `targetRevision: refs/tags/x`. -## 1. Create The WebHook In The Git Provider +### 1. Create The WebHook In The Git Provider In your Git provider, navigate to the settings page where webhooks can be configured. The payload URL configured in the Git provider should use the `/api/webhook` endpoint of your Argo CD instance (e.g. `https://argocd.example.com/api/webhook`). If you wish to use a shared secret, input an arbitrary value in the secret. This value will be used when configuring the webhook in the next step. -## Github - ![Add Webhook](../assets/webhook-config.png "Add Webhook") !!! note When creating the webhook in GitHub, the "Content type" needs to be set to "application/json". The default value "application/x-www-form-urlencoded" is not supported by the library used to handle the hooks -## Azure DevOps - -![Add Webhook](../assets/azure-devops-webhook-config.png "Add Webhook") - -Azure DevOps optionally supports securing the webhook using basic authentication. To use it, specify the username and password in the webhook configuration and configure the same username/password in `argocd-secret` Kubernetes secret in -`webhook.azuredevops.username` and `webhook.azuredevops.password` keys. - -## 2. Configure Argo CD With The WebHook Secret (Optional) +### 2. Configure Argo CD With The WebHook Secret (Optional) Configuring a webhook shared secret is optional, since Argo CD will still refresh applications related to the Git repository, even with unauthenticated webhook events. This is safe to do since @@ -45,14 +36,12 @@ In the `argocd-secret` kubernetes secret, configure one of the following keys wi provider's webhook secret configured in step 1. | Provider | K8s Secret Key | -|-----------------|----------------------------------| +|-----------------| ---------------------------------| | GitHub | `webhook.github.secret` | | GitLab | `webhook.gitlab.secret` | | BitBucket | `webhook.bitbucket.uuid` | | BitBucketServer | `webhook.bitbucketserver.secret` | | Gogs | `webhook.gogs.secret` | -| Azure DevOps | `webhook.azuredevops.username` | -| | `webhook.azuredevops.password` | Edit the Argo CD kubernetes secret: @@ -90,10 +79,6 @@ stringData: # gogs server webhook secret webhook.gogs.secret: shhhh! it's a gogs server secret - - # azuredevops username and password - webhook.azuredevops.username: admin - webhook.azuredevops.password: secret-password ``` After saving, the changes should take effect automatically. diff --git a/docs/proposals/002-ui-extensions.md b/docs/proposals/002-ui-extensions.md index 583888da68c66..8fa02d25fd11c 100644 --- a/docs/proposals/002-ui-extensions.md +++ b/docs/proposals/002-ui-extensions.md @@ -63,7 +63,7 @@ As an operator, I would like to configure Argo CD to perform pre-defined actions ## Proposal -A new `ArgoCDExtension` CRD would be introduced which will allow operators configure Argo CD to understand how to handle and visualize custom resources. Visualizing a object requires javascript to render the object, and health/actions require lua scripts. As such, the extension CR would need to point to some location where the javascript/lua code would be hosted. +A new `ArgoCDExtension` CRD would be introduced which will allow operators configure Argo CD to understand how to handle and visualize custom resources. Visualizing a object requires javascript to render the object, and health/actions require lua scripts. Aas such, the extension CR would need to point to some location where the javascript/lua code would be hosted. It is proposed that a git repository be used to contain the javascript code, as well as the lua scripts necessary to assess health or perform actions of a resource. diff --git a/docs/proposals/004-scalability-benchmarking.md b/docs/proposals/004-scalability-benchmarking.md deleted file mode 100644 index 43c44771850a7..0000000000000 --- a/docs/proposals/004-scalability-benchmarking.md +++ /dev/null @@ -1,122 +0,0 @@ ---- -title: Argo CD Scalability Benchmarking -authors: - - "@andklee" - - "@csantanapr" - - "@morey-tech" - - "@nimakaviani" -sponsors: - - -reviewers: - - - - -approvers: - - - - -creation-date: 2023-02-28 -last-updated: 2023-02-28 ---- - -# Argo CD Scalability Benchmarking - -## Open Questions [optional] -* What are the scalability factors to prioritize when benchmarking Argo CD? - * Reconciliation time for all, one, or several applications in the cluster. - -## Motivation -Users of Argo CD are interested to know how to scale Argo CD, what configuration tweaks and deployment options they have, and how far they can push resources (in terms of the number of supported applications, Git repositories, managing clusters, etc.). - -While the Argo CD documentation [discusses options](https://argo-cd.readthedocs.io/en/stable/operator-manual/high_availability/#scaling-up) to scale up, the actual process is not clear and, as articulated [in this thread](https://github.com/argoproj/argo-cd/issues/9633), oftentimes a point of confusion for users. - -By running large-scale benchmarking, we aim at helping the Argo CD community with the following: - -* Give confidence to organizations running at a significant scale (_needs to be quantified_) that Argo CD can support their use-case, with empirical evidence. -* Create clear guidelines for scaling Argo CD based on the key scalability factors. -* Provide recommendations for which topology is best suited for users based on their needs. -* Determine what work, if any, is needed to improve the scalability of Argo CD. - -### Goals -1. Create a standard set of repeatable benchmarking procedures to objectively measure the limitations of Argo CD. - 1. This may result in a new `argo-cd-benchmarking` repo under `argoproj-labs` so that anyone can easily replicate it and the development of the procedures can happen outside of the lifecycle for Argo CD (unlike [the current `gen-resources` hack](https://github.com/argoproj/argo-cd/tree/master/hack/gen-resources) in the main project). - 2. Include detailed test scenarios that account for key scalability factors that allow for easy tweaking of the parameters to simplify testing of alternative scenarios. -2. Determine the baseline for when tweaking is required on the default configuration (resource allocations and replicas). - 1. One cluster, Applications in In-cluster, default resource allocations. -3. Quantify how tweaking existing parameters (replicas, sharding, parallelism, etc) impacts the performance of Argo CD. -4. Provide a set of metrics and thresholds that will provide a basis for automatically scaling the Argo CD components and alerting for when performance is being impacted by limitations. -5. All tooling, recommendations, examples, and scenarios will be vendor-agnostic. -### Non-Goals -* This proposal does not intend to cover the implementation of any auto-scaling based on the metrics and thresholds determined by the scalability benchmarking. A separate proposal will be used for any auto-scaling enhancements. -* This proposal does not intend to add testing that determines how a change impacts the scalability of Argo CD based on the benchmarks. -* We do not intend to analyze the cost implications of running different topologies and purely focus on scalability requirements from a technology perspective. - -### Initial Members -The initial members for this proposal and their affiliations are: -| Name | Company | -|-----------------------------------------------------|-----------| -| [Andrew Lee](https://github.com/andklee) | AWS | -| [Carlos Santana](https://github.com/csantanapr) | AWS | -| [Nicholas Morey](https://github.com/morey-tech) | Akuity | -| [Nima Kaviani](https://github.com/nimakaviani) | AWS | - -With the introduction of [the proposed Scalability SIG](https://github.com/argoproj/argoproj/pull/192), the members participating in the proposal may change. - -Any community member is welcome to participate in the work for this proposal. Either by joining the Scalability SIG or through contributing to the proposed `argoproj-labs/argo-cd-benchmarking` repository containing the tooling. - -## Proposal -1. Create new `argo-cd-benchmarking` repo under `argoproj-labs` and add the authors of this proposal as maintainers. -2. Create a set of key scalability factors to use as testing parameters. For example: - 1. Number of Applications. - 2. Number of resources managed by an Application. - 3. Number of resources in a cluster. - 4. The size of the resources in a cluster and managed by an Application. - 5. Churn rate for resources in the cluster (how often resources change). - 6. Number of clusters. - 7. Number of repositories being monitored. - 8. Size of the repositories. - 9. The tooling (e.g., directory/raw manifests, Helm, Kustomize). -3. Determine the metrics that reflect limitations in scalability factors. - 1. Application sync time for x number of apps - 2. Emptying the queues (app_reconciliation_queue, app_operation_processing_queue) -4. Create automated testing procedures for Argo CD that take the key scalability factors as testing parameters. -5. Test the default installation of Argo CD to determine the limit based on the key scalability factors. -6. Create test scenarios that reflect the common topologies (Argo CD 1-1 with clusters, Argo CD 1-many with clusters). -7. Determine the thresholds for the metrics identified earlier to capture when performance is being impacted. - 1. Contribute back Grafana thresholds and alerts for Prometheus - -### Use cases -Each use case will cover a specific topology with N permutations based on the key scalability factors. They will be measured using the metrics given in the proposal. - -We intend to focus on two key topologies: one Argo CD per cluster and one Argo CD for all remote clusters. All other variations are an extension of these. - -#### Topology 1: One Argo CD per cluster. -The exact key scalability factors used in each permutation will be determined once we get to the testing. - -#### Topology 2: One Argo CD for all remote clusters. -This will capture the impact of network throughput on performance. - -#### Topology 3: One Namespaced Argo CD. -This instance will only manage namespace-level resources to determine the impact of monitoring cluster-scoped resources (related to the effect of resource churn in the cluster). - -### Implementation Details/Notes/Constraints [optional] -There is already some [tooling in the Argo CD repository](https://github.com/argoproj/argo-cd/pull/8037/files) for scalability testing. We plan to build on the existing effort and further push the boundaries of testing it. - -* Automatically set up supporting tooling for capturing metrics (Grafana, Prometheus) -* Use a local Gitea in the cluster to support many repositories used in testing, and avoid performance variance by depending on the performance of an external git SaaS (ie GitHub) -* Simulate the cluster and nodes using vcluster or kwok, in addition to using a cloud provider with a real cluster fleet. - * The simulated clusters and nodes are intended to make the testing accessible, but ultimately the infrastructure should be easily changed to test more realistic scenarios. Once the benchmarking tooling is functional, we can determine if the simulated components skew the results. - -Once we have the benchmarking tooling, we can determine if the simulated components skew the results compared to the real world. - -AWS intends to provide the infrastructure required to benchmark large-scale scenarios. - -### Security Considerations -There is no intention to change the security model of Argo CD and therefore this project has no direct security considerations. - -### Risks and Mitigations - -## Consider including folks that also work outside your immediate sub-project. - -## Drawbacks - -## Alternatives -* Implementing Argo CD into an environment than waiting for scaling issues to arise. Monitoring the metrics to understand what the limitations are to address them. Using arbitrary resource allocation and replica counts to avoid running into limitations. diff --git a/docs/proposals/applicationset-plugin-generator.md b/docs/proposals/applicationset-plugin-generator.md deleted file mode 100644 index 6a3b2ec484c8a..0000000000000 --- a/docs/proposals/applicationset-plugin-generator.md +++ /dev/null @@ -1,216 +0,0 @@ ---- -title: applicationset-plugin-generator -authors: - - "@binboum" - - "@scrocquesel" -sponsors: - - TBD -reviewers: - - TBD -approvers: - - "@alexmt" - - TBD - -creation-date: 2022-03-21 -last-updated: 2022-03-21 ---- - -# ApplicationSet `plugin` generator - -Provide a generator that request its values through a RPC call. - -## Summary - -ApplicationSet generators are useful for modeling templates using external data sources to deploy applications. - -Today, generators have been developed based on the needs of the community, and when a new need arises, it's necessary to modify the Appset codebase. - -The proposal here is to have a "plugin" generator that would allow extending the codebase according to specific needs, without having to modify it directly. - -## Motivation - -Using the current generators, we sometimes encounter a need that arises, which may or may not be useful for the community. In such cases, several procedures need to be undertaken to make the modification, and sometimes it may be rejected because it's not in everyone's interest. - -The plugin approach also reduces the burden on community developers by externalizing feature requests into plugins that are outside the Appset controller's scope. From a security and scalability perspective, this can be advantageous. - -With this approach, it becomes possible to offer a catalog of plugins and encourage people with specific needs to develop standalone plugins that are independent of the controller's codebase. - -### Goals - -Empowering community developers to develop and use plugins that extend the list of generators can be a significant advantage. It would be possible to offer a page listing plugins maintained by the community, which can help promote the development of a rich ecosystem of plugins for various use cases. This can enhance the overall user experience by providing more options for generating application templates. - -Additionally, allowing developers to create plugins and share them with the community can foster innovation and encourage experimentation with new features and functionalities. It can also reduce the workload on the Appset development team, enabling them to focus on core features and functionalities. - -Overall, giving autonomy to community developers through plugins is a practical way to enhance the Appset platform and provide more value to users. - -### Non-Goals - -The concept of the plugin should not undermine the spirit of GitOps by externalizing data outside of Git. The goal is to be complementary in specific contexts. - -For example, when using one of the PullRequest generators, it's impossible to retrieve parameters related to the CI (only the commit hash is available), which limits the possibilities. By using a plugin, it's possible to retrieve the necessary parameters from a separate data source and use them to extend the functionality of the generator. This approach allows for greater flexibility and can help overcome limitations imposed by GitOps. - -Overall, the use of plugins should be considered as a way to enhance the capabilities of existing tools and processes rather than as a replacement for them. By leveraging plugins, developers can take advantage of the strengths of different tools and technologies, resulting in a more robust and flexible development process. - -## Proposal - -### Add a new `generator` plugin - -``` -apiVersion: argoproj.io/v1alpha1 -kind: ApplicationSet -metadata: - name: fb-plugin - namespace: argo-system -spec: - generators: - - plugin: - configMapRef: fb-plugin - name: feature-branch-plugin - params: - repo: "my-repo" - branch: "my-branch" - requeueAfterSeconds: 10 - template: -... -``` - -### Add a configMap to configure the plugin - -The configMap name must match the configMapRef value in the plugin configuration. The configMap must be in the namespace of argo. - -``` -apiVersion: v1 -kind: ConfigMap -metadata: - name: fb-plugin - namespace: argo-system -data: - token: $plugin.myplugin.token # Alternatively $:plugin.myplugin.token - baseUrl: http://myplugin.plugin.svc.cluster.local -``` - -- token is used a a bearer token in the RPC request. It could be a [sensitive reference](https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/#sensitive-data-and-sso-client-secrets). - -### Reconciliation logic - -Here is a diagram describing what the plugin generator should do to get the params to return: - -```mermaid -sequenceDiagram - alt generator is plugin - Generator->>K8S: Get configmap {configMapRef} - K8S-->>Generator: (url,token) - Generator->>Plugin endpoint: POST {url}/v1/generator.getParams
Authorization: Bearer {token}
Content-Type: application/json
{params} - Plugin endpoint-->>Generator: []map{string}interface{} - end -``` - - -### Use cases - -#### Use case 1: -As a user, I would like to enrich PullRequest generator params with digests of images generated by the pull request CI pipeline. - -I could define a generator matrix like - -```yaml - generators: - - matrix: - generators: - - pullRequest: - github: - owner: binboum - repo: argo-test - labels: - - preview-matrix - tokenRef: - secretName: github-secret - key: token - - plugin: - configMapRef: cm-plugin - name: plugin-matrix - params: - repo: "argo-test" - branch: "{{.branch}}" -``` - -When pullRequest returns a new PR matching my labels, the plugin will be called with the branch name and would return a set of digests like - -```json -[ - { - "digestFront": "xxxxxxxx", - "digestBack": "xxxxxxxx", - } -] -``` - -Values can then be used in the template section : - -```yaml - template: - metadata: - name: "fb-matrix-{{.branch}}" - spec: - source: - repoURL: "git@github.com:binboum/argo-test.git" - targetRevision: "HEAD" - path: charts/app-client - helm: - releaseName: feature-test-matrix-{{.branch}} - valueFiles: - - values.yaml - values: | - front: - image: registry.my/argo-test/front:{{.branch}}@{{ .digestFront }} - back: - image: registry.my/argo-test/back:{{.branch}}@{{ .digestBack }} - destination: - server: https://kubernetes.default.svc - namespace: "{{.branch}}" -``` - -### Detailed examples - -### Security Considerations - -* Plugin server only has access to the params content. When deployed outside of the applicationset controller pod, operator must ensure the communication between applicationset controller and the plugin server is properly secured (https/network policy...). A few authentication mechanism are handled to help the plugin server authenticate the request. -* For now, the response payload is considered trusted and returned params are used as-is upstream - -### Risks and Mitigations - -TBD - -### Upgrade / Downgrade Strategy - -On the evolution of the plugin, and calls : - -The RPC method is standardized with a versioning system, which allows for a version parameter to be included in the API call. This makes it possible to avoid breaking changes in case of architecture changes in the future. - -Thought that the contract interface with the plugin server is kept simple to reduce future changes and breaking changes - -## Drawbacks - -No idea - -## Alternatives - -1. A design similar to Argo Workflow executor plugin : - - ``` - generators: - - plugin: - hello: {} - ``` - - A set of ConfigMaps or a specific CRDs to express configuration of the plugin endpoint would be walk by ApplicationSet server. For each configuration, call the plugin endpoint with the content of plugin until one return a valid response. - - Reconciliation should be fast as fast as possible and trying out every endpoint to figure out which one is able to handle the plugin payload could induce a lot of delay. - - Configuration rely on implicit and weakly typed convention which make the usage of the plugin less self documented. - -2. Plugin server as defacto sidecars - - Some magic could have inject a container image for the plugin in the ApplicationSet controller in a similar way, Argo Workflow does when creating a pod to execute a job. - - Require an external controler or manual configuration. The plugin would not scale independently of the ApplicationSet controller. \ No newline at end of file diff --git a/docs/proposals/feature-bounties.md b/docs/proposals/feature-bounties.md deleted file mode 100644 index a3b978bf0becb..0000000000000 --- a/docs/proposals/feature-bounties.md +++ /dev/null @@ -1,49 +0,0 @@ ---- -title: Offering Feature Bounties (Experimental) -authors: - - "@crenshaw-dev" - - "@todaywasawesome" -sponsors: - - "@jannfis" -reviewers: - - TBD -approvers: - - TBD - -creation-date: 2023-06-27 ---- -# Offering Feature Bounties (Experimental) - -## Summary -We'd like to have the ability to offer monetary rewards for significant features to be added to Argo. - -## Motivation -The Argo Project is driven by community contributions and in shared trust with maintainer companies. Sometimes there are important features worth investing in that represent substantial work and are tougher, or take longer to implement. - -By providing a financial incentive, we can spur additional development from the community and indepdent contributors. - -## Proposal -Add the ability to mark a proposal with a bounty and a specific amount. When a PR is successfully merged, release payment to the PR author(s). - -This proposal is experimental, meaning after trying a single bounty, we will review as a project and decide if we would like to continue this program. Accepting this proposal only constitutes the program for a single bounty as an experiment. - -### Guidelines and Rules - -#### Creating a Bounty -A bounty is a special proposal created under `docs/proposals/feature-bounties`. -* A bounty proposal may only be created by an existing Argo maintainer. -* The proposal document must be reviewed in regular maintainer meetings and an invitation for feedback will provide 7-days to comment. -* Bounty should have approval with [lazy-consensus](https://community.apache.org/committers/lazyConsensus.html) -* Once a bounty is created, they must be honored. -* Bounty progress will be tracked in a GitHub issue linked in the proposal. -* Creating a bounty requires the funds be available and not already committed elsewhere. - -#### Claiming a Bounty -* Argo will pay out bounties once a pull request implementing the requested features/changes/fixes is merged. -* A bounty is limited to a single successful PR. -* Those interested in working on the bounty are encouraged to comment on the issue, and users may team up to split a bounty if they prefer but collaboration is not required and users should not shame eachother for their preferences to work alone or together. -* A comment of interest does not constitute a claim and will not be treated as such. -* The first pull request submitted that is ready for merge will be reviewed by maintainers. Maintainers will also consider any competing pull requests submitted within 24-hours. We expect this will be a very rare circumstance. If multiple, high-quality, merge ready pull requests are submitted, 3-5 Approvers for the sub-project will vote to decide the final pull request merged. - -### Funding -The Argo Project has a small amount of funds from HackerOne bounties that can provide for a few feature bounties. \ No newline at end of file diff --git a/docs/proposals/native-ocp-support.md b/docs/proposals/native-ocp-support.md deleted file mode 100644 index 64918fde8904e..0000000000000 --- a/docs/proposals/native-ocp-support.md +++ /dev/null @@ -1,135 +0,0 @@ ---- -title: Argo CD first-class OCI support -authors: - - "@sabre1041" - - "@crenshaw-dev" - - "@todaywasawesome" - -sponsors: - - TBD -reviewers: - - "@alexmt" -approvers: - - "@alexmt" - -creation-date: 2023-05-09 ---- - -# Argo CD first-class OCI support - -Storing and retrieving manifests within in OCI registries - -## Summary - -Currently, Argo CD supports obtaining manifests from either a Git repository, a Helm chart repository, or a Helm chart stored within an OCI registry. Given that OCI registries are more frequently being used to store content aside from container images, introduce a mechanism for storing and retrieving manifests that can be used by any of the existing supported tools in any of the supported methods of representing assets that are to be applied to a Kubernetes environment. - - -## Motivation - -The industry is seeing a rapid adoption of OCI Artifacts as a method for storing and retrieving content. Adding support for sourcing resources stored in OCI artifacts not only provides immediate benefits, but opens up additional possible integrations in the future. - -**Dependency Reduction** - - At the present time, a user must have access to either a Git repository, or a remote Helm chart repository. Most users or enterprise organizations already have access to an OCI registry as it represents the primary source of image related content within a Kubernetes environment. By sourcing assets from OCI registries, no additional infrastructure is required in order to store a variety of content types simplifying the set of requirements in order to begin to fully leverage the capabilities of Argo CD. - -**Market Relevance** - -Argo CD continues to be one of the most popular GitOps tools in the industry. As the industry continues to evolve, other tools within the GitOps market have already began to adopt OCI artifacts as a source for storing and retrieving GitOps resources. - -### Goals - -* Enable the retrieval of resources stored as artifacts in OCI registries that are formatted in any of the supported options (Kustomize, Jsonnet, Helm, plain-manifest, CMPs, etc) -* Define a format for storing resources that can be processed by Argo CD as an OCI artifact including the composition and [Media Type(s)](https://github.com/opencontainers/image-spec/blob/main/media-types.md) -* Support the retrieval of artifacts from OCI registries using custom / self signed TLS certificates. -* Support the retrieval of artifacts from OCI registries requiring authentication. - -### Non-Goals - -* CLI Integration to package and publish resources in a format for storage in an OCI registry -* Attach metadata to OCI artifact manifest to provide additional details related to the content (such as original Git source [URL, revision]) - -## Proposal - -This is where we get down to details of what the proposal is about. - -### Use cases - -Add a list of detailed use cases this enhancement intends to take care of. - -#### Publishing and retrieval of content from OCI registries: - -As a user, I would like to make use of content that is represented by any of the supported options (Kustomize, Jsonnet, Helm, plain-manifest, etc) or those that could be consumed using a Config Management Plugin from an OCI registry. - -#### Authenticating to OCI registries: - -As a user, I would like to enforce proper security controls by requiring authentication to an OCI registry and configure Argo CD to be able to interact with this registry. - -#### CLI Integration: - -As a user, I would like the ability to produce, store and retrieve resources (pull/push) in a OCI registry using the Argo CD CLI. - -### Implementation Details/Notes/Constraints - -The Argo CD repo-server currently maintains two types of clients - Helm and git. By adding a third client, and invoking it in the same places as the other two, we can support OCI artifacts. - -It seems likely that we should create a new, common interface to represent all three clients. Then we can instantiate the client we need, toggling on whatever value in the repo config determines what kind of repo we're fetching from. - -#### Format of OCI Artifact - -An OCI artifact can contain any type of binary content. It is important that the content be formatted in a manner that can be consumed by Argo CD. - -#### Content - -Resources that is consumed by Argo CD can be represented by a series of files and folders. To be stored within an OCI artifact, these assets are stored within a compressed tar archive (.tar.gz) OCI layer. The [OCI Image Specification](https://specs.opencontainers.org/image-spec/) allows for metadata to be added through the use of annotations to provide attribute based details describing the included content. This level of detail is important as it satisfies many of the existing capabilities of Argo CD for tracking content, such as Git repository URL, branch name/revision. - - -#### Media Types - -The [OCI Image Specification](https://specs.opencontainers.org/image-spec/) makes extensive use of Media Types to identity the format of content. To provide not only a way that signifies the content of the OCI artifact contains Argo CD manifests, but to define the structure of the content. An understanding of the composition and requirements enable a broad ecosystem of tooling that can be used to produce and consume Argo CD resources within OCI registries. - -Two new Media Types will be used for this purpose as defined below: - -* `application/vnd.cncf.argoproj.argocd.content.v1.tar+gzip` - Primary asset stored within the OCI artifact containing a gzip compressed tar archive of Argo CD resources. Further details are outlined in the prior section. -* `application/vnd.cncf.argoproj.argocd.config.v1+json` - An [OCI Image Configuration](https://specs.opencontainers.org/image-spec/config/) - - -### Detailed examples - - -### Security Considerations - -The direct integration with an external endpoint from the core subsystem of Argo CD introduces several considerations as it relates to security. It is worthy to note that Argo CD currently does support sourcing Helm charts that are stored within OCI registries. However, this interaction is performed by Helm and its underlying library, [ORAS](https://oras.land), and not Argo CD itself. Capabilities included within this proposal can make use of the same libraries to facilitate the interaction. - -#### Credentials - -Security controls may be enforced within the OCI registry to enforce that clients authenticate. The introduction of additional mechanisms to authenticate against target systems is outside the scope of this proposal. However, an integration with existing capabilities and features, such as sourcing from _repository_ credentials is required. - - -### Risks and Mitigation's - -#### Overlap with existing Helm OCI integration - -Argo CD already includes support for sourcing Helm Charts from OCI registries and the retrieval is delegated to functionality provided by Helm. Considerations must be taken into account to determine whether the intent by the end user is to consume an OCI artifact containing Argo CD related resources or a Helm chart. One such method for addressing this concern is to inspect the `mediaType` of the OCI artifact. - - -### Upgrade / Downgrade Strategy - -If applicable, how will the component be upgraded and downgraded? Make sure this is in the test -plan. - -Consider the following in developing an upgrade/downgrade strategy for this enhancement: - -- What changes (in invocations, configurations, API use, etc.) is an existing cluster required to - make on upgrade in order to keep previous behavior? -- What changes (in invocations, configurations, API use, etc.) is an existing cluster required to - make on upgrade in order to make use of the enhancement? - -## Drawbacks - -* Sourcing content from an OCI registry may be perceived to be against GitOps principles as content is not sourced from a Git repository. This concern could be mitigated by attaching additional details related to the content (such as original Git source [URL, revision]). Though it should be noted that the GitOps principles only require a source of truth to be visioned and immutable which OCI registires support. - -## Alternatives - -### Config Management Plugin - -Content stored within OCI artifacts could be sourced using a Config Management Plugin which would not require changes to the core capabilities provided by Argo CD. However, this would be hacky and not represent itself within the Argo CD UI. \ No newline at end of file diff --git a/docs/proposals/rebalancing-clusters-across-shards-dynamically.md b/docs/proposals/rebalancing-clusters-across-shards-dynamically.md deleted file mode 100644 index 63ed973004cf5..0000000000000 --- a/docs/proposals/rebalancing-clusters-across-shards-dynamically.md +++ /dev/null @@ -1,142 +0,0 @@ ---- -title: Neat-enhancement-idea -authors: - - "@ishitasequeira" # Authors' github accounts here. -sponsors: - - TBD # List all interested parties here. -reviewers: - - "@alexmt" - - TBD -approvers: - - "@alexmt" - - TBD - -creation-date: yyyy-mm-dd -last-updated: yyyy-mm-dd ---- - -# Neat Enhancement Idea - -Rebalance clusters across shards automatically on changes to the number of available shards. - - -## Open Questions [optional] - -This is where to call out areas of the design that require closure before deciding to implement the -design. - - -## Summary - -Current implementation of sharding uses StatefulSet for the application controller and the goal is to move towards an agile stateless Deployment. Although the application controller does not have any state to preserve, stateful sets were used to get predictable hostnames and the serial number in the hostname was used to get the shard id of a particular instance. Using StatefulSet has the following limitations: - -Any change done to the StatefulSet would cause all the child pods to restart in a serial fashion. This makes scaling up/down of the application controller slow as even existing healthy instances need to be restarted as well. -Scaling up or down happens one at a time. If there are 10 instances and if scaled to 20, then the scaling happens one at a time, causing considerable delay for the scaling to complete. - -Each shard replica knows about the total number of available shards by evaluating the environment variable ARGOCD_CONTROLLER_REPLICAS, which needs to be kept up-to-date with the actual number of available replicas (shards). If the number of replicas does not equal the number set in ARGOCD_CONTROLLER_REPLICAS, sharding will not work as intended, leading to both, unused and overused replicas. As this environment variable is set on the StatefulSet and propagated to the pods, all the pods in the StatefulSet need to be restarted in order to pick up the new number of total shards. - -The current sharding mechanism relies on predictable pod names for the application controller to determine which shard a given replica should impersonate, e.g. the first replica of the StatefulSet (argocd-application-controller-0) will be the first shard, the second replica (argocd-application-controller-1) will be the second and so forth. - -## Motivation - -If the number of available shards is changed (i.e. one or more application controller replicas are added or removed), all pods in the statefulset have to be restarted so that the managed clusters are redistributed over the available shards. Additionally, the application controller workload is deployed as a StatefulSet, which is not intended for dynamic horizontal scaling. - -### Goals - -- Improve the application controller’s ability to scale horizontally with a growing number of clusters -- Remove the need to run application controller as a StatefulSet workload - -### Non-Goals - -- Expand the scope of sharding to other assets than clusters (e.g. applications) -- Make a single shard highly available (e.g. by having 2 or more replicas by shard) - -## Proposal - -### Why use Deployments instead of StatefulSet: -StatefulSet is a Kubernetes resource that manages multiple pods that have unique identities, and are not interchangeable (unlike a regular Kubernetes Deployment, in which pods are stateless and can be destroyed and recreated as often as needed). - -Stateless applications scale horizontally very easily as compared to stateful applications due to the fact that infrastructure allows adding as many computing resources as needed. Changing the StatefulSet to Deployments for Application Controller will allow us to dynamically scale the replicas without restarting existing application controller pods. Also, the shard to application controller assignment would help in making sure the shards are scaled and distributed across the available healhty replicas of application controllers. - -### Distributing shards among Application Controllers: - -Inorder to be able to accurately know which shards are being managed by which application-controller, especially in scenarios of redistribution of load, addition/removal of `application controller`, etc., we would need to have a mechanism to assign clusters to the shards. - -In most scenarios, the service account used by the application controller has read access to all the resources in the cluster. Thus, instead of setting the environment variable ARGOCD_CONTROLLER_REPLICAS representing the number of replicas, the number of replicas can be read directly from the number of healthy replicas of the application controller deployment. - -For other scenarios, some users install controller with only `argocd-application-controller-role` role and use it to manage remote clusters only. In this case, we would need to update the `argocd-application-controller-role` role and allow controller inspect it's own deployment and find out the number of replicas. - -The application controllers will claim one of the available shards by checking which shard is not present in the ConfigMap or is assigned to an unhealthy controller. We will store the assignment list of Application Controller to Shard in ConfigMap. The mapping of Application Controller to Shard will store the below information: - -* Name/Id of the shard -* Name of the Application Controller currently managing the shard -* Last time of successful update to ConfigMap (Heartbeat) - -The mapping will be updated in ConfigMap every X (heartbeat interval) seconds with the help of heartbeat process performed by every application controller. If the heartbeat was not performed by the application controller for a certain time, the application controller is assumed to be unhealthy and the number of healthy/managed shards would be reduced, that is, the number of healthy replicas of the application controller deployment changes. - -The heartbeat interval will be a configurable parameter initialized while setting up the application controller. This way, users will be able to control the frequency at which they want the heartbeat process to take place. - -As part of the readiness probe, we will also add a check whether application controller was able to claim a shard successfully or not. If the shard claim failed, the readiness probe will fail marking the controller as unhealthy. Anytime the number of healthy replicas of application controllers is different from the number of application controllers to shard mappings, we would re-distribute the clusters among the healthy replicas again. We can summarize the above statement using the below formula: - -``` -Number of Replicas ≠ Count of {Application Controller, Shard} mapping -``` - -The below logic can be used to perform application controller to shard assignment: - -1) If a new application controller is added, that is, a new shard is added, we would perform the re-distribution of clusters among the shards with the existing sharding algorithm being used. - -2) In scenarios when one of the application controllers is identified to be unhealthy, we will not trigger the re-ditribution of clusters across shards. The new instance of the application controller will claim this unassigned shard and start managing the shard. - -How will this work? -* The application controller will query the ConfigMap for the status of all the application controllers and last updated heartbeat timestamps. -* It will check if any application controller is flagged as Unhealthy or has not updated its status in ConfigMap during the heartbeat process for a certain period of time. -* If the status for an application controller was already flagged as Unhealthy, we will not re-trigger the redistribution of clusters across healthy shards. The new application controller will come online and try to claim this unassigned shard. -* If the status is not flagged and an application controller has not updated the last active timestamp in a long time, then we mark the Application Controller as Unhealthy and unassign the shard in the ConfigMap. - -*Note:* We will continue to use the cluster to shard assignment approach being used today. - -### Pros -* Every Application Controller would be able to take action on finding the distribution of load. -* Every Application Controller will monitor the status of Unhealthy shard and would be able to take action or flag for action. - -### Cons - -* ~~Possibility of race conditions while flagging the shard as Unhealthy during the heartbeat process. Although this can be handled using the [distributed locks](https://redis.io/docs/manual/patterns/distributed-locks/) in Redis.~~ -As we are using ConfigMap, this Con get's removed. Kubernetes would give conflict errors in case multiple edits are tried on the ConfigMap at the same time. We can leverage this error messages to avoid race conditions. - -* ~~In scenarios when Redis becomes unavailable, the heartbeat mechanism will pause working till the redis comes back online again. This will also pause the dynamic redistribution of clusters till Redis comes back online. The redistribution of clusters will be triggered again when Redis comes back online.~~ We would not see this issue by using ConfigMap instead of Redis. - - -### Security Considerations - -* This would be a breaking change of converting StatefulSets to Deployments. Any automation done by customers which is based on the assumption that the controller is modelled as a StatefulSet would break with this change. - -* ~~We would rely on Redis to store the current Application Controller to Shard mapping. In case the Redis is not available, it would not affect the regular working of ArgoCD. The dynamic distribution of clusters among healthy shards would stop working with the heartbeat process till Redis comes back up online, but the application controllers will continue managing their workloads.~~ We would not rely on Redis by using ConfigMap avoiding this issue. - - -### Upgrade / Downgrade Strategy - -* Working ArgoCD itself should not affected. An initial restart of all the application controller pods is expected when we switch from StatefulSet to Deployment or vice-versa. - -* There would be some initial delays in the reconciliation process during the transistion from StatefulSet to Deployment. If someone is not using sharding at all, they should not face any issues. - -## Alternatives - -An alternative approach would be to use Leader Election strategy. By implementing leader election, one of the healthy application controllers will be appointed as leader. The leader controller will be responsible for assigning clusters to the shards and balancing load across the shards. - -The leader controller will continue sending heartbeats to every replica controller and monitor the health of the controllers. In case one of the replica controllers crashes, the leader will distribute the shards managed by the unhealthy replica among the healthy replicas. - -If the leader goes down, the leader election process will be initiated among the healthy candidates and one of the candidates will be marked as leader who will perform the heartbeat process and redistribution of resources. - -One of the possible examples for selecting the leader is by checking the load handled by each healthy candidate and selecting the candidate which has the least load / number of resources running on it. - -### Pros of Leader Election - -* We can refrain from performing multiple calls to ConfigMap about the load and status of the shards and store it in a local cache within the leader while updating data in ConfigMap on a timely manner (for e.g. every 10 mins). -* Single leaders can easily offer clients consistency because they can see and control all the changes made to the state of the system. - - -### Cons of Leader Election -* A single leader is a single point of failure. If the leader becomes bad, that is, does not distribute clusters properly across shards, it is very difficult to identify or fix the bad behavior and can become a single point of failure -* A single leader means a single point of scaling, both in data size and request rate. When a leader-elected system needs to grow beyond a single leader, it requires a complete re-architecture. diff --git a/docs/proposals/respect-rbac-for-resource-exclusions.md b/docs/proposals/respect-rbac-for-resource-exclusions.md deleted file mode 100644 index fb4227638b6e7..0000000000000 --- a/docs/proposals/respect-rbac-for-resource-exclusions.md +++ /dev/null @@ -1,74 +0,0 @@ ---- -title: Respect RBAC for Resource Inclusions/Exclusions - -authors: -- "@gdsoumya" -- "@alexmt" - -sponsors: -- TBD - -reviewers: -- @jannfis - -approvers: -- @jannfis - -creation-date: 2023-05-03 - ---- - -# Enhancement Idea - -This is a proposal to provide the ability to configure argocd controller, to respect the current RBAC permissions -when handling resources besides the already existing resource inclusions and exclusions. - -## Summary - -Argo CD administrator will be able to configure in `argocd-cm`, whether to enable or disable(default) the feature where the controller will -only monitor resources that the current service account allows it to read. - -## Motivation - -Some users restrict the access of the argocd to specific resources using rbac and this feature will enable them to continue -using argocd without having to manually configure resource exclusions for all the resources that they don't want argocd to be managing. - -## Proposal - -The configuration for this will be present in the `argocd-cm`, we will add new boolean field `resource.respectRBAC` in the -cm which can be set to `true` to enable this feature, by default the feature is disabled. - -For the implementation there are 3 proposals : - -1. Modify `gitops-engine` pkg to make a `SelfSubjectAccessReview` request before adding any resource to the watch list, in this approach we are making an extra - api server call to check if controller has access to the resource, this does increase the no. of kubeapi calls made but is more accurate. -2. Modify `gitops-engine` pkg to check for forbidden/unauthorized errors when listing for resources, this is more efficient approach as the - no. of kubeapi calls made does not change, but there is a chance of false positives as similar errors can be returned from kubeapi server or env specific proxies in other situations -3. Combine approaches 1 and 2, in this controller will check the api response for the list call, and if it receives forbidden/unauthorized it will make the `SelfSubjectAccessReview` call. - This approach is accurate and at the same time, only makes extra api calls if the list calls fail in the first place. - -In all solutions, once controller determines that it does not have access to the resource it will stop monitoring it. - -### Implementation decision - -It was decided that we will go with approach 3 from the above list, but instead of a boolean flag we will have the `resource.respectRBAC` take 3 configuration options for the users : - - `strict` : This will perform both the checks i.e. whether the list call response is forbidden/unauthorized and if it is make the `SelfSubjectAccessReview` call to confirm. - - `normal` : This will only check whether the list call response is forbidden/unauthorized and skip `SelfSubjectAccessReview` call. - - unset/empty : This will disable the feature and controller will continue to monitor all resources. - -NOTE: By default `resource.respectRBAC` will be unset or `""` which disables the feature - -Users who are okay with an increase in kube api server calls can opt for strict option while users who are concerned with higher api calls can compromise on the accuracy and opt for the normal option. - -## Security Considerations and Risks - -There are no particular security risks associated with this change, this proposal rather improves the argocd controller -to not access/monitor resources that it does not have permission to access. - -## Upgrade / Downgrade Strategy - -There is no special upgrade strategy needed, all existing argocd configmaps will continue to work -and old configs without the `resource.respectRBAC` config will cause no change in argocd controllers behavior. - -While downgrading to older version, if the user had configured `resource.respectRBAC` previously this would be ignored completely -and argocd would revert to its default behavior of trying to monitor all resources. \ No newline at end of file diff --git a/docs/requirements.txt b/docs/requirements.txt index 09b5d35eb5d5b..ca3bc2f803744 100644 --- a/docs/requirements.txt +++ b/docs/requirements.txt @@ -1,6 +1,6 @@ mkdocs==1.3.0 mkdocs-material==7.1.8 markdown_include==0.6.0 -pygments==2.15.0 +pygments==2.7.4 jinja2==3.0.3 markdown==3.3.7 \ No newline at end of file diff --git a/docs/snyk/index.md b/docs/snyk/index.md index 3b38f8d119dc9..15bdb0b8916a9 100644 --- a/docs/snyk/index.md +++ b/docs/snyk/index.md @@ -15,61 +15,48 @@ recent minor releases. |---:|:--------:|:----:|:------:|:---:| | [go.mod](master/argocd-test.html) | 0 | 0 | 0 | 0 | | [ui/yarn.lock](master/argocd-test.html) | 0 | 0 | 0 | 0 | -| [dex:v2.37.0](master/ghcr.io_dexidp_dex_v2.37.0.html) | 0 | 0 | 3 | 0 | -| [haproxy:2.6.14-alpine](master/haproxy_2.6.14-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:latest](master/quay.io_argoproj_argocd_latest.html) | 0 | 0 | 2 | 15 | -| [redis:7.0.11-alpine](master/redis_7.0.11-alpine.html) | 0 | 0 | 3 | 0 | +| [dex:v2.35.3](master/ghcr.io_dexidp_dex_v2.35.3.html) | 0 | 3 | 1 | 0 | +| [haproxy:2.6.9-alpine](master/haproxy_2.6.9-alpine.html) | 0 | 0 | 0 | 0 | +| [argocd:latest](master/quay.io_argoproj_argocd_latest.html) | 0 | 0 | 0 | 14 | +| [redis:7.0.9-alpine](master/redis_7.0.9-alpine.html) | 0 | 0 | 0 | 0 | | [install.yaml](master/argocd-iac-install.html) | - | - | - | - | | [namespace-install.yaml](master/argocd-iac-namespace-install.html) | - | - | - | - | -### v2.8.0-rc7 +### v2.6.6 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.8.0-rc7/argocd-test.html) | 0 | 1 | 0 | 0 | -| [ui/yarn.lock](v2.8.0-rc7/argocd-test.html) | 0 | 0 | 0 | 0 | -| [dex:v2.37.0](v2.8.0-rc7/ghcr.io_dexidp_dex_v2.37.0.html) | 0 | 0 | 3 | 0 | -| [haproxy:2.6.14-alpine](v2.8.0-rc7/haproxy_2.6.14-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:v2.8.0-rc7](v2.8.0-rc7/quay.io_argoproj_argocd_v2.8.0-rc7.html) | 0 | 0 | 2 | 15 | -| [redis:7.0.11-alpine](v2.8.0-rc7/redis_7.0.11-alpine.html) | 0 | 0 | 3 | 0 | -| [install.yaml](v2.8.0-rc7/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.8.0-rc7/argocd-iac-namespace-install.html) | - | - | - | - | +| [go.mod](v2.6.6/argocd-test.html) | 0 | 0 | 0 | 0 | +| [ui/yarn.lock](v2.6.6/argocd-test.html) | 0 | 0 | 0 | 0 | +| [dex:v2.35.3](v2.6.6/ghcr.io_dexidp_dex_v2.35.3.html) | 0 | 3 | 1 | 0 | +| [haproxy:2.6.9-alpine](v2.6.6/haproxy_2.6.9-alpine.html) | 0 | 0 | 0 | 0 | +| [argocd:v2.6.6](v2.6.6/quay.io_argoproj_argocd_v2.6.6.html) | 0 | 0 | 0 | 14 | +| [redis:7.0.8-alpine](v2.6.6/redis_7.0.8-alpine.html) | 0 | 0 | 0 | 0 | +| [install.yaml](v2.6.6/argocd-iac-install.html) | - | - | - | - | +| [namespace-install.yaml](v2.6.6/argocd-iac-namespace-install.html) | - | - | - | - | -### v2.7.11 +### v2.5.15 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.7.11/argocd-test.html) | 0 | 0 | 0 | 0 | -| [ui/yarn.lock](v2.7.11/argocd-test.html) | 0 | 1 | 0 | 0 | -| [dex:v2.37.0](v2.7.11/ghcr.io_dexidp_dex_v2.37.0.html) | 0 | 0 | 3 | 0 | -| [haproxy:2.6.14-alpine](v2.7.11/haproxy_2.6.14-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:v2.7.11](v2.7.11/quay.io_argoproj_argocd_v2.7.11.html) | 0 | 0 | 2 | 15 | -| [redis:7.0.11-alpine](v2.7.11/redis_7.0.11-alpine.html) | 0 | 0 | 3 | 0 | -| [install.yaml](v2.7.11/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.7.11/argocd-iac-namespace-install.html) | - | - | - | - | +| [go.mod](v2.5.15/argocd-test.html) | 0 | 0 | 2 | 0 | +| [ui/yarn.lock](v2.5.15/argocd-test.html) | 0 | 0 | 4 | 0 | +| [dex:v2.35.3](v2.5.15/ghcr.io_dexidp_dex_v2.35.3.html) | 0 | 3 | 1 | 0 | +| [haproxy:2.6.9-alpine](v2.5.15/haproxy_2.6.9-alpine.html) | 0 | 0 | 0 | 0 | +| [argocd:v2.5.15](v2.5.15/quay.io_argoproj_argocd_v2.5.15.html) | 0 | 0 | 0 | 14 | +| [redis:7.0.8-alpine](v2.5.15/redis_7.0.8-alpine.html) | 0 | 0 | 0 | 0 | +| [install.yaml](v2.5.15/argocd-iac-install.html) | - | - | - | - | +| [namespace-install.yaml](v2.5.15/argocd-iac-namespace-install.html) | - | - | - | - | -### v2.6.14 +### v2.4.27 | | Critical | High | Medium | Low | |---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.6.14/argocd-test.html) | 0 | 0 | 0 | 0 | -| [ui/yarn.lock](v2.6.14/argocd-test.html) | 0 | 1 | 0 | 0 | -| [dex:v2.37.0](v2.6.14/ghcr.io_dexidp_dex_v2.37.0.html) | 0 | 0 | 3 | 0 | -| [haproxy:2.6.14-alpine](v2.6.14/haproxy_2.6.14-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:v2.6.14](v2.6.14/quay.io_argoproj_argocd_v2.6.14.html) | 0 | 0 | 2 | 15 | -| [redis:7.0.11-alpine](v2.6.14/redis_7.0.11-alpine.html) | 0 | 0 | 3 | 0 | -| [install.yaml](v2.6.14/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.6.14/argocd-iac-namespace-install.html) | - | - | - | - | - -### v2.5.22 - -| | Critical | High | Medium | Low | -|---:|:--------:|:----:|:------:|:---:| -| [go.mod](v2.5.22/argocd-test.html) | 0 | 0 | 2 | 0 | -| [ui/yarn.lock](v2.5.22/argocd-test.html) | 0 | 1 | 4 | 0 | -| [dex:v2.37.0](v2.5.22/ghcr.io_dexidp_dex_v2.37.0.html) | 0 | 0 | 3 | 0 | -| [haproxy:2.6.14-alpine](v2.5.22/haproxy_2.6.14-alpine.html) | 0 | 0 | 0 | 0 | -| [argocd:v2.5.22](v2.5.22/quay.io_argoproj_argocd_v2.5.22.html) | 0 | 0 | 2 | 15 | -| [redis:7.0.11-alpine](v2.5.22/redis_7.0.11-alpine.html) | 0 | 0 | 3 | 0 | -| [install.yaml](v2.5.22/argocd-iac-install.html) | - | - | - | - | -| [namespace-install.yaml](v2.5.22/argocd-iac-namespace-install.html) | - | - | - | - | +| [go.mod](v2.4.27/argocd-test.html) | 0 | 0 | 2 | 0 | +| [ui/yarn.lock](v2.4.27/argocd-test.html) | 0 | 0 | 4 | 0 | +| [dex:v2.35.3](v2.4.27/ghcr.io_dexidp_dex_v2.35.3.html) | 0 | 3 | 1 | 0 | +| [haproxy:2.0.31-alpine](v2.4.27/haproxy_2.0.31-alpine.html) | 0 | 0 | 0 | 0 | +| [argocd:v2.4.27](v2.4.27/quay.io_argoproj_argocd_v2.4.27.html) | 0 | 0 | 0 | 14 | +| [redis:7.0.8-alpine](v2.4.27/redis_7.0.8-alpine.html) | 0 | 0 | 0 | 0 | +| [install.yaml](v2.4.27/argocd-iac-install.html) | - | - | - | - | +| [namespace-install.yaml](v2.4.27/argocd-iac-namespace-install.html) | - | - | - | - | diff --git a/docs/snyk/master/argocd-iac-install.html b/docs/snyk/master/argocd-iac-install.html index 28eeb9c116c57..d21f59634efec 100644 --- a/docs/snyk/master/argocd-iac-install.html +++ b/docs/snyk/master/argocd-iac-install.html @@ -456,7 +456,7 @@

Snyk test report

-

August 13th 2023, 12:16:02 am (UTC+00:00)

+

March 19th 2023, 12:18:26 am

Scanned the following path: @@ -466,7 +466,7 @@

Snyk test report

-
40 total issues
+
41 total issues
@@ -494,7 +494,7 @@

Role with dangerous permissions

  • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
  • Introduced through: @@ -507,7 +507,7 @@

    Role with dangerous permissions

  • - Line number: 18478 + Line number: 15319
@@ -524,7 +524,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -540,7 +540,7 @@

Role with dangerous permissions

  • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
  • Introduced through: @@ -553,7 +553,7 @@

    Role with dangerous permissions

  • - Line number: 18555 + Line number: 15396
@@ -570,7 +570,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -586,7 +586,7 @@

Role with dangerous permissions

  • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
  • Introduced through: @@ -599,7 +599,7 @@

    Role with dangerous permissions

  • - Line number: 18583 + Line number: 15424
@@ -616,7 +616,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -632,7 +632,7 @@

Role with dangerous permissions

  • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
  • Introduced through: @@ -645,7 +645,7 @@

    Role with dangerous permissions

  • - Line number: 18631 + Line number: 15472
@@ -662,7 +662,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -678,7 +678,7 @@

Role with dangerous permissions

  • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
  • Introduced through: @@ -691,7 +691,7 @@

    Role with dangerous permissions

  • - Line number: 18613 + Line number: 15454
@@ -708,7 +708,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -724,7 +724,7 @@

Role with dangerous permissions

  • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
  • Introduced through: @@ -737,7 +737,7 @@

    Role with dangerous permissions

  • - Line number: 18647 + Line number: 15488
@@ -754,7 +754,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -770,11 +770,11 @@

Container could be running with outdated image

  • - Public ID: SNYK-CC-K8S-42 + Public ID: SNYK-CC-K8S-42
  • Introduced through: - [DocId: 45] + [DocId: 46] spec @@ -789,7 +789,7 @@

    Container could be running with outdated image

  • - Line number: 19744 + Line number: 16512
@@ -806,7 +806,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -822,11 +822,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 41] + [DocId: 42] input @@ -847,7 +847,7 @@

    Container has no CPU limit

  • - Line number: 19119 + Line number: 15969
@@ -864,7 +864,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -880,11 +880,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 42] + [DocId: 43] input @@ -905,7 +905,7 @@

    Container has no CPU limit

  • - Line number: 19352 + Line number: 16141
@@ -922,7 +922,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -938,11 +938,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 42] + [DocId: 43] input @@ -963,7 +963,7 @@

    Container has no CPU limit

  • - Line number: 19318 + Line number: 16107
@@ -980,7 +980,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -996,11 +996,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 43] + [DocId: 44] input @@ -1021,7 +1021,7 @@

    Container has no CPU limit

  • - Line number: 19412 + Line number: 16201
@@ -1038,7 +1038,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1054,11 +1054,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 44] + [DocId: 45] input @@ -1079,7 +1079,7 @@

    Container has no CPU limit

  • - Line number: 19499 + Line number: 16275
@@ -1096,7 +1096,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1112,11 +1112,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 45] + [DocId: 46] input @@ -1137,7 +1137,7 @@

    Container has no CPU limit

  • - Line number: 19744 + Line number: 16512
@@ -1154,7 +1154,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1170,11 +1170,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 45] + [DocId: 46] input @@ -1195,7 +1195,7 @@

    Container has no CPU limit

  • - Line number: 19556 + Line number: 16334
@@ -1212,7 +1212,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1228,11 +1228,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 46] + [DocId: 47] input @@ -1253,7 +1253,7 @@

    Container has no CPU limit

  • - Line number: 19829 + Line number: 16597
@@ -1270,7 +1270,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1286,11 +1286,11 @@

Container has no CPU limit

  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
  • Introduced through: - [DocId: 47] + [DocId: 48] input @@ -1311,7 +1311,7 @@

    Container has no CPU limit

  • - Line number: 20145 + Line number: 16901
@@ -1328,7 +1328,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1344,11 +1344,11 @@

Container is running with multiple open ports

  • - Public ID: SNYK-CC-K8S-36 + Public ID: SNYK-CC-K8S-36
  • Introduced through: - [DocId: 42] + [DocId: 43] spec @@ -1363,7 +1363,7 @@

    Container is running with multiple open ports

  • - Line number: 19332 + Line number: 16121
@@ -1380,7 +1380,63 @@

Remediation

-

More about this issue

+

More about this issue

+
+ + +
+

Container is running with writable root filesystem

+
+ +
+ low severity +
+ +
+ +
    +
  • + Public ID: SNYK-CC-K8S-8 +
    • + +
  • Introduced through: + [DocId: 45] + + input + + spec + + template + + spec + + containers[redis] + + securityContext + + readOnlyRootFilesystem + +
    • + +
  • + Line number: 16288 +
    • +
+ +
+ +

Impact

+

Compromised process could abuse writable root filesystem to elevate privileges

+ +

Remediation

+

Set `securityContext.readOnlyRootFilesystem` to `true`

+ + +
+
+ +
+

More about this issue

@@ -1396,11 +1452,11 @@

Container is running without liveness probe

  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
  • Introduced through: - [DocId: 41] + [DocId: 42] spec @@ -1415,7 +1471,7 @@

    Container is running without liveness probe

  • - Line number: 19119 + Line number: 15969
@@ -1432,7 +1488,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1448,11 +1504,11 @@

Container is running without liveness probe

  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
  • Introduced through: - [DocId: 42] + [DocId: 43] spec @@ -1467,7 +1523,7 @@

    Container is running without liveness probe

  • - Line number: 19318 + Line number: 16107
@@ -1484,7 +1540,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1500,11 +1556,11 @@

Container is running without liveness probe

  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
  • Introduced through: - [DocId: 42] + [DocId: 43] spec @@ -1519,7 +1575,7 @@

    Container is running without liveness probe

  • - Line number: 19352 + Line number: 16141
@@ -1536,7 +1592,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1552,11 +1608,11 @@

Container is running without liveness probe

  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
  • Introduced through: - [DocId: 44] + [DocId: 45] spec @@ -1571,7 +1627,7 @@

    Container is running without liveness probe

  • - Line number: 19499 + Line number: 16275
@@ -1588,7 +1644,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1604,11 +1660,11 @@

Container is running without liveness probe

  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
  • Introduced through: - [DocId: 45] + [DocId: 46] spec @@ -1623,7 +1679,7 @@

    Container is running without liveness probe

  • - Line number: 19744 + Line number: 16512
@@ -1640,7 +1696,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1656,11 +1712,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 41] + [DocId: 42] input @@ -1681,7 +1737,7 @@

    Container is running without memory limit

  • - Line number: 19119 + Line number: 15969
@@ -1698,7 +1754,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1714,11 +1770,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 42] + [DocId: 43] input @@ -1739,7 +1795,7 @@

    Container is running without memory limit

  • - Line number: 19318 + Line number: 16107
@@ -1756,7 +1812,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1772,11 +1828,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 42] + [DocId: 43] input @@ -1797,7 +1853,7 @@

    Container is running without memory limit

  • - Line number: 19352 + Line number: 16141
@@ -1814,7 +1870,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1830,11 +1886,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 43] + [DocId: 44] input @@ -1855,7 +1911,7 @@

    Container is running without memory limit

  • - Line number: 19412 + Line number: 16201
@@ -1872,7 +1928,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1888,11 +1944,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 44] + [DocId: 45] input @@ -1913,7 +1969,7 @@

    Container is running without memory limit

  • - Line number: 19499 + Line number: 16275
@@ -1930,7 +1986,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -1946,11 +2002,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 45] + [DocId: 46] input @@ -1971,7 +2027,7 @@

    Container is running without memory limit

  • - Line number: 19744 + Line number: 16512
@@ -1988,7 +2044,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -2004,11 +2060,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 45] + [DocId: 46] input @@ -2029,7 +2085,7 @@

    Container is running without memory limit

  • - Line number: 19556 + Line number: 16334
@@ -2046,7 +2102,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -2062,11 +2118,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 46] + [DocId: 47] input @@ -2087,7 +2143,7 @@

    Container is running without memory limit

  • - Line number: 19829 + Line number: 16597
@@ -2104,7 +2160,7 @@

Remediation

-

More about this issue

+

More about this issue

@@ -2120,11 +2176,11 @@

Container is running without memory limit

  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
  • Introduced through: - [DocId: 47] + [DocId: 48] input @@ -2145,7 +2201,7 @@

    Container is running without memory limit

  • - Line number: 20145 + Line number: 16901
@@ -2162,12 +2218,12 @@

Remediation

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2178,11 +2234,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 41] + [DocId: 42] input @@ -2201,7 +2257,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 19242 + Line number: 16044
@@ -2211,19 +2267,19 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2234,11 +2290,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 42] + [DocId: 43] input @@ -2257,7 +2313,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 19360 + Line number: 16149
@@ -2267,19 +2323,19 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2290,11 +2346,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 42] + [DocId: 43] input @@ -2313,7 +2369,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 19335 + Line number: 16124
@@ -2323,19 +2379,19 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2346,11 +2402,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 43] + [DocId: 44] input @@ -2369,7 +2425,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 19433 + Line number: 16209
@@ -2379,19 +2435,19 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2402,11 +2458,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 44] + [DocId: 45] input @@ -2425,7 +2481,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 19509 + Line number: 16288
@@ -2435,19 +2491,19 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2458,11 +2514,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 45] + [DocId: 46] input @@ -2481,7 +2537,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 19751 + Line number: 16519
@@ -2491,19 +2547,19 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2514,11 +2570,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 45] + [DocId: 46] input @@ -2537,7 +2593,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 19717 + Line number: 16485
@@ -2547,19 +2603,19 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2570,11 +2626,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 46] + [DocId: 47] input @@ -2593,7 +2649,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 20055 + Line number: 16811
@@ -2603,19 +2659,19 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

-

Container's or Pod's UID could clash with host's UID

+

Container's UID could clash with host's UID

@@ -2626,11 +2682,11 @@

Container's or Pod's UID could clash with hos
  • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
  • Introduced through: - [DocId: 47] + [DocId: 48] input @@ -2649,7 +2705,7 @@

    Container's or Pod's UID could clash with hos

  • - Line number: 20293 + Line number: 17037
@@ -2659,14 +2715,14 @@

Impact

UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

Remediation

-

Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

+

Set `securityContext.runAsUser` value to greater or equal than 10000

-

More about this issue

+

More about this issue

diff --git a/docs/snyk/master/argocd-iac-namespace-install.html b/docs/snyk/master/argocd-iac-namespace-install.html index 39cbb14b7d533..b8dd115ad04b1 100644 --- a/docs/snyk/master/argocd-iac-namespace-install.html +++ b/docs/snyk/master/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

Snyk test report

-

August 13th 2023, 12:16:14 am (UTC+00:00)

+

March 19th 2023, 12:18:41 am

Scanned the following path: @@ -466,7 +466,7 @@

Snyk test report

-
40 total issues
+
41 total issues
@@ -494,7 +494,7 @@

Role with dangerous permissions

-

More about this issue

+

More about this issue

@@ -540,7 +540,7 @@

Role with dangerous permissions

-

More about this issue

+

More about this issue

@@ -586,7 +586,7 @@

Role with dangerous permissions

-

More about this issue

+

More about this issue

@@ -632,7 +632,7 @@

Role with dangerous permissions

-

More about this issue

+

More about this issue

@@ -678,7 +678,7 @@

Role with dangerous permissions

  • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
  • Introduced through: @@ -708,7 +708,7 @@

    Remediation

    -

    More about this issue

    +

    More about this issue

    @@ -724,7 +724,7 @@

    Role with dangerous permissions

    • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
    • Introduced through: @@ -754,7 +754,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -770,11 +770,11 @@

      Container could be running with outdated image

      • - Public ID: SNYK-CC-K8S-42 + Public ID: SNYK-CC-K8S-42
      • Introduced through: - [DocId: 38] + [DocId: 39] spec @@ -789,7 +789,7 @@

        Container could be running with outdated image

      • - Line number: 1250 + Line number: 1177
      @@ -806,7 +806,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -822,11 +822,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 34] + [DocId: 35] input @@ -847,7 +847,7 @@

        Container has no CPU limit

      • - Line number: 625 + Line number: 634
      @@ -864,7 +864,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -880,11 +880,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 35] + [DocId: 36] input @@ -905,7 +905,7 @@

        Container has no CPU limit

      • - Line number: 858 + Line number: 806
      @@ -922,7 +922,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -938,11 +938,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 35] + [DocId: 36] input @@ -963,7 +963,7 @@

        Container has no CPU limit

      • - Line number: 824 + Line number: 772
      @@ -980,7 +980,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -996,11 +996,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 36] + [DocId: 37] input @@ -1021,7 +1021,7 @@

        Container has no CPU limit

      • - Line number: 918 + Line number: 866
      @@ -1038,7 +1038,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1054,11 +1054,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 37] + [DocId: 38] input @@ -1079,7 +1079,7 @@

        Container has no CPU limit

      • - Line number: 1005 + Line number: 940
      @@ -1096,7 +1096,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1112,11 +1112,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 38] + [DocId: 39] input @@ -1137,7 +1137,7 @@

        Container has no CPU limit

      • - Line number: 1250 + Line number: 1177
      @@ -1154,7 +1154,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1170,11 +1170,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 38] + [DocId: 39] input @@ -1195,7 +1195,7 @@

        Container has no CPU limit

      • - Line number: 1062 + Line number: 999
      @@ -1212,7 +1212,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1228,11 +1228,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 39] + [DocId: 40] input @@ -1253,7 +1253,7 @@

        Container has no CPU limit

      • - Line number: 1335 + Line number: 1262
      @@ -1270,7 +1270,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1286,11 +1286,11 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: - [DocId: 40] + [DocId: 41] input @@ -1311,7 +1311,7 @@

        Container has no CPU limit

      • - Line number: 1651 + Line number: 1566
      @@ -1328,7 +1328,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1344,11 +1344,11 @@

      Container is running with multiple open ports

      • - Public ID: SNYK-CC-K8S-36 + Public ID: SNYK-CC-K8S-36
      • Introduced through: - [DocId: 35] + [DocId: 36] spec @@ -1363,7 +1363,7 @@

        Container is running with multiple open ports

      • - Line number: 838 + Line number: 786
      @@ -1380,7 +1380,63 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      +
      + + +
      +

      Container is running with writable root filesystem

      +
      + +
      + low severity +
      + +
      + +
        +
      • + Public ID: SNYK-CC-K8S-8 +
        • + +
      • Introduced through: + [DocId: 38] + + input + + spec + + template + + spec + + containers[redis] + + securityContext + + readOnlyRootFilesystem + +
        • + +
      • + Line number: 953 +
        • +
      + +
      + +

      Impact

      +

      Compromised process could abuse writable root filesystem to elevate privileges

      + +

      Remediation

      +

      Set `securityContext.readOnlyRootFilesystem` to `true`

      + + +
      +
      + +
      +

      More about this issue

      @@ -1396,11 +1452,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 34] + [DocId: 35] spec @@ -1415,7 +1471,7 @@

        Container is running without liveness probe

      • - Line number: 625 + Line number: 634
      @@ -1432,7 +1488,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1448,11 +1504,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 35] + [DocId: 36] spec @@ -1467,7 +1523,7 @@

        Container is running without liveness probe

      • - Line number: 824 + Line number: 772
      @@ -1484,7 +1540,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1500,11 +1556,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 35] + [DocId: 36] spec @@ -1519,7 +1575,7 @@

        Container is running without liveness probe

      • - Line number: 858 + Line number: 806
      @@ -1536,7 +1592,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1552,11 +1608,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 37] + [DocId: 38] spec @@ -1571,7 +1627,7 @@

        Container is running without liveness probe

      • - Line number: 1005 + Line number: 940
      @@ -1588,7 +1644,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1604,11 +1660,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 38] + [DocId: 39] spec @@ -1623,7 +1679,7 @@

        Container is running without liveness probe

      • - Line number: 1250 + Line number: 1177
      @@ -1640,7 +1696,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1656,11 +1712,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 34] + [DocId: 35] input @@ -1681,7 +1737,7 @@

        Container is running without memory limit

      • - Line number: 625 + Line number: 634
      @@ -1698,7 +1754,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1714,11 +1770,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 35] + [DocId: 36] input @@ -1739,7 +1795,7 @@

        Container is running without memory limit

      • - Line number: 824 + Line number: 772
      @@ -1756,7 +1812,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1772,11 +1828,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 35] + [DocId: 36] input @@ -1797,7 +1853,7 @@

        Container is running without memory limit

      • - Line number: 858 + Line number: 806
      @@ -1814,7 +1870,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1830,11 +1886,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 36] + [DocId: 37] input @@ -1855,7 +1911,7 @@

        Container is running without memory limit

      • - Line number: 918 + Line number: 866
      @@ -1872,7 +1928,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1888,11 +1944,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 37] + [DocId: 38] input @@ -1913,7 +1969,7 @@

        Container is running without memory limit

      • - Line number: 1005 + Line number: 940
      @@ -1930,7 +1986,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1946,11 +2002,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 38] + [DocId: 39] input @@ -1971,7 +2027,7 @@

        Container is running without memory limit

      • - Line number: 1250 + Line number: 1177
      @@ -1988,7 +2044,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2004,11 +2060,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 38] + [DocId: 39] input @@ -2029,7 +2085,7 @@

        Container is running without memory limit

      • - Line number: 1062 + Line number: 999
      @@ -2046,7 +2102,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2062,11 +2118,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 39] + [DocId: 40] input @@ -2087,7 +2143,7 @@

        Container is running without memory limit

      • - Line number: 1335 + Line number: 1262
      @@ -2104,7 +2160,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2120,11 +2176,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 40] + [DocId: 41] input @@ -2145,7 +2201,7 @@

        Container is running without memory limit

      • - Line number: 1651 + Line number: 1566
      @@ -2162,12 +2218,12 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2178,11 +2234,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 34] + [DocId: 35] input @@ -2201,7 +2257,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 748 + Line number: 709
      @@ -2211,19 +2267,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2234,11 +2290,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 35] + [DocId: 36] input @@ -2257,7 +2313,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 866 + Line number: 814
      @@ -2267,19 +2323,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2290,11 +2346,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 35] + [DocId: 36] input @@ -2313,7 +2369,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 841 + Line number: 789
      @@ -2323,19 +2379,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2346,11 +2402,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 36] + [DocId: 37] input @@ -2369,7 +2425,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 939 + Line number: 874
      @@ -2379,19 +2435,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2402,11 +2458,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 37] + [DocId: 38] input @@ -2425,7 +2481,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1015 + Line number: 953
      @@ -2435,19 +2491,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2458,11 +2514,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 38] + [DocId: 39] input @@ -2481,7 +2537,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1257 + Line number: 1184
      @@ -2491,19 +2547,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2514,11 +2570,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 38] + [DocId: 39] input @@ -2537,7 +2593,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1223 + Line number: 1150
      @@ -2547,19 +2603,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2570,11 +2626,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 39] + [DocId: 40] input @@ -2593,7 +2649,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1561 + Line number: 1476
      @@ -2603,19 +2659,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2626,11 +2682,11 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: - [DocId: 40] + [DocId: 41] input @@ -2649,7 +2705,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1799 + Line number: 1702
      @@ -2659,14 +2715,14 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      diff --git a/docs/snyk/master/argocd-test.html b/docs/snyk/master/argocd-test.html index e32fc44b0f52e..ea88fc74164e1 100644 --- a/docs/snyk/master/argocd-test.html +++ b/docs/snyk/master/argocd-test.html @@ -456,7 +456,7 @@

      Snyk test report

      -

      August 13th 2023, 12:13:27 am (UTC+00:00)

      +

      March 19th 2023, 12:16:00 am

      Scanned the following paths: @@ -468,7 +468,7 @@

      Snyk test report

      0 known vulnerabilities
      0 vulnerable dependency paths
      -
      1860 dependencies
      +
      1748 dependencies
      diff --git a/docs/snyk/master/ghcr.io_dexidp_dex_v2.35.3.html b/docs/snyk/master/ghcr.io_dexidp_dex_v2.35.3.html new file mode 100644 index 0000000000000..2cab36eb6643b --- /dev/null +++ b/docs/snyk/master/ghcr.io_dexidp_dex_v2.35.3.html @@ -0,0 +1,1420 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
      +
      +
      +
      + + + Snyk - Open Source Security + + + + + + + +
      +

      Snyk test report

      + +

      March 19th 2023, 12:16:14 am

      +
      +
      + Scanned the following paths: +
        +
      • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (apk)
      • ghcr.io/dexidp/dex:v2.35.3/hairyhenderson/gomplate/v3 (gomodules)
      • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (gomodules)
      • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (gomodules)
        • +
      +
      + +
      +
      9 known vulnerabilities
      +
      37 vulnerable dependency paths
      +
      756 dependencies
      +
      +
      +
      +
      + +
      +
      +
      +

      Double Free

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: alpine:3.16 +
        • +
      • + Vulnerable module: + + openssl/libcrypto1.1 +
        • + +
      • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      + +
      + +
      + +

      NVD Description

      +

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

      +

      The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.

      +

      Remediation

      +

      Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Access of Resource Using Incompatible Type ('Type Confusion')

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: alpine:3.16 +
        • +
      • + Vulnerable module: + + openssl/libcrypto1.1 +
        • + +
      • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      + +
      + +
      + +

      NVD Description

      +

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

      +

      There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

      +

      Remediation

      +

      Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Use After Free

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: alpine:3.16 +
        • +
      • + Vulnerable module: + + openssl/libcrypto1.1 +
        • + +
      • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      + +
      + +
      + +

      NVD Description

      +

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

      +

      The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.

      +

      Remediation

      +

      Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Denial of Service (DoS)

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/net/http2/hpack +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2/hpack@v0.0.0-20220909164309-bea034e7d591 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2/hpack@v0.0.0-20220909164309-bea034e7d591 + + + +
        • +
      • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2/hpack@v0.0.0-20220927171203-f486391704dc + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

      +

      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

      +

      One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

      +

      When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

      +

      Two common types of DoS vulnerabilities:

      +
        +

      • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

        +
        • +

      • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

        +
        • +
      +

      Remediation

      +

      Upgrade golang.org/x/net/http2/hpack to version 0.7.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Denial of Service (DoS)

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/net/http2 +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + + + +
        • +
      • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2@v0.0.0-20220927171203-f486391704dc + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

      +

      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

      +

      One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

      +

      When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

      +

      Two common types of DoS vulnerabilities:

      +
        +

      • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

        +
        • +

      • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

        +
        • +
      +

      Remediation

      +

      Upgrade golang.org/x/net/http2 to version 0.7.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      CVE-2022-4304

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: alpine:3.16 +
        • +
      • + Vulnerable module: + + openssl/libcrypto1.1 +
        • + +
      • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      + +
      + +
      + +

      NVD Description

      +

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

      +

      A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.

      +

      Remediation

      +

      Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Improper Input Validation

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/text/language +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/text/language@v0.3.7 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/text/language@v0.3.7 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      Affected versions of this package are vulnerable to Improper Input Validation due to the parser being, by design, exposed to untrusted user input, which can be leveraged to force a program to consume significant time parsing Accept-Language headers.

      +

      Remediation

      +

      Upgrade golang.org/x/text/language to version 0.3.8 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Incorrect Privilege Assignment

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/sys/unix +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + + + +
        • +
      • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      Affected versions of this package are vulnerable to Incorrect Privilege Assignment such that when called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible.

      +

      Remediation

      +

      Upgrade golang.org/x/sys/unix to version 0.1.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Denial of Service (DoS)

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/net/http2 +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + + + +
        • +
      • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2@v0.0.0-20220927171203-f486391704dc + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.

      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

      +

      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

      +

      One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

      +

      When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

      +

      Two common types of DoS vulnerabilities:

      +
        +

      • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

        +
        • +

      • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

        +
        • +
      +

      Remediation

      +

      Upgrade golang.org/x/net/http2 to version 0.4.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +
      +
      + + + diff --git a/docs/snyk/master/ghcr.io_dexidp_dex_v2.37.0.html b/docs/snyk/master/ghcr.io_dexidp_dex_v2.37.0.html deleted file mode 100644 index 75bf683f2f592..0000000000000 --- a/docs/snyk/master/ghcr.io_dexidp_dex_v2.37.0.html +++ /dev/null @@ -1,1079 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
      -
      -
      -
      - - - Snyk - Open Source Security - - - - - - - -
      -

      Snyk test report

      - -

      August 13th 2023, 12:13:40 am (UTC+00:00)

      -
      -
      - Scanned the following paths: -
        -
      • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (apk)
      • ghcr.io/dexidp/dex:v2.37.0/hairyhenderson/gomplate/v3 (gomodules)
      • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
      • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
        • -
      -
      - -
      -
      4 known vulnerabilities
      -
      22 vulnerable dependency paths
      -
      786 dependencies
      -
      -
      -
      -
      - -
      -
      -
      -

      Improper Authentication

      -
      - -
      - medium severity -
      - -
      - -
        -
      • - Package Manager: alpine:3.18 -
        • -
      • - Vulnerable module: - - openssl/libcrypto3 -
        • - -
      • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
        • -
      - -
      - - -

      Detailed paths

      - -
        -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      - -
      - -
      - -

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

      -

      Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

      -

      Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

      -

      The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

      -

      As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

      -

      Remediation

      -

      Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

      -

      References

      - - -
      - -
      -

      More about this vulnerability

      -
      - -
      -
      -

      Inefficient Regular Expression Complexity

      -
      - -
      - medium severity -
      - -
      - -
        -
      • - Package Manager: alpine:3.18 -
        • -
      • - Vulnerable module: - - openssl/libcrypto3 -
        • - -
      • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
        • -
      - -
      - - -

      Detailed paths

      - -
        -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      - -
      - -
      - -

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

      -

      Issue summary: Checking excessively long DH keys or parameters may be very slow.

      -

      Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

      -

      The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

      -

      However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

      -

      An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

      -

      The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

      -

      Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

      -

      The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

      -

      Remediation

      -

      Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

      -

      References

      - - -
      - -
      -

      More about this vulnerability

      -
      - -
      -
      -

      Excessive Iteration

      -
      - -
      - medium severity -
      - -
      - -
        -
      • - Package Manager: alpine:3.18 -
        • -
      • - Vulnerable module: - - openssl/libcrypto3 -
        • - -
      • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
        • -
      - -
      - - -

      Detailed paths

      - -
        -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      - -
      - -
      - -

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

      -

      Issue summary: Checking excessively long DH keys or parameters may be very slow.

      -

      Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

      -

      The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

      -

      An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

      -

      The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

      -

      Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

      -

      The OpenSSL SSL/TLS implementation is not affected by this issue.

      -

      The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

      -

      Remediation

      -

      Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

      -

      References

      - - -
      - -
      -

      More about this vulnerability

      -
      - -
      -
      -

      Cross-site Scripting (XSS)

      -
      - -
      - medium severity -
      - -
      - -
        -
      • - Package Manager: golang -
        • -
      • - Vulnerable module: - - golang.org/x/net/html -
        • - -
      • Introduced through: - - github.com/dexidp/dex@* and golang.org/x/net/html@v0.11.0 - -
        • -
      - -
      - - -

      Detailed paths

      - -
        -
      • - Introduced through: - github.com/dexidp/dex@* - - golang.org/x/net/html@v0.11.0 - - - -
        • -
      - -
      - -
      - -

      Overview

      -

      golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser.

      -

      Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the render1() function in render.go. Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be.

      -

      Details

      -

      A cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.

      -

      This is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser’s Same Origin Policy.

      -

      Injecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.

      -

      Escaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, < can be coded as &lt; and > can be coded as &gt; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses < and > as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they’ve been correctly escaped in the application code and in this way the attempted attack is diverted.

      -

      The most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware.

      -

      Types of attacks

      -

      There are a few methods by which XSS can be manipulated:

      - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      TypeOriginDescription
      StoredServerThe malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.
      ReflectedServerThe attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user’s browser.
      DOM-basedClientThe attacker forces the user’s browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.
      MutatedThe attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.
      -

      Affected environments

      -

      The following environments are susceptible to an XSS attack:

      -
        -
      • Web servers
        • -
      • Application servers
        • -
      • Web application environments
        • -
      -

      How to prevent

      -

      This section describes the top best practices designed to specifically protect your code:

      -
        -
      • Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches.
        • -
      • Convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents.
        • -
      • Give users the option to disable client-side scripts.
        • -
      • Redirect invalid requests.
        • -
      • Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.
        • -
      • Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.
        • -
      • Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.
        • -
      -

      Remediation

      -

      Upgrade golang.org/x/net/html to version 0.13.0 or higher.

      -

      References

      - - -
      - -
      -

      More about this vulnerability

      -
      - -
      -
      -
      -
      - - - diff --git a/docs/snyk/v2.6.14/haproxy_2.6.14-alpine.html b/docs/snyk/master/haproxy_2.6.9-alpine.html similarity index 98% rename from docs/snyk/v2.6.14/haproxy_2.6.14-alpine.html rename to docs/snyk/master/haproxy_2.6.9-alpine.html index ce2cdd4fbc859..5b3ef651076e2 100644 --- a/docs/snyk/v2.6.14/haproxy_2.6.14-alpine.html +++ b/docs/snyk/master/haproxy_2.6.9-alpine.html @@ -456,12 +456,12 @@

      Snyk test report

      -

      August 13th 2023, 12:22:23 am (UTC+00:00)

      +

      March 19th 2023, 12:16:21 am

      Scanned the following path:
        -
      • haproxy:2.6.14-alpine (apk)
        • +
      • haproxy:2.6.9-alpine (apk)
      @@ -477,7 +477,7 @@

      Snyk test report

      - + diff --git a/docs/snyk/master/quay.io_argoproj_argocd_latest.html b/docs/snyk/master/quay.io_argoproj_argocd_latest.html index 4e9f33b188f6e..53193b5c33fd2 100644 --- a/docs/snyk/master/quay.io_argoproj_argocd_latest.html +++ b/docs/snyk/master/quay.io_argoproj_argocd_latest.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

      Snyk test report

      -

      August 13th 2023, 12:14:19 am (UTC+00:00)

      +

      March 19th 2023, 12:16:48 am

      Scanned the following paths: @@ -466,9 +466,9 @@

      Snyk test report

      -
      17 known vulnerabilities
      -
      84 vulnerable dependency paths
      -
      2114 dependencies
      +
      16 known vulnerabilities
      +
      83 vulnerable dependency paths
      +
      2065 dependencies
      @@ -476,29 +476,29 @@

      Snyk test report

      -
      -

      Out-of-bounds Write

      +
      +

      Denial of Service (DoS)

      -
      - medium severity +
      + high severity
      • - Package Manager: ubuntu:22.04 + Package Manager: golang
      • Vulnerable module: - procps/libprocps8 + golang.org/x/net/http2/hpack
      • Introduced through: - docker-image|quay.io/argoproj/argocd@latest and procps/libprocps8@2:3.3.17-6ubuntu2 + helm.sh/helm/v3@* and golang.org/x/net/http2/hpack@v0.5.0
      @@ -511,29 +511,9 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - procps/libprocps8@2:3.3.17-6ubuntu2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - procps@2:3.3.17-6ubuntu2 - - procps/libprocps8@2:3.3.17-6ubuntu2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest + helm.sh/helm/v3@* - procps@2:3.3.17-6ubuntu2 + golang.org/x/net/http2/hpack@v0.5.0 @@ -544,48 +524,60 @@

        Detailed paths

        -

        NVD Description

        -

        Note: Versions mentioned in the description apply only to the upstream procps package and not the procps package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

        -

        Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

        +

        Overview

        +

        Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

        +

        Details

        +

        Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

        +

        Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

        +

        One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

        +

        When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

        +

        Two common types of DoS vulnerabilities:

        +
          +

        • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

          +
          • +

        • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

          +
          • +

        Remediation

        -

        There is no fixed version for Ubuntu:22.04 procps.

        +

        Upgrade golang.org/x/net/http2/hpack to version 0.7.0 or higher.

        References

        -

        More about this vulnerability

        +

        More about this vulnerability

      -
      -

      CVE-2023-36054

      +
      +

      Denial of Service (DoS)

      -
      - medium severity +
      + high severity
      • - Package Manager: ubuntu:22.04 + Package Manager: golang
      • Vulnerable module: - krb5/libk5crypto3 + golang.org/x/net/http2
      • Introduced through: - docker-image|quay.io/argoproj/argocd@latest and krb5/libk5crypto3@1.19.2-2ubuntu0.2 + helm.sh/helm/v3@* and golang.org/x/net/http2@v0.5.0
      @@ -598,161 +590,9 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 + helm.sh/helm/v3@* - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - meta-common-packages@meta - - krb5/libkrb5support0@1.19.2-2ubuntu0.2 + golang.org/x/net/http2@v0.5.0 @@ -763,25 +603,35 @@

        Detailed paths

        -

        NVD Description

        -

        Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

        -

        lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.

        +

        Overview

        +

        golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

        +

        Details

        +

        Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

        +

        Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

        +

        One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

        +

        When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

        +

        Two common types of DoS vulnerabilities:

        +
          +

        • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

          +
          • +

        • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

          +
          • +

        Remediation

        -

        There is no fixed version for Ubuntu:22.04 krb5.

        +

        Upgrade golang.org/x/net/http2 to version 0.7.0 or higher.

        References

        -

        More about this vulnerability

        +

        More about this vulnerability

      @@ -856,107 +706,6 @@

      References

      More about this vulnerability

      -
      -
      -

      Arbitrary Code Injection

      -
      - -
      - low severity -
      - -
      - -
        -
      • - Package Manager: ubuntu:22.04 -
        • -
      • - Vulnerable module: - - shadow/passwd -
        • - -
      • Introduced through: - - docker-image|quay.io/argoproj/argocd@latest and shadow/passwd@1:4.8.1-2ubuntu2.1 - -
        • -
      - -
      - - -

      Detailed paths

      - -
        -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
        • -
      • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - shadow/login@1:4.8.1-2ubuntu2.1 - - - -
        • -
      - -
      - -
      - -

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

      -

      In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.

      -

      Remediation

      -

      There is no fixed version for Ubuntu:22.04 shadow.

      -

      References

      - - -
      - -
      -

      More about this vulnerability

      -
      -

      Uncontrolled Recursion

      @@ -1031,8 +780,6 @@

      References

    • MLIST
    • OSS security Advisory
    • Security Focus
      • -
    • cve@mitre.org
      • -
    • cve@mitre.org
      • @@ -1182,7 +929,7 @@

      References

      -

      Improper Authentication

      +

      Improper Locking

      @@ -1203,7 +950,7 @@

      Improper Authentication

    • Introduced through: - docker-image|quay.io/argoproj/argocd@latest and openssl/libssl3@3.0.2-0ubuntu1.10 + docker-image|quay.io/argoproj/argocd@latest and openssl/libssl3@3.0.2-0ubuntu1.8
      • @@ -1218,7 +965,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8 @@ -1229,7 +976,7 @@

      Detailed paths

      cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8 @@ -1240,7 +987,7 @@

      Detailed paths

      libfido2/libfido2-1@1.10.0-1 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8 @@ -1249,9 +996,9 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - openssh/openssh-client@1:8.9p1-3ubuntu0.3 + openssh/openssh-client@1:8.9p1-3ubuntu0.1 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8 @@ -1260,11 +1007,11 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - ca-certificates@20230311ubuntu0.22.04.1 + ca-certificates@20211016ubuntu0.22.04.1 - openssl@3.0.2-0ubuntu1.10 + openssl@3.0.2-0ubuntu1.8 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8 @@ -1273,13 +1020,13 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.8 - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 + libssh/libssh-4@0.9.6-2build1 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8 @@ -1298,11 +1045,11 @@

      Detailed paths

      libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 - krb5/libkrb5-3@1.19.2-2ubuntu0.2 + krb5/libkrb5-3@1.19.2-2ubuntu0.1 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8 @@ -1311,7 +1058,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - openssl@3.0.2-0ubuntu1.10 + openssl@3.0.2-0ubuntu1.8 @@ -1320,9 +1067,9 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - ca-certificates@20230311ubuntu0.22.04.1 + ca-certificates@20211016ubuntu0.22.04.1 - openssl@3.0.2-0ubuntu1.10 + openssl@3.0.2-0ubuntu1.8 @@ -1336,45 +1083,25 @@

      Detailed paths

      NVD Description

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

      -

      Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

      -

      Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

      -

      The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

      -

      As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

      +

      If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the -policy&#39; argument to the command line utilities or by calling either X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.

      Remediation

      There is no fixed version for Ubuntu:22.04 openssl.

      References

      -

      More about this vulnerability

      +

      More about this vulnerability

      -

      CVE-2023-28531

      +

      Improper Privilege Management

      @@ -1395,7 +1122,7 @@

      CVE-2023-28531

    • Introduced through: - docker-image|quay.io/argoproj/argocd@latest and openssh/openssh-client@1:8.9p1-3ubuntu0.3 + docker-image|quay.io/argoproj/argocd@latest and openssh/openssh-client@1:8.9p1-3ubuntu0.1
      • @@ -1410,7 +1137,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - openssh/openssh-client@1:8.9p1-3ubuntu0.3 + openssh/openssh-client@1:8.9p1-3ubuntu0.1 @@ -1424,26 +1151,35 @@

      Detailed paths

      NVD Description

      Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

      -

      ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.

      +

      sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

      Remediation

      There is no fixed version for Ubuntu:22.04 openssh.

      References

      -

      More about this vulnerability

      +

      More about this vulnerability

      -

      NULL Pointer Dereference

      +

      Information Exposure

      @@ -1459,13 +1195,13 @@

      NULL Pointer Dereference

    • Vulnerable module: - openldap/libldap-2.5-0 + openssh/openssh-client
    • Introduced through: + docker-image|quay.io/argoproj/argocd@latest and openssh/openssh-client@1:8.9p1-3ubuntu0.1 - docker-image|quay.io/argoproj/argocd@latest, gnupg2/dirmngr@2.2.27-3ubuntu2.1 and others
      • @@ -1479,31 +1215,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - gnupg2/dirmngr@2.2.27-3ubuntu2.1 - - openldap/libldap-2.5-0@2.5.16+dfsg-0ubuntu0.22.04.1 - - - - -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - openldap/libldap-2.5-0@2.5.16+dfsg-0ubuntu0.22.04.1 - - - -
      • -
    • - Introduced through: - docker-image|quay.io/argoproj/argocd@latest - - openldap/libldap-common@2.5.16+dfsg-0ubuntu0.22.04.1 + openssh/openssh-client@1:8.9p1-3ubuntu0.1 @@ -1515,34 +1227,33 @@

      Detailed paths

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Ubuntu:22.04. +

      Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

      -

      A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

      +

      The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

      Remediation

      -

      There is no fixed version for Ubuntu:22.04 openldap.

      +

      There is no fixed version for Ubuntu:22.04 openssh.

      References

      -

      More about this vulnerability

      +

      More about this vulnerability

      • -

      Resource Exhaustion

      +

      Out-of-bounds Read

      @@ -1558,13 +1269,13 @@

      Resource Exhaustion

    • Vulnerable module: - libzstd/libzstd1 + ncurses/libtinfo6
    • Introduced through: + docker-image|quay.io/argoproj/argocd@latest and ncurses/libtinfo6@6.3-2 - docker-image|quay.io/argoproj/argocd@latest, meta-common-packages@meta and others
      • @@ -1578,9 +1289,198 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - meta-common-packages@meta + ncurses/libtinfo6@6.3-2 + + + + +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + bash@5.1-6ubuntu1 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + ncurses/libncursesw6@6.3-2 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + less@590-1ubuntu0.22.04.1 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + libedit/libedit2@3.1-20210910-1build1 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + ncurses/libncurses6@6.3-2 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + ncurses/ncurses-bin@6.3-2 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + procps@2:3.3.17-6ubuntu2 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + util-linux@2.37.2-4ubuntu3 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + gnupg2/gpg@2.2.27-3ubuntu2.1 + + gnupg2/gpgconf@2.2.27-3ubuntu2.1 + + readline/libreadline8@8.1.2-1 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + gnupg2/gnupg@2.2.27-3ubuntu2.1 + + gnupg2/gpg-agent@2.2.27-3ubuntu2.1 + + pinentry/pinentry-curses@1.1.1-1build2 + + ncurses/libtinfo6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + ncurses/libncursesw6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + procps@2:3.3.17-6ubuntu2 + + ncurses/libncursesw6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + gnupg2/gnupg@2.2.27-3ubuntu2.1 + + gnupg2/gpg-agent@2.2.27-3ubuntu2.1 + + pinentry/pinentry-curses@1.1.1-1build2 + + ncurses/libncursesw6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + ncurses/libncurses6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + procps@2:3.3.17-6ubuntu2 + + ncurses/libncurses6@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest + + ncurses/ncurses-base@6.3-2 + + + +
      • +
    • + Introduced through: + docker-image|quay.io/argoproj/argocd@latest - libzstd/libzstd1@1.4.8+dfsg-3build1 + ncurses/ncurses-bin@6.3-2 @@ -1592,22 +1492,25 @@

      Detailed paths

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream libzstd package and not the libzstd package as distributed by Ubuntu:22.04. +

      Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

      -

      A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.

      +

      ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

      Remediation

      -

      There is no fixed version for Ubuntu:22.04 libzstd.

      +

      There is no fixed version for Ubuntu:22.04 ncurses.

      References

      -

      More about this vulnerability

      +

      More about this vulnerability

      • @@ -1633,7 +1536,7 @@

      Integer Overflow or Wraparound

    • Introduced through: - docker-image|quay.io/argoproj/argocd@latest and krb5/libk5crypto3@1.19.2-2ubuntu0.2 + docker-image|quay.io/argoproj/argocd@latest and krb5/libk5crypto3@1.19.2-2ubuntu0.1
      • @@ -1648,7 +1551,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - krb5/libk5crypto3@1.19.2-2ubuntu0.2 + krb5/libk5crypto3@1.19.2-2ubuntu0.1 @@ -1667,9 +1570,9 @@

      Detailed paths

      libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 - krb5/libk5crypto3@1.19.2-2ubuntu0.2 + krb5/libk5crypto3@1.19.2-2ubuntu0.1 @@ -1688,11 +1591,11 @@

      Detailed paths

      libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 - krb5/libkrb5-3@1.19.2-2ubuntu0.2 + krb5/libkrb5-3@1.19.2-2ubuntu0.1 - krb5/libk5crypto3@1.19.2-2ubuntu0.2 + krb5/libk5crypto3@1.19.2-2ubuntu0.1 @@ -1701,7 +1604,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - krb5/libkrb5-3@1.19.2-2ubuntu0.2 + krb5/libkrb5-3@1.19.2-2ubuntu0.1 @@ -1720,9 +1623,9 @@

      Detailed paths

      libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 - krb5/libkrb5-3@1.19.2-2ubuntu0.2 + krb5/libkrb5-3@1.19.2-2ubuntu0.1 @@ -1731,7 +1634,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 @@ -1740,9 +1643,9 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - openssh/openssh-client@1:8.9p1-3ubuntu0.3 + openssh/openssh-client@1:8.9p1-3ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 @@ -1751,11 +1654,11 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.8 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 @@ -1764,13 +1667,13 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.8 - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 + libssh/libssh-4@0.9.6-2build1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 @@ -1789,7 +1692,7 @@

      Detailed paths

      libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 @@ -1800,7 +1703,7 @@

      Detailed paths

      meta-common-packages@meta - krb5/libkrb5support0@1.19.2-2ubuntu0.2 + krb5/libkrb5support0@1.19.2-2ubuntu0.1 @@ -1879,7 +1782,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - apt@2.4.9 + apt@2.4.8 gnupg2/gpgv@2.2.27-3ubuntu2.1 @@ -2199,7 +2102,6 @@

      References

    • secalert@redhat.com
    • secalert@redhat.com
    • secalert@redhat.com
      • -
    • secalert@redhat.com
      • @@ -2312,7 +2214,7 @@

      Improper Input Validation

    • Introduced through: - docker-image|quay.io/argoproj/argocd@latest, git@1:2.34.1-1ubuntu1.9 and others + docker-image|quay.io/argoproj/argocd@latest, git@1:2.34.1-1ubuntu1.8 and others
      • @@ -2326,9 +2228,9 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - git/git-man@1:2.34.1-1ubuntu1.9 + git/git-man@1:2.34.1-1ubuntu1.8 @@ -2337,7 +2239,7 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 @@ -2346,9 +2248,9 @@

      Detailed paths

      Introduced through: docker-image|quay.io/argoproj/argocd@latest - git-lfs@3.0.2-1ubuntu0.2 + git-lfs@3.0.2-1ubuntu0.1 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 diff --git a/docs/snyk/master/redis_7.0.11-alpine.html b/docs/snyk/master/redis_7.0.11-alpine.html deleted file mode 100644 index 43ad8c8b79904..0000000000000 --- a/docs/snyk/master/redis_7.0.11-alpine.html +++ /dev/null @@ -1,1031 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
      -
      -
      -
      - - - Snyk - Open Source Security - - - - - - - -
      -

      Snyk test report

      - -

      August 13th 2023, 12:14:26 am (UTC+00:00)

      -
      -
      - Scanned the following path: -
        -
      • redis:7.0.11-alpine (apk)
        • -
      -
      - -
      -
      3 known vulnerabilities
      -
      27 vulnerable dependency paths
      -
      18 dependencies
      -
      -
      -
      -
      -
      -
      Project docker-image|haproxy
      Path haproxy:2.6.14-alpine
      Path haproxy:2.6.9-alpine
      Package Manager apk
      - - - - - - -
      Project docker-image|redis
      Path redis:7.0.11-alpine
      Package Manager apk
      - -
      -
      -
      -

      Improper Authentication

      -
      - -
      - medium severity -
      - -
      - -
        -
      • - Package Manager: alpine:3.18 -
        • -
      • - Vulnerable module: - - openssl/libcrypto3 -
        • - -
      • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
        • -
      - -
      - - -

      Detailed paths

      - -
        -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      - -
      - -
      - -

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

      -

      Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

      -

      Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

      -

      The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

      -

      As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

      -

      Remediation

      -

      Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

      -

      References

      - - -
      - -
      -

      More about this vulnerability

      -
      - -
      -
      -

      Inefficient Regular Expression Complexity

      -
      - -
      - medium severity -
      - -
      - -
        -
      • - Package Manager: alpine:3.18 -
        • -
      • - Vulnerable module: - - openssl/libcrypto3 -
        • - -
      • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
        • -
      - -
      - - -

      Detailed paths

      - -
        -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      - -
      - -
      - -

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

      -

      Issue summary: Checking excessively long DH keys or parameters may be very slow.

      -

      Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

      -

      The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

      -

      However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

      -

      An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

      -

      The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

      -

      Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

      -

      The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

      -

      Remediation

      -

      Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

      -

      References

      - - -
      - -
      -

      More about this vulnerability

      -
      - -
      -
      -

      Excessive Iteration

      -
      - -
      - medium severity -
      - -
      - -
        -
      • - Package Manager: alpine:3.18 -
        • -
      • - Vulnerable module: - - openssl/libcrypto3 -
        • - -
      • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
        • -
      - -
      - - -

      Detailed paths

      - -
        -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
        • -
      - -
      - -
      - -

      NVD Description

      -

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

      -

      Issue summary: Checking excessively long DH keys or parameters may be very slow.

      -

      Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

      -

      The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

      -

      An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

      -

      The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

      -

      Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

      -

      The OpenSSL SSL/TLS implementation is not affected by this issue.

      -

      The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

      -

      Remediation

      -

      Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

      -

      References

      - - -
      - -
      -

      More about this vulnerability

      -
      - -
      -
      -
      - - - - diff --git a/docs/snyk/master/redis_7.0.9-alpine.html b/docs/snyk/master/redis_7.0.9-alpine.html new file mode 100644 index 0000000000000..12fc4f749f847 --- /dev/null +++ b/docs/snyk/master/redis_7.0.9-alpine.html @@ -0,0 +1,492 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
      +
      +
      +
      + + + Snyk - Open Source Security + + + + + + + +
      +

      Snyk test report

      + +

      March 19th 2023, 12:16:56 am

      +
      +
      + Scanned the following path: +
        +
      • redis:7.0.9-alpine (apk)
        • +
      +
      + +
      +
      0 known vulnerabilities
      +
      0 vulnerable dependency paths
      +
      18 dependencies
      +
      +
      +
      +
      +
      + + + + + + + +
      Project docker-image|redis
      Path redis:7.0.9-alpine
      Package Manager apk
      +
      +
      + No known vulnerabilities detected. +
      +
      + + + diff --git a/docs/snyk/v2.7.11/argocd-iac-install.html b/docs/snyk/v2.4.27/argocd-iac-install.html similarity index 88% rename from docs/snyk/v2.7.11/argocd-iac-install.html rename to docs/snyk/v2.4.27/argocd-iac-install.html index fc3b8a5d16679..0a6638cda94e2 100644 --- a/docs/snyk/v2.7.11/argocd-iac-install.html +++ b/docs/snyk/v2.4.27/argocd-iac-install.html @@ -456,7 +456,7 @@

      Snyk test report

      -

      August 13th 2023, 12:21:43 am (UTC+00:00)

      +

      March 19th 2023, 12:25:38 am

      Scanned the following path: @@ -494,7 +494,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -507,7 +507,7 @@

        Role with dangerous permissions

      • - Line number: 16324 + Line number: 9063
      @@ -524,7 +524,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -540,7 +540,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -553,7 +553,7 @@

        Role with dangerous permissions

      • - Line number: 16401 + Line number: 9140
      @@ -570,7 +570,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -586,7 +586,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -599,7 +599,7 @@

        Role with dangerous permissions

      • - Line number: 16429 + Line number: 9168
      @@ -616,7 +616,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -632,7 +632,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -645,7 +645,7 @@

        Role with dangerous permissions

      • - Line number: 16477 + Line number: 9212
      @@ -662,7 +662,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -678,7 +678,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -691,7 +691,7 @@

        Role with dangerous permissions

      • - Line number: 16459 + Line number: 9194
      @@ -708,7 +708,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -724,7 +724,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -737,7 +737,7 @@

        Role with dangerous permissions

      • - Line number: 16493 + Line number: 9228
      @@ -754,7 +754,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -770,7 +770,7 @@

      Container could be running with outdated image

      • - Public ID: SNYK-CC-K8S-42 + Public ID: SNYK-CC-K8S-42
      • Introduced through: @@ -789,7 +789,7 @@

        Container could be running with outdated image

      • - Line number: 17518 + Line number: 10100
      @@ -806,7 +806,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -822,7 +822,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -847,7 +847,7 @@

        Container has no CPU limit

      • - Line number: 16980 + Line number: 9686
      @@ -864,7 +864,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -880,7 +880,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -905,7 +905,7 @@

        Container has no CPU limit

      • - Line number: 17152 + Line number: 9786
      @@ -922,7 +922,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -938,7 +938,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -963,7 +963,7 @@

        Container has no CPU limit

      • - Line number: 17118 + Line number: 9763
      @@ -980,7 +980,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -996,7 +996,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1021,7 +1021,7 @@

        Container has no CPU limit

      • - Line number: 17212 + Line number: 9829
      @@ -1038,7 +1038,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1054,7 +1054,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1079,7 +1079,7 @@

        Container has no CPU limit

      • - Line number: 17286 + Line number: 9901
      @@ -1096,7 +1096,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1112,7 +1112,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1137,7 +1137,7 @@

        Container has no CPU limit

      • - Line number: 17518 + Line number: 10100
      @@ -1154,7 +1154,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1170,7 +1170,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1195,7 +1195,7 @@

        Container has no CPU limit

      • - Line number: 17342 + Line number: 9955
      @@ -1212,7 +1212,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1228,7 +1228,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1253,7 +1253,7 @@

        Container has no CPU limit

      • - Line number: 17603 + Line number: 10183
      @@ -1270,7 +1270,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1286,7 +1286,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1311,7 +1311,7 @@

        Container has no CPU limit

      • - Line number: 17907 + Line number: 10443
      @@ -1328,7 +1328,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1344,7 +1344,7 @@

      Container is running with multiple open ports

      • - Public ID: SNYK-CC-K8S-36 + Public ID: SNYK-CC-K8S-36
      • Introduced through: @@ -1363,7 +1363,7 @@

        Container is running with multiple open ports

      • - Line number: 17132 + Line number: 9770
      @@ -1380,12 +1380,12 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      -

      Container is running without liveness probe

      +

      Container is running with writable root filesystem

      @@ -1396,11 +1396,13 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-8
      • Introduced through: - [DocId: 42] + [DocId: 45] + + input spec @@ -1408,31 +1410,33 @@

        Container is running without liveness probe

        spec - containers[argocd-applicationset-controller] + containers[redis] - livenessProbe + securityContext + + readOnlyRootFilesystem
      • - Line number: 16980 + Line number: 9911

      Impact

      -

      Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

      +

      Compromised process could abuse writable root filesystem to elevate privileges

      Remediation

      -

      Add `livenessProbe` attribute

      +

      Set `securityContext.readOnlyRootFilesystem` to `true`

      -

      More about this issue

      +

      More about this issue

      @@ -1448,11 +1452,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 43] + [DocId: 42] spec @@ -1460,14 +1464,14 @@

        Container is running without liveness probe

        spec - containers[dex] + containers[argocd-applicationset-controller] livenessProbe
      • - Line number: 17118 + Line number: 9686
      @@ -1484,7 +1488,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1500,7 +1504,7 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: @@ -1512,14 +1516,14 @@

        Container is running without liveness probe

        spec - initContainers[copyutil] + containers[dex] livenessProbe
      • - Line number: 17152 + Line number: 9763
      @@ -1536,7 +1540,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1552,11 +1556,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 45] + [DocId: 43] spec @@ -1564,14 +1568,14 @@

        Container is running without liveness probe

        spec - containers[redis] + initContainers[copyutil] livenessProbe
      • - Line number: 17286 + Line number: 9786
      @@ -1588,7 +1592,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1604,11 +1608,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 46] + [DocId: 45] spec @@ -1616,14 +1620,14 @@

        Container is running without liveness probe

        spec - initContainers[copyutil] + containers[redis] livenessProbe
      • - Line number: 17518 + Line number: 9901
      @@ -1640,12 +1644,12 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      -

      Container is running without memory limit

      +

      Container is running without liveness probe

      @@ -1656,13 +1660,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 42] - - input + [DocId: 46] spec @@ -1670,35 +1672,31 @@

        Container is running without memory limit

        spec - containers[argocd-applicationset-controller] - - resources - - limits + initContainers[copyutil] - memory + livenessProbe
      • - Line number: 16980 + Line number: 10100

      Impact

      -

      Containers without memory limits are more likely to be terminated when the node runs out of memory

      +

      Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

      Remediation

      -

      Set `resources.limits.memory` value

      +

      Add `livenessProbe` attribute

      -

      More about this issue

      +

      More about this issue

      @@ -1714,11 +1712,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 43] + [DocId: 42] input @@ -1728,7 +1726,7 @@

        Container is running without memory limit

        spec - containers[dex] + containers[argocd-applicationset-controller] resources @@ -1739,7 +1737,7 @@

        Container is running without memory limit

      • - Line number: 17118 + Line number: 9686
      @@ -1756,7 +1754,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1772,7 +1770,7 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: @@ -1786,7 +1784,7 @@

        Container is running without memory limit

        spec - initContainers[copyutil] + containers[dex] resources @@ -1797,7 +1795,7 @@

        Container is running without memory limit

      • - Line number: 17152 + Line number: 9763
      @@ -1814,7 +1812,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1830,11 +1828,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 44] + [DocId: 43] input @@ -1844,7 +1842,7 @@

        Container is running without memory limit

        spec - containers[argocd-notifications-controller] + initContainers[copyutil] resources @@ -1855,7 +1853,7 @@

        Container is running without memory limit

      • - Line number: 17212 + Line number: 9786
      @@ -1872,7 +1870,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1888,11 +1886,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 45] + [DocId: 44] input @@ -1902,7 +1900,7 @@

        Container is running without memory limit

        spec - containers[redis] + containers[argocd-notifications-controller] resources @@ -1913,7 +1911,7 @@

        Container is running without memory limit

      • - Line number: 17286 + Line number: 9829
      @@ -1930,7 +1928,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1946,11 +1944,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 46] + [DocId: 45] input @@ -1960,7 +1958,7 @@

        Container is running without memory limit

        spec - initContainers[copyutil] + containers[redis] resources @@ -1971,7 +1969,7 @@

        Container is running without memory limit

      • - Line number: 17518 + Line number: 9901
      @@ -1988,7 +1986,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2004,7 +2002,7 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: @@ -2018,7 +2016,7 @@

        Container is running without memory limit

        spec - containers[argocd-repo-server] + initContainers[copyutil] resources @@ -2029,7 +2027,7 @@

        Container is running without memory limit

      • - Line number: 17342 + Line number: 10100
      @@ -2046,7 +2044,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2062,11 +2060,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 47] + [DocId: 46] input @@ -2076,7 +2074,7 @@

        Container is running without memory limit

        spec - containers[argocd-server] + containers[argocd-repo-server] resources @@ -2087,7 +2085,7 @@

        Container is running without memory limit

      • - Line number: 17603 + Line number: 9955
      @@ -2104,7 +2102,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2120,11 +2118,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 48] + [DocId: 47] input @@ -2134,7 +2132,7 @@

        Container is running without memory limit

        spec - containers[argocd-application-controller] + containers[argocd-server] resources @@ -2145,7 +2143,7 @@

        Container is running without memory limit

      • - Line number: 17907 + Line number: 10183
      @@ -2162,12 +2160,12 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      -

      Container or Pod is running with writable root filesystem

      +

      Container is running without memory limit

      @@ -2178,11 +2176,11 @@

      Container or Pod is running with writable root filesyste
      • - Public ID: SNYK-CC-K8S-8 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 45] + [DocId: 48] input @@ -2192,38 +2190,40 @@

        Container or Pod is running with writable root filesyste spec - containers[redis] + containers[argocd-application-controller] - securityContext + resources - readOnlyRootFilesystem + limits + + memory

      • - Line number: 17296 + Line number: 10443

      Impact

      -

      Compromised process could abuse writable root filesystem to elevate privileges

      +

      Containers without memory limits are more likely to be terminated when the node runs out of memory

      Remediation

      -

      Set `securityContext.readOnlyRootFilesystem` to `true`

      +

      Set `resources.limits.memory` value

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2234,7 +2234,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2257,7 +2257,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 17055 + Line number: 9702
      @@ -2267,19 +2267,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2290,7 +2290,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2313,7 +2313,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 17160 + Line number: 9794
      @@ -2323,19 +2323,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2346,7 +2346,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2369,7 +2369,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 17135 + Line number: 9773
      @@ -2379,19 +2379,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2402,7 +2402,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2425,7 +2425,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 17220 + Line number: 9837
      @@ -2435,19 +2435,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2458,7 +2458,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2481,7 +2481,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 17296 + Line number: 9911
      @@ -2491,19 +2491,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2514,7 +2514,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2537,7 +2537,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 17525 + Line number: 10107
      @@ -2547,19 +2547,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2570,7 +2570,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2593,7 +2593,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 17491 + Line number: 10075
      @@ -2603,19 +2603,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2626,7 +2626,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2649,7 +2649,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 17817 + Line number: 10366
      @@ -2659,19 +2659,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2682,7 +2682,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2705,7 +2705,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 18049 + Line number: 10567
      @@ -2715,14 +2715,14 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      diff --git a/docs/snyk/v2.7.11/argocd-iac-namespace-install.html b/docs/snyk/v2.4.27/argocd-iac-namespace-install.html similarity index 88% rename from docs/snyk/v2.7.11/argocd-iac-namespace-install.html rename to docs/snyk/v2.4.27/argocd-iac-namespace-install.html index 9a773e5e0ea93..ac12ff3ebb478 100644 --- a/docs/snyk/v2.7.11/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.4.27/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

      Snyk test report

      -

      August 13th 2023, 12:21:59 am (UTC+00:00)

      +

      March 19th 2023, 12:25:49 am

      Scanned the following path: @@ -494,7 +494,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -507,7 +507,7 @@

        Role with dangerous permissions

      • - Line number: 77 + Line number: 73
      @@ -524,7 +524,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -540,7 +540,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -553,7 +553,7 @@

        Role with dangerous permissions

      • - Line number: 154 + Line number: 150
      @@ -570,7 +570,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -586,7 +586,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -599,7 +599,7 @@

        Role with dangerous permissions

      • - Line number: 182 + Line number: 178
      @@ -616,7 +616,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -632,7 +632,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -645,7 +645,7 @@

        Role with dangerous permissions

      • - Line number: 230 + Line number: 222
      @@ -662,7 +662,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -678,7 +678,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -691,7 +691,7 @@

        Role with dangerous permissions

      • - Line number: 212 + Line number: 204
      @@ -708,7 +708,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -724,7 +724,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -737,7 +737,7 @@

        Role with dangerous permissions

      • - Line number: 246 + Line number: 238
      @@ -754,7 +754,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -770,7 +770,7 @@

      Container could be running with outdated image

      • - Public ID: SNYK-CC-K8S-42 + Public ID: SNYK-CC-K8S-42
      • Introduced through: @@ -789,7 +789,7 @@

        Container could be running with outdated image

      • - Line number: 1178 + Line number: 1025
      @@ -806,7 +806,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -822,7 +822,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -847,7 +847,7 @@

        Container has no CPU limit

      • - Line number: 640 + Line number: 611
      @@ -864,7 +864,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -880,7 +880,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -905,7 +905,7 @@

        Container has no CPU limit

      • - Line number: 812 + Line number: 711
      @@ -922,7 +922,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -938,7 +938,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -963,7 +963,7 @@

        Container has no CPU limit

      • - Line number: 778 + Line number: 688
      @@ -980,7 +980,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -996,7 +996,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1021,7 +1021,7 @@

        Container has no CPU limit

      • - Line number: 872 + Line number: 754
      @@ -1038,7 +1038,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1054,7 +1054,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1079,7 +1079,7 @@

        Container has no CPU limit

      • - Line number: 946 + Line number: 826
      @@ -1096,7 +1096,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1112,7 +1112,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1137,7 +1137,7 @@

        Container has no CPU limit

      • - Line number: 1178 + Line number: 1025
      @@ -1154,7 +1154,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1170,7 +1170,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1195,7 +1195,7 @@

        Container has no CPU limit

      • - Line number: 1002 + Line number: 880
      @@ -1212,7 +1212,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1228,7 +1228,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1253,7 +1253,7 @@

        Container has no CPU limit

      • - Line number: 1263 + Line number: 1108
      @@ -1270,7 +1270,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1286,7 +1286,7 @@

      Container has no CPU limit

      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
      • Introduced through: @@ -1311,7 +1311,7 @@

        Container has no CPU limit

      • - Line number: 1567 + Line number: 1368
      @@ -1328,7 +1328,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1344,7 +1344,7 @@

      Container is running with multiple open ports

      • - Public ID: SNYK-CC-K8S-36 + Public ID: SNYK-CC-K8S-36
      • Introduced through: @@ -1363,7 +1363,7 @@

        Container is running with multiple open ports

      • - Line number: 792 + Line number: 695
      @@ -1380,12 +1380,12 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      -

      Container is running without liveness probe

      +

      Container is running with writable root filesystem

      @@ -1396,11 +1396,13 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-8
      • Introduced through: - [DocId: 35] + [DocId: 38] + + input spec @@ -1408,31 +1410,33 @@

        Container is running without liveness probe

        spec - containers[argocd-applicationset-controller] + containers[redis] - livenessProbe + securityContext + + readOnlyRootFilesystem
      • - Line number: 640 + Line number: 836

      Impact

      -

      Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

      +

      Compromised process could abuse writable root filesystem to elevate privileges

      Remediation

      -

      Add `livenessProbe` attribute

      +

      Set `securityContext.readOnlyRootFilesystem` to `true`

      -

      More about this issue

      +

      More about this issue

      @@ -1448,11 +1452,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 36] + [DocId: 35] spec @@ -1460,14 +1464,14 @@

        Container is running without liveness probe

        spec - containers[dex] + containers[argocd-applicationset-controller] livenessProbe
      • - Line number: 778 + Line number: 611
      @@ -1484,7 +1488,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1500,7 +1504,7 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: @@ -1512,14 +1516,14 @@

        Container is running without liveness probe

        spec - initContainers[copyutil] + containers[dex] livenessProbe
      • - Line number: 812 + Line number: 688
      @@ -1536,7 +1540,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1552,11 +1556,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 38] + [DocId: 36] spec @@ -1564,14 +1568,14 @@

        Container is running without liveness probe

        spec - containers[redis] + initContainers[copyutil] livenessProbe
      • - Line number: 946 + Line number: 711
      @@ -1588,7 +1592,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1604,11 +1608,11 @@

      Container is running without liveness probe

      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 39] + [DocId: 38] spec @@ -1616,14 +1620,14 @@

        Container is running without liveness probe

        spec - initContainers[copyutil] + containers[redis] livenessProbe
      • - Line number: 1178 + Line number: 826
      @@ -1640,12 +1644,12 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      -

      Container is running without memory limit

      +

      Container is running without liveness probe

      @@ -1656,13 +1660,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-41
      • Introduced through: - [DocId: 35] - - input + [DocId: 39] spec @@ -1670,35 +1672,31 @@

        Container is running without memory limit

        spec - containers[argocd-applicationset-controller] - - resources - - limits + initContainers[copyutil] - memory + livenessProbe
      • - Line number: 640 + Line number: 1025

      Impact

      -

      Containers without memory limits are more likely to be terminated when the node runs out of memory

      +

      Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

      Remediation

      -

      Set `resources.limits.memory` value

      +

      Add `livenessProbe` attribute

      -

      More about this issue

      +

      More about this issue

      @@ -1714,11 +1712,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 36] + [DocId: 35] input @@ -1728,7 +1726,7 @@

        Container is running without memory limit

        spec - containers[dex] + containers[argocd-applicationset-controller] resources @@ -1739,7 +1737,7 @@

        Container is running without memory limit

      • - Line number: 778 + Line number: 611
      @@ -1756,7 +1754,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1772,7 +1770,7 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: @@ -1786,7 +1784,7 @@

        Container is running without memory limit

        spec - initContainers[copyutil] + containers[dex] resources @@ -1797,7 +1795,7 @@

        Container is running without memory limit

      • - Line number: 812 + Line number: 688
      @@ -1814,7 +1812,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1830,11 +1828,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 37] + [DocId: 36] input @@ -1844,7 +1842,7 @@

        Container is running without memory limit

        spec - containers[argocd-notifications-controller] + initContainers[copyutil] resources @@ -1855,7 +1853,7 @@

        Container is running without memory limit

      • - Line number: 872 + Line number: 711
      @@ -1872,7 +1870,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1888,11 +1886,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 38] + [DocId: 37] input @@ -1902,7 +1900,7 @@

        Container is running without memory limit

        spec - containers[redis] + containers[argocd-notifications-controller] resources @@ -1913,7 +1911,7 @@

        Container is running without memory limit

      • - Line number: 946 + Line number: 754
      @@ -1930,7 +1928,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -1946,11 +1944,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 39] + [DocId: 38] input @@ -1960,7 +1958,7 @@

        Container is running without memory limit

        spec - initContainers[copyutil] + containers[redis] resources @@ -1971,7 +1969,7 @@

        Container is running without memory limit

      • - Line number: 1178 + Line number: 826
      @@ -1988,7 +1986,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2004,7 +2002,7 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: @@ -2018,7 +2016,7 @@

        Container is running without memory limit

        spec - containers[argocd-repo-server] + initContainers[copyutil] resources @@ -2029,7 +2027,7 @@

        Container is running without memory limit

      • - Line number: 1002 + Line number: 1025
      @@ -2046,7 +2044,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2062,11 +2060,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 40] + [DocId: 39] input @@ -2076,7 +2074,7 @@

        Container is running without memory limit

        spec - containers[argocd-server] + containers[argocd-repo-server] resources @@ -2087,7 +2085,7 @@

        Container is running without memory limit

      • - Line number: 1263 + Line number: 880
      @@ -2104,7 +2102,7 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      @@ -2120,11 +2118,11 @@

      Container is running without memory limit

      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 41] + [DocId: 40] input @@ -2134,7 +2132,7 @@

        Container is running without memory limit

        spec - containers[argocd-application-controller] + containers[argocd-server] resources @@ -2145,7 +2143,7 @@

        Container is running without memory limit

      • - Line number: 1567 + Line number: 1108
      @@ -2162,12 +2160,12 @@

      Remediation

      -

      More about this issue

      +

      More about this issue

      -

      Container or Pod is running with writable root filesystem

      +

      Container is running without memory limit

      @@ -2178,11 +2176,11 @@

      Container or Pod is running with writable root filesyste
      • - Public ID: SNYK-CC-K8S-8 + Public ID: SNYK-CC-K8S-4
      • Introduced through: - [DocId: 38] + [DocId: 41] input @@ -2192,38 +2190,40 @@

        Container or Pod is running with writable root filesyste spec - containers[redis] + containers[argocd-application-controller] - securityContext + resources - readOnlyRootFilesystem + limits + + memory

      • - Line number: 956 + Line number: 1368

      Impact

      -

      Compromised process could abuse writable root filesystem to elevate privileges

      +

      Containers without memory limits are more likely to be terminated when the node runs out of memory

      Remediation

      -

      Set `securityContext.readOnlyRootFilesystem` to `true`

      +

      Set `resources.limits.memory` value

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2234,7 +2234,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2257,7 +2257,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 715 + Line number: 627
      @@ -2267,19 +2267,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2290,7 +2290,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2313,7 +2313,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 820 + Line number: 719
      @@ -2323,19 +2323,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2346,7 +2346,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2369,7 +2369,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 795 + Line number: 698
      @@ -2379,19 +2379,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2402,7 +2402,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2425,7 +2425,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 880 + Line number: 762
      @@ -2435,19 +2435,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2458,7 +2458,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2481,7 +2481,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 956 + Line number: 836
      @@ -2491,19 +2491,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2514,7 +2514,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2537,7 +2537,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1185 + Line number: 1032
      @@ -2547,19 +2547,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2570,7 +2570,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2593,7 +2593,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1151 + Line number: 1000
      @@ -2603,19 +2603,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2626,7 +2626,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2649,7 +2649,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1477 + Line number: 1291
      @@ -2659,19 +2659,19 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      -

      Container's or Pod's UID could clash with host's UID

      +

      Container's UID could clash with host's UID

      @@ -2682,7 +2682,7 @@

      Container's or Pod's UID could clash with hos
      • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
      • Introduced through: @@ -2705,7 +2705,7 @@

        Container's or Pod's UID could clash with hos

      • - Line number: 1709 + Line number: 1492
      @@ -2715,14 +2715,14 @@

      Impact

      UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

      Remediation

      -

      Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

      +

      Set `securityContext.runAsUser` value to greater or equal than 10000

      -

      More about this issue

      +

      More about this issue

      diff --git a/docs/snyk/v2.4.27/argocd-test.html b/docs/snyk/v2.4.27/argocd-test.html new file mode 100644 index 0000000000000..e301388a119a0 --- /dev/null +++ b/docs/snyk/v2.4.27/argocd-test.html @@ -0,0 +1,4822 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
      +
      +
      +
      + + + Snyk - Open Source Security + + + + + + + +
      +

      Snyk test report

      + +

      March 19th 2023, 12:23:59 am

      +
      +
      + Scanned the following paths: +
        +
      • /argo-cd/argoproj/argo-cd/v2 (gomodules)
      • /argo-cd (yarn)
        • +
      +
      + +
      +
      6 known vulnerabilities
      +
      197 vulnerable dependency paths
      +
      1655 dependencies
      +
      +
      +
      +
      + +
      +
      +
      +

      Server-side Request Forgery (SSRF)

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: npm +
        • +
      • + Vulnerable module: + + parse-url +
        • + +
      • Introduced through: + + + argo-cd-ui@1.0.0, git-url-parse@11.6.0 and others +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + argo-cd-ui@1.0.0 + + git-url-parse@11.6.0 + + git-up@4.0.5 + + parse-url@6.0.5 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      parse-url is an An advanced url parser supporting git urls too. + Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to improper detection of protocol, resource, and pathname fields. Exploiting this vulnerability results in bypassing protocol verification.

      +

      PoC:

      + 
      import parseUrl from "parse-url";
+        import fetch from 'node-fetch';
+        var parsed=parseUrl("http://nnnn@localhost:808:/?id=xss")
+        if(parsed.resource=="localhost"){
+        console.log("internal network access is blocked")
+        }
+        else{
+           const response = await fetch('http://'+parsed.resource+parsed.pathname);
+                console.log(response)
+         }
+
      +

      Remediation

      +

      Upgrade parse-url to version 8.1.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Improper Input Validation

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: npm +
        • +
      • + Vulnerable module: + + parse-url +
        • + +
      • Introduced through: + + + argo-cd-ui@1.0.0, git-url-parse@11.6.0 and others +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + argo-cd-ui@1.0.0 + + git-url-parse@11.6.0 + + git-up@4.0.5 + + parse-url@6.0.5 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      parse-url is an An advanced url parser supporting git urls too. + Affected versions of this package are vulnerable to Improper Input Validation due to incorrect parsing of URLs. This allows the attacker to craft a malformed URL which can lead to a phishing attack.

      + 
      
+        const parseUrl = require("parse-url");
+        const Url = require("url");
+        
+        const express = require('express');
+        const app = express();
+        
+        var url = "https://www.google.com:x@fakesite.com:x";
+        parsed = parseUrl(url);
+        console.log("[*]`parse-url` output: ")
+        console.log(parsed);
+        
+        parsed2 = Url.parse(url);
+        console.log("[*]`url` output: ")
+        console.log(parsed2)
+        
+        app.get('/', (req, res) => {
+            if (parsed.host == "www.google.com") {
+                res.send("<a href=\'" + parsed2.href + "\'>CLICK ME!</a>")
+            }
+        })
+        
+        app.listen(8888,"0.0.0.0");
+
      +

      Remediation

      +

      Upgrade parse-url to version 8.1.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Regular Expression Denial of Service (ReDoS)

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: npm +
        • +
      • + Vulnerable module: + + minimatch +
        • + +
      • Introduced through: + + + argo-cd-ui@1.0.0, redoc@2.0.0-rc.64 and others +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + argo-cd-ui@1.0.0 + + redoc@2.0.0-rc.64 + + @redocly/openapi-core@1.0.0-beta.82 + + minimatch@3.0.4 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      minimatch is a minimal matching utility. + Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the braceExpand function in minimatch.js.

      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

      +

      The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

      +

      Let’s take the following regular expression as an example:

      + 
      regex = /A(B|C+)+D/
+
      +

      This regular expression accomplishes the following:

      +
        +
      • A The string must start with the letter 'A'
        • +
      • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
        • +
      • D Finally, we ensure this section of the string ends with a 'D'
        • +
      +

      The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

      +

      It most cases, it doesn't take very long for a regex engine to find a match:

      + 
      $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
+        0.04s user 0.01s system 95% cpu 0.052 total
+        
+        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
+        1.79s user 0.02s system 99% cpu 1.812 total
+
      +

      The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

      +

      Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

      +

      Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

      +
        +
      1. CCC
        2. +
      2. CC+C
        3. +
      3. C+CC
        4. +
      4. C+C+C.
        5. +
      +

      The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

      +

      From there, the number of steps the engine must use to validate a string just continues to grow.

      + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
      StringNumber of C'sNumber of steps
      ACCCX338
      ACCCCX471
      ACCCCCX5136
      ACCCCCCCCCCCCCCX1465,553
      +

      By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

      +

      Remediation

      +

      Upgrade minimatch to version 3.0.5 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Denial of Service (DoS)

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + gopkg.in/yaml.v2 +
        • + +
      • Introduced through: + + github.com/argoproj/argo-cd/v2@0.0.0 and gopkg.in/yaml.v2@2.2.4 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/spf13/cobra/doc@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/util/managedfields@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/util/yaml@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/testing@0.7.3 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/google/go-jsonnet@0.18.0 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/envtest@0.11.0 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/util/managedfields@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/structured-merge-diff/v4/fieldpath@4.2.0 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/services@#567361917320 + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/subscriptions@#567361917320 + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/util/misc@#567361917320 + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/api@#567361917320 + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/cmd@#567361917320 + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/diff@0.7.3 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/record@0.23.1 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/cache@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/health@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/cache@0.7.3 + + k8s.io/apimachinery/pkg/util/managedfields@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/watch@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/api/core/v1@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/api/rbac/v1@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/scheme@0.11.0 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/api/errors@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/util/managedfields@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kube-openapi/pkg/common@#e816edb12b65 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/go-openapi/runtime/middleware@0.19.4 + + github.com/go-openapi/validate@0.19.5 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/controller@#567361917320 + + github.com/argoproj/notifications-engine/pkg/subscriptions@#567361917320 + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/cache@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/health@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/discovery/fake@0.23.1 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes/fake@0.23.1 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/health@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/event@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/controller/controllerutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/envtest@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes/scheme@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/clientcmd@0.23.1 + + k8s.io/client-go/tools/clientcmd/api/latest@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/portforward@0.23.1 + + k8s.io/api/core/v1@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/apis/meta/v1@0.23.1 + + k8s.io/apimachinery/pkg/watch@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/resource@0.7.3 + + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/ignore@0.7.3 + + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/syncwaves@0.7.3 + + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/testing@0.7.3 + + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/tools/pager@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kubectl/pkg/util/resource@0.23.1 + + k8s.io/api/core/v1@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/versioning@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/pkg/apis/clientauthentication/v1beta1@0.23.1 + + k8s.io/client-go/pkg/apis/clientauthentication@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/scheme@0.11.0 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/util/retry@0.23.1 + + k8s.io/apimachinery/pkg/api/errors@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/record@0.23.1 + + k8s.io/client-go/tools/reference@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/cache@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/handler@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/syncwaves@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/diff@0.7.3 + + k8s.io/client-go/kubernetes/scheme@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/cmd@#567361917320 + + k8s.io/client-go/tools/clientcmd@0.23.1 + + k8s.io/client-go/tools/clientcmd/api/latest@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/dynamic@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/transport/spdy@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/pkg/kubeclientmetrics@#36c59d8fafe0 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/plugin/pkg/client/auth/azure@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/plugin/pkg/client/auth/gcp@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/plugin/pkg/client/auth/oidc@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes/scheme@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/versioning@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/listers/core/v1@0.23.1 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/tools/pager@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/api@#567361917320 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/tools/pager@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers/core/v1@0.23.1 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/tools/pager@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers@0.23.1 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/tools/pager@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/controller@#567361917320 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/tools/pager@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/api/equality@0.23.1 + + k8s.io/apimachinery/pkg/apis/meta/v1@0.23.1 + + k8s.io/apimachinery/pkg/watch@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/envtest@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/webhook/conversion@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/conversion@0.11.0 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/health@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/syncwaves@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/syncwaves@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/cmd@#567361917320 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers/core/v1@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/ignore@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/dynamic@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/transport/spdy@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/pkg/kubeclientmetrics@#36c59d8fafe0 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/plugin/pkg/client/auth/azure@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/plugin/pkg/client/auth/gcp@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/plugin/pkg/client/auth/oidc@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/record@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + sigs.k8s.io/kustomize/api/krusty@0.10.1 + + sigs.k8s.io/kustomize/kyaml/openapi@0.13.0 + + sigs.k8s.io/kustomize/kyaml/yaml@0.13.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + sigs.k8s.io/kustomize/api/krusty@0.10.1 + + sigs.k8s.io/kustomize/kyaml/openapi@0.13.0 + + sigs.k8s.io/kustomize/kyaml/yaml@0.13.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/cmd@#567361917320 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers/core/v1@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes/fake@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1/fake@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/health@0.7.3 + + k8s.io/kubectl/pkg/util/podutils@0.23.1 + + k8s.io/apimachinery/pkg/apis/meta/v1@0.23.1 + + k8s.io/apimachinery/pkg/watch@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/discovery/fake@0.23.1 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes/fake@0.23.1 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/remotecommand@0.23.1 + + k8s.io/client-go/transport/spdy@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/diff@0.7.3 + + k8s.io/client-go/kubernetes/scheme@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/versioning@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/clientcmd@0.23.1 + + k8s.io/client-go/tools/clientcmd/api/latest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api/v1@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/apimachinery/pkg/api/validation@0.23.1 + + k8s.io/apimachinery/pkg/apis/meta/v1/validation@0.23.1 + + k8s.io/apimachinery/pkg/apis/meta/v1@0.23.1 + + k8s.io/apimachinery/pkg/watch@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/ignore@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/ignore@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/source@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/source/internal@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/predicate@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/event@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/listers/core/v1@0.23.1 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/api@#567361917320 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers/core/v1@0.23.1 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers@0.23.1 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/controller@#567361917320 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/discovery/fake@0.23.1 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/kubernetes/fake@0.23.1 + + k8s.io/client-go/testing@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/remotecommand@0.23.1 + + k8s.io/client-go/transport/spdy@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/cache@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + sigs.k8s.io/kustomize/api/krusty@0.10.1 + + sigs.k8s.io/kustomize/kyaml/openapi@0.13.0 + + sigs.k8s.io/kustomize/kyaml/yaml@0.13.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/health@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + sigs.k8s.io/kustomize/api/krusty@0.10.1 + + sigs.k8s.io/kustomize/kyaml/openapi@0.13.0 + + sigs.k8s.io/kustomize/kyaml/yaml@0.13.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + sigs.k8s.io/kustomize/api/krusty@0.10.1 + + sigs.k8s.io/kustomize/kyaml/openapi@0.13.0 + + sigs.k8s.io/kustomize/kyaml/yaml@0.13.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/cache@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kubectl/pkg/util/term@0.23.1 + + k8s.io/client-go/tools/remotecommand@0.23.1 + + k8s.io/client-go/transport/spdy@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/cmd@#567361917320 + + k8s.io/client-go/tools/clientcmd@0.23.1 + + k8s.io/client-go/tools/clientcmd/api/latest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api/v1@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/syncwaves@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/webhook@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/webhook/admission@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.23.1 + + k8s.io/kube-openapi/pkg/util/proto@#e816edb12b65 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/cache@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/kubectl/pkg/util/term@0.23.1 + + k8s.io/client-go/tools/remotecommand@0.23.1 + + k8s.io/client-go/transport/spdy@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/leaderelection@0.11.0 + + k8s.io/client-go/tools/leaderelection/resourcelock@0.23.1 + + k8s.io/client-go/kubernetes/typed/core/v1@0.23.1 + + k8s.io/client-go/applyconfigurations/core/v1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/health@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/controller/controllerutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/ignore@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/util/openapi@0.23.1 + + k8s.io/kube-openapi/pkg/validation/spec@#e816edb12b65 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/controller/controllerutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + sigs.k8s.io/kustomize/api/krusty@0.10.1 + + sigs.k8s.io/kustomize/kyaml/openapi@0.13.0 + + sigs.k8s.io/kustomize/kyaml/yaml@0.13.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/syncwaves@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + sigs.k8s.io/kustomize/api/krusty@0.10.1 + + sigs.k8s.io/kustomize/kyaml/openapi@0.13.0 + + sigs.k8s.io/kustomize/kyaml/yaml@0.13.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/ignore@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/cli-runtime/pkg/resource@0.23.1 + + sigs.k8s.io/kustomize/api/krusty@0.10.1 + + sigs.k8s.io/kustomize/kyaml/openapi@0.13.0 + + sigs.k8s.io/kustomize/kyaml/yaml@0.13.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/syncwaves@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/event@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/webhook@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/webhook/internal/metrics@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/metrics@0.11.0 + + k8s.io/client-go/tools/cache@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/event@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync/ignore@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@0.7.3 + + github.com/argoproj/gitops-engine/pkg/sync/common@0.7.3 + + github.com/argoproj/gitops-engine/pkg/utils/kube@0.7.3 + + k8s.io/kubectl/pkg/cmd/util@0.23.1 + + k8s.io/client-go/kubernetes@0.23.1 + + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.23.1 + + k8s.io/client-go/applyconfigurations/meta/v1@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/handler@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/handler@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/source@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/source/internal@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/predicate@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/event@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/tools/clientcmd/api@0.23.1 + + k8s.io/apimachinery/pkg/runtime@0.23.1 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/source@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/source/internal@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/predicate@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/event@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + + k8s.io/client-go/restmapper@0.23.1 + + k8s.io/client-go/discovery@0.23.1 + + k8s.io/client-go/rest@0.23.1 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer@0.23.1 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.23.1 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      gopkg.in/yaml.v2 is a YAML support package for the Go language. + Affected versions of this package are vulnerable to Denial of Service (DoS). It is possible for authorized users to send malicious YAML payloads to cause kube-apiserver to consume excessive CPU cycles while parsing YAML.

      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

      +

      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

      +

      One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

      +

      When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

      +

      Two common types of DoS vulnerabilities:

      +
        +

      • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

        +
        • +

      • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

        +
        • +
      +

      Remediation

      +

      Upgrade gopkg.in/yaml.v2 to version 2.2.8 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Improper Input Validation

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + go.mongodb.org/mongo-driver/bson/bsonrw +
        • + +
      • Introduced through: + + + github.com/argoproj/argo-cd/v2@0.0.0, github.com/go-openapi/runtime/middleware@0.19.4 and others +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/go-openapi/runtime/middleware@0.19.4 + + github.com/go-openapi/validate@0.19.5 + + github.com/go-openapi/strfmt@0.19.3 + + go.mongodb.org/mongo-driver/bson@1.1.2 + + go.mongodb.org/mongo-driver/bson/bsonrw@1.1.2 + + + +
        • +
      • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/go-openapi/runtime/middleware@0.19.4 + + github.com/go-openapi/validate@0.19.5 + + github.com/go-openapi/strfmt@0.19.3 + + go.mongodb.org/mongo-driver/bson@1.1.2 + + go.mongodb.org/mongo-driver/bson/bsoncodec@1.1.2 + + go.mongodb.org/mongo-driver/bson/bsonrw@1.1.2 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      go.mongodb.org/mongo-driver/bson/bsonrw is a The MongoDB supported driver for Go. + Affected versions of this package are vulnerable to Improper Input Validation. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents.

      +

      Remediation

      +

      Upgrade go.mongodb.org/mongo-driver/bson/bsonrw to version 1.5.1 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Regular Expression Denial of Service (ReDoS)

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: npm +
        • +
      • + Vulnerable module: + + cookiejar +
        • + +
      • Introduced through: + + + argo-cd-ui@1.0.0, superagent@7.1.3 and others +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + argo-cd-ui@1.0.0 + + superagent@7.1.3 + + cookiejar@2.1.3 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.

      +

      PoC

      + 
      const { CookieJar } = require("cookiejar");
+        
+        const jar = new CookieJar();
+        
+        const start = performance.now();
+        const attack = "a" + "t".repeat(50_000);
+        jar.setCookie(attack);
+        console.log(`CookieJar.setCookie(): ${performance.now() - start}`);
+
      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

      +

      The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

      +

      Let’s take the following regular expression as an example:

      + 
      regex = /A(B|C+)+D/
+
      +

      This regular expression accomplishes the following:

      +
        +
      • A The string must start with the letter 'A'
        • +
      • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
        • +
      • D Finally, we ensure this section of the string ends with a 'D'
        • +
      +

      The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

      +

      It most cases, it doesn't take very long for a regex engine to find a match:

      + 
      $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
+        0.04s user 0.01s system 95% cpu 0.052 total
+        
+        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
+        1.79s user 0.02s system 99% cpu 1.812 total
+
      +

      The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

      +

      Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

      +

      Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

      +
        +
      1. CCC
        2. +
      2. CC+C
        3. +
      3. C+CC
        4. +
      4. C+C+C.
        5. +
      +

      The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

      +

      From there, the number of steps the engine must use to validate a string just continues to grow.

      + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
      StringNumber of C'sNumber of steps
      ACCCX338
      ACCCCX471
      ACCCCCX5136
      ACCCCCCCCCCCCCCX1465,553
      +

      By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

      +

      Remediation

      +

      Upgrade cookiejar to version 2.1.4 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +
      +
      + + + diff --git a/docs/snyk/v2.4.27/ghcr.io_dexidp_dex_v2.35.3.html b/docs/snyk/v2.4.27/ghcr.io_dexidp_dex_v2.35.3.html new file mode 100644 index 0000000000000..2e91cc499a71b --- /dev/null +++ b/docs/snyk/v2.4.27/ghcr.io_dexidp_dex_v2.35.3.html @@ -0,0 +1,1420 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
      +
      +
      +
      + + + Snyk - Open Source Security + + + + + + + +
      +

      Snyk test report

      + +

      March 19th 2023, 12:24:08 am

      +
      +
      + Scanned the following paths: +
        +
      • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (apk)
      • ghcr.io/dexidp/dex:v2.35.3/hairyhenderson/gomplate/v3 (gomodules)
      • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (gomodules)
      • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (gomodules)
        • +
      +
      + +
      +
      9 known vulnerabilities
      +
      37 vulnerable dependency paths
      +
      756 dependencies
      +
      +
      +
      +
      + +
      +
      +
      +

      Double Free

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: alpine:3.16 +
        • +
      • + Vulnerable module: + + openssl/libcrypto1.1 +
        • + +
      • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      + +
      + +
      + +

      NVD Description

      +

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

      +

      The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.

      +

      Remediation

      +

      Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Access of Resource Using Incompatible Type ('Type Confusion')

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: alpine:3.16 +
        • +
      • + Vulnerable module: + + openssl/libcrypto1.1 +
        • + +
      • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      + +
      + +
      + +

      NVD Description

      +

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

      +

      There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

      +

      Remediation

      +

      Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Use After Free

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: alpine:3.16 +
        • +
      • + Vulnerable module: + + openssl/libcrypto1.1 +
        • + +
      • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      + +
      + +
      + +

      NVD Description

      +

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

      +

      The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.

      +

      Remediation

      +

      Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Denial of Service (DoS)

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/net/http2/hpack +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2/hpack@v0.0.0-20220909164309-bea034e7d591 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2/hpack@v0.0.0-20220909164309-bea034e7d591 + + + +
        • +
      • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2/hpack@v0.0.0-20220927171203-f486391704dc + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

      +

      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

      +

      One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

      +

      When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

      +

      Two common types of DoS vulnerabilities:

      +
        +

      • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

        +
        • +

      • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

        +
        • +
      +

      Remediation

      +

      Upgrade golang.org/x/net/http2/hpack to version 0.7.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Denial of Service (DoS)

      +
      + +
      + high severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/net/http2 +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + + + +
        • +
      • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2@v0.0.0-20220927171203-f486391704dc + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

      +

      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

      +

      One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

      +

      When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

      +

      Two common types of DoS vulnerabilities:

      +
        +

      • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

        +
        • +

      • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

        +
        • +
      +

      Remediation

      +

      Upgrade golang.org/x/net/http2 to version 0.7.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      CVE-2022-4304

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: alpine:3.16 +
        • +
      • + Vulnerable module: + + openssl/libcrypto1.1 +
        • + +
      • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
        • +
      + +
      + +
      + +

      NVD Description

      +

      Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

      +

      A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.

      +

      Remediation

      +

      Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Improper Input Validation

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/text/language +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/text/language@v0.3.7 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/text/language@v0.3.7 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      Affected versions of this package are vulnerable to Improper Input Validation due to the parser being, by design, exposed to untrusted user input, which can be leveraged to force a program to consume significant time parsing Accept-Language headers.

      +

      Remediation

      +

      Upgrade golang.org/x/text/language to version 0.3.8 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Incorrect Privilege Assignment

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/sys/unix +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + + + +
        • +
      • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      Affected versions of this package are vulnerable to Incorrect Privilege Assignment such that when called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible.

      +

      Remediation

      +

      Upgrade golang.org/x/sys/unix to version 0.1.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +

      Denial of Service (DoS)

      +
      + +
      + medium severity +
      + +
      + +
        +
      • + Package Manager: golang +
        • +
      • + Vulnerable module: + + golang.org/x/net/http2 +
        • + +
      • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + +
        • +
      + +
      + + +

      Detailed paths

      + +
        +
      • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + + + +
        • +
      • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2@v0.0.0-20220927171203-f486391704dc + + + +
        • +
      + +
      + +
      + +

      Overview

      +

      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.

      +

      Details

      +

      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

      +

      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

      +

      One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

      +

      When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

      +

      Two common types of DoS vulnerabilities:

      +
        +

      • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

        +
        • +

      • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

        +
        • +
      +

      Remediation

      +

      Upgrade golang.org/x/net/http2 to version 0.4.0 or higher.

      +

      References

      + + +
      + +
      +

      More about this vulnerability

      +
      + +
      +
      +
      +
      + + + diff --git a/docs/snyk/v2.5.22/haproxy_2.6.14-alpine.html b/docs/snyk/v2.4.27/haproxy_2.0.31-alpine.html similarity index 98% rename from docs/snyk/v2.5.22/haproxy_2.6.14-alpine.html rename to docs/snyk/v2.4.27/haproxy_2.0.31-alpine.html index 1dcc1270d0916..648fe1d1a757f 100644 --- a/docs/snyk/v2.5.22/haproxy_2.6.14-alpine.html +++ b/docs/snyk/v2.4.27/haproxy_2.0.31-alpine.html @@ -456,19 +456,19 @@

      Snyk test report

      -

      August 13th 2023, 12:25:04 am (UTC+00:00)

      +

      March 19th 2023, 12:24:15 am

      Scanned the following path:
        -
      • haproxy:2.6.14-alpine (apk)
        • +
      • haproxy:2.0.31-alpine (apk)
      0 known vulnerabilities
      0 vulnerable dependency paths
      -
      18 dependencies
      +
      17 dependencies
      @@ -477,7 +477,7 @@

      Snyk test report

      - + diff --git a/docs/snyk/v2.5.22/quay.io_argoproj_argocd_v2.5.22.html b/docs/snyk/v2.4.27/quay.io_argoproj_argocd_v2.4.27.html similarity index 83% rename from docs/snyk/v2.5.22/quay.io_argoproj_argocd_v2.5.22.html rename to docs/snyk/v2.4.27/quay.io_argoproj_argocd_v2.4.27.html index 9d6a2c6436095..b0cc20585abc2 100644 --- a/docs/snyk/v2.5.22/quay.io_argoproj_argocd_v2.5.22.html +++ b/docs/snyk/v2.4.27/quay.io_argoproj_argocd_v2.4.27.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,19 +456,19 @@

      Snyk test report

      -

      August 13th 2023, 12:25:25 am (UTC+00:00)

      +

      March 19th 2023, 12:24:38 am

      Scanned the following paths:
        -
      • quay.io/argoproj/argocd:v2.5.22/argoproj/argocd (deb)
      • quay.io/argoproj/argocd:v2.5.22/argoproj/argo-cd/v2 (gomodules)
      • quay.io/argoproj/argocd:v2.5.22/kustomize/kustomize/v4 (gomodules)
      • quay.io/argoproj/argocd:v2.5.22/helm/v3 (gomodules)
      • quay.io/argoproj/argocd:v2.5.22/git-lfs/git-lfs (gomodules)
        • +
      • quay.io/argoproj/argocd:v2.4.27/argoproj/argocd (deb)
      • quay.io/argoproj/argocd:v2.4.27/argoproj/argo-cd/v2 (gomodules)
      • quay.io/argoproj/argocd:v2.4.27/kustomize/kustomize/v4 (gomodules)
      • quay.io/argoproj/argocd:v2.4.27/helm/v3 (gomodules)
      • quay.io/argoproj/argocd:v2.4.27/git-lfs/git-lfs (gomodules)
      -
      28 known vulnerabilities
      +
      27 known vulnerabilities
      97 vulnerable dependency paths
      -
      2047 dependencies
      +
      1963 dependencies
      @@ -498,7 +498,7 @@

      Denial of Service (DoS)

    • Introduced through: - sigs.k8s.io/kustomize/kustomize/v4@* and gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b + sigs.k8s.io/kustomize/kustomize/v4@* and gopkg.in/yaml.v3@v3.0.0-20200615113413-eeeca48fe776
      • @@ -513,6 +513,15 @@

      Detailed paths

      Introduced through: sigs.k8s.io/kustomize/kustomize/v4@* + gopkg.in/yaml.v3@v3.0.0-20200615113413-eeeca48fe776 + + + + +
    • + Introduced through: + helm.sh/helm/v3@* + gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b @@ -525,8 +534,8 @@

      Detailed paths

      Overview

      -

      gopkg.in/yaml.v3 is a YAML support package for the Go language.

      -

      Affected versions of this package are vulnerable to Denial of Service (DoS) via the Unmarshal function, which causes the program to crash when attempting to deserialize invalid input.

      +

      gopkg.in/yaml.v3 is a YAML support package for the Go language. + Affected versions of this package are vulnerable to Denial of Service (DoS) via the Unmarshal function, which causes the program to crash when attempting to deserialize invalid input.

      PoC

      package main
         
@@ -588,7 +597,7 @@ 
      NULL Pointer Dereference
      
         
                     
    • Introduced through:
         
-                                sigs.k8s.io/kustomize/kustomize/v4@* and gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b
+                                sigs.k8s.io/kustomize/kustomize/v4@* and gopkg.in/yaml.v3@v3.0.0-20200615113413-eeeca48fe776
         
                     
      • 
                 
@@ -603,6 +612,15 @@ 
      Detailed paths
      
                                 Introduced through:
                                         sigs.k8s.io/kustomize/kustomize/v4@*
                                           
+                                        gopkg.in/yaml.v3@v3.0.0-20200615113413-eeeca48fe776
+                                        
+                                
+        
+
      • +
    • + Introduced through: + helm.sh/helm/v3@* + gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b @@ -615,8 +633,8 @@

      Detailed paths

      Overview

      -

      gopkg.in/yaml.v3 is a YAML support package for the Go language.

      -

      Affected versions of this package are vulnerable to NULL Pointer Dereference when parsing #\n-\n-\n0 via the parserc.go parser.

      +

      gopkg.in/yaml.v3 is a YAML support package for the Go language. + Affected versions of this package are vulnerable to NULL Pointer Dereference when parsing #\n-\n-\n0 via the parserc.go parser.

      PoC

      package main
         
@@ -666,7 +684,7 @@ 
      Denial of Service (DoS)
      
         
                     
    • Introduced through:
         
-                                sigs.k8s.io/kustomize/kustomize/v4@* and golang.org/x/net/http2/hpack@v0.0.0-20220127200216-cd36cc0744dd
+                                sigs.k8s.io/kustomize/kustomize/v4@* and golang.org/x/net/http2/hpack@v0.0.0-20201110031124-69a78807bb2b
         
                     
      • 
                 
@@ -681,7 +699,7 @@ 
      Detailed paths
      
                                 Introduced through:
                                         sigs.k8s.io/kustomize/kustomize/v4@*
                                           
-                                        golang.org/x/net/http2/hpack@v0.0.0-20220127200216-cd36cc0744dd
+                                        golang.org/x/net/http2/hpack@v0.0.0-20201110031124-69a78807bb2b
                                         
                                 
         
@@ -690,7 +708,7 @@ 
      Detailed paths
      
                                 Introduced through:
                                         helm.sh/helm/v3@*
                                           
-                                        golang.org/x/net/http2/hpack@v0.0.0-20220722155237-a158d28d115b
+                                        golang.org/x/net/http2/hpack@v0.0.0-20220107192237-5cfca573fb4d
                                         
                                 
         
@@ -754,7 +772,7 @@ 
      Denial of Service
      
         
                     
    • Introduced through:
         
-                                helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b
+                                helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220107192237-5cfca573fb4d
         
                     
      • 
                 
@@ -769,7 +787,7 @@ 
      Detailed paths
      
                                 Introduced through:
                                         helm.sh/helm/v3@*
                                           
-                                        golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b
+                                        golang.org/x/net/http2@v0.0.0-20220107192237-5cfca573fb4d
                                         
                                 
         
@@ -781,8 +799,8 @@ 
      Detailed paths
      
               
      
               
               
      Overview
      
-        
      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
      
-        
      Affected versions of this package are vulnerable to Denial of Service as an HTTP/2 connection can hang during closing if a shutdown was preempted by a fatal error.
      
+        
      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
+        Affected versions of this package are vulnerable to Denial of Service as an HTTP/2 connection can hang during closing if a shutdown was preempted by a fatal error.
      
         
      Remediation
      
         
      Upgrade golang.org/x/net/http2 to version 0.0.0-20220906165146-f3363e06e74c, 1.18.6, 1.19.1 or higher.
      
         
      References
      
@@ -820,7 +838,7 @@ 
      Denial of Service (DoS)
      
         
                     
    • Introduced through:
         
-                                helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b
+                                helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220107192237-5cfca573fb4d
         
                     
      • 
                 
@@ -835,7 +853,7 @@ 
      Detailed paths
      
                                 Introduced through:
                                         helm.sh/helm/v3@*
                                           
-                                        golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b
+                                        golang.org/x/net/http2@v0.0.0-20220107192237-5cfca573fb4d
                                         
                                 
         
@@ -847,8 +865,8 @@ 
      Detailed paths
      
               
      
               
               
      Overview
      
-        
      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
      
-        
      Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.
      
+        
      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
+        Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.
      
         
      Details
      
         
      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
      
         
      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
      
@@ -878,29 +896,29 @@ 
      References
      
             
         
         
-        
      
-            
      Out-of-bounds Write
      
+        
      
+            
      Denial of Service (DoS)
      
             
      
         
-                
      
-                    medium severity
+                
      
+                    high severity
                 
      
         
                 
      
         
                 
        
                     
      • 
-                        Package Manager: ubuntu:22.04
+                        Package Manager: golang
                     
        • 
                     
      • 
                             Vulnerable module:
         
-                            procps/libprocps8
+                            github.com/prometheus/client_golang/prometheus/promhttp
                     
        • 
         
                     
      • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and procps/libprocps8@2:3.3.17-6ubuntu2
+                                helm.sh/helm/v3@* and github.com/prometheus/client_golang/prometheus/promhttp@v1.11.0
         
                     
        • 
                 
      
@@ -913,29 +931,9 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        procps/libprocps8@2:3.3.17-6ubuntu2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        procps@2:3.3.17-6ubuntu2
-                                          
-                                        procps/libprocps8@2:3.3.17-6ubuntu2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        helm.sh/helm/v3@*
                                           
-                                        procps@2:3.3.17-6ubuntu2
+                                        github.com/prometheus/client_golang/prometheus/promhttp@v1.11.0
                                         
                                 
         
@@ -946,48 +944,83 @@ 
        Detailed paths
        
         
               
        
               
-              
        NVD Description
        
-        
        Note: Versions mentioned in the description apply only to the upstream procps package and not the procps package as distributed by Ubuntu:22.04.
-        See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
        
-        
        Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
        
+              
        Overview
        
+        
        Affected versions of this package are vulnerable to Denial of Service (DoS) when handling requests with non-standard HTTP methods. 
        
+        
        Note: In order to be affected, an instrumented software must:
        
+        
          
+        
        1. use promhttp.InstrumentHandler* middleware except RequestsInFlight
          
+        
          2. 
+        
        2. not filter any specific methods (e.g GET) before middleware
          
+        
          3. 
+        
        3. pass metric with method label name to the middleware
          
+        
          4. 
+        
        4. not have any firewall/LB/proxy that filters away requests with unknown method.
          
+        
          5. 
+        
        
+        
        Workarounds: 
        
+        
          
+        
        1. removing the method label name from counter/gauge used in the InstrumentHandler
          
+        
          2. 
+        
        2. turning off affected promhttp handlers
          
+        
          3. 
+        
        3. adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request
          
+        
          4. 
+        
        4. using a reverse proxy or web application firewall, configured to only allow a limited set of methods.
          
+        
          5. 
+        
        
+        
        Details
        
+        
        Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
        
+        
        Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
        
+        
        One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.
        
+        
        When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.
        
+        
        Two common types of DoS vulnerabilities:
        
+        
          
+        
        • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
          
+        
          • 
+        
        • Crash - An attacker sending crafted requests that could cause the system to crash. For Example,  npm ws package
          
+        
          • 
+        
        
         
        Remediation
        
-        
        There is no fixed version for Ubuntu:22.04 procps.
        
+        
        Upgrade github.com/prometheus/client_golang/prometheus/promhttp to version 1.11.1 or higher.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
-        
      
-            
      CVE-2023-36054
      
+        
      
+            
      Authorization Bypass
      
             
      
         
-                
      
-                    medium severity
+                
      
+                    high severity
                 
      
         
                 
      
         
                 
        
                     
      • 
-                        Package Manager: ubuntu:22.04
+                        Package Manager: golang
                     
        • 
                     
      • 
                             Vulnerable module:
         
-                            krb5/libk5crypto3
+                            github.com/emicklei/go-restful
                     
        • 
         
                     
      • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                github.com/argoproj/argo-cd/v2@* and github.com/emicklei/go-restful@v2.9.5+incompatible
         
                     
        • 
                 
      
@@ -1000,161 +1033,9 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                          
-                                        pam/libpam-modules@1.4.0-11ubuntu2.3
-                                          
-                                        libnsl/libnsl2@1.3.0-2build2
-                                          
-                                        libtirpc/libtirpc3@1.3.2-2ubuntu0.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                          
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                          
-                                        pam/libpam-modules@1.4.0-11ubuntu2.3
-                                          
-                                        libnsl/libnsl2@1.3.0-2build2
-                                          
-                                        libtirpc/libtirpc3@1.3.2-2ubuntu0.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                          
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
-                                          
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                          
-                                        pam/libpam-modules@1.4.0-11ubuntu2.3
-                                          
-                                        libnsl/libnsl2@1.3.0-2build2
-                                          
-                                        libtirpc/libtirpc3@1.3.2-2ubuntu0.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                          
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        git@1:2.34.1-1ubuntu1.9
-                                          
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        git@1:2.34.1-1ubuntu1.9
-                                          
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
-                                          
-                                        libssh/libssh-4@0.9.6-2ubuntu0.22.04.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                          
-                                        pam/libpam-modules@1.4.0-11ubuntu2.3
-                                          
-                                        libnsl/libnsl2@1.3.0-2build2
-                                          
-                                        libtirpc/libtirpc3@1.3.2-2ubuntu0.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        meta-common-packages@meta
+                                        github.com/argoproj/argo-cd/v2@*
                                           
-                                        krb5/libkrb5support0@1.19.2-2ubuntu0.2
+                                        github.com/emicklei/go-restful@v2.9.5+incompatible
                                         
                                 
         
@@ -1165,34 +1046,32 @@ 
        Detailed paths
        
         
               
        
               
-              
        NVD Description
        
-        
        Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu:22.04.
-        See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
        
-        
        lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
        
+              
        Overview
        
+        
        Affected versions of this package are vulnerable to Authorization Bypass when using CORS Filter with a configurable AllowedDomains parameter (which is an array of domains allowed in CORS policy), with the same value as exists in allowedOriginPatterns parameter (used for matching origin using regular expression), it causes for all domains in AllowedDomains to be also used as regular expression for matching origin validation.
+        This behavior means that if example.com exists in AllowedDomains, all domains starting with example.com would be acceptable, including example.com.hacker.domain.
        
         
        Remediation
        
-        
        There is no fixed version for Ubuntu:22.04 krb5.
        
+        
        Upgrade github.com/emicklei/go-restful to version 2.16.0 or higher.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
-        
      
-            
      Denial of Service (DoS)
      
+        
      
+            
      Command Injection
      
             
      
         
-                
      
-                    medium severity
+                
      
+                    high severity
                 
      
         
                 
      
@@ -1204,12 +1083,12 @@ 
      Denial of Service (DoS)
      
                     
    • 
                             Vulnerable module:
         
-                            gopkg.in/yaml.v2
+                            github.com/Masterminds/vcs
                     
      • 
         
                     
    • Introduced through:
         
-                                github.com/argoproj/argo-cd/v2@* and gopkg.in/yaml.v2@v2.2.4
+                                helm.sh/helm/v3@* and github.com/Masterminds/vcs@v1.13.1
         
                     
      • 
                 
@@ -1222,9 +1101,9 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        github.com/argoproj/argo-cd/v2@*
+                                        helm.sh/helm/v3@*
                                           
-                                        gopkg.in/yaml.v2@v2.2.4
+                                        github.com/Masterminds/vcs@v1.13.1
                                         
                                 
         
@@ -1236,38 +1115,37 @@ 
        Detailed paths
        
               
        
               
               
        Overview
        
-        
        gopkg.in/yaml.v2 is a YAML support package for the Go language.
        
-        
        Affected versions of this package are vulnerable to Denial of Service (DoS). It is possible for authorized users to send malicious YAML payloads to cause kube-apiserver to consume excessive CPU cycles while parsing YAML.
        
-        
        Details
        
-        
        Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
        
-        
        Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
        
-        
        One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.
        
-        
        When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.
        
-        
        Two common types of DoS vulnerabilities:
        
-        
          
-        
        • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
          
-        
          • 
-        
        • Crash - An attacker sending crafted requests that could cause the system to crash. For Example,  npm ws package
          
-        
          • 
-        
        
+        
        github.com/Masterminds/vcs is a VCS Repo management through a common interface in Go.
+        Affected versions of this package are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection.
        
+        
        PoC
        
+        
        package main
+        
+        import (
+            "github.com/Masterminds/vcs"
+        )
+        
+        func main(){
+              local := "--config=alias.init=!touch ./HELLO"
+            repo, _ := vcs.NewHgRepo("remote", local)
+            repo.Init()
+        }
+        
        
         
        Remediation
        
-        
        Upgrade gopkg.in/yaml.v2 to version 2.2.8 or higher.
        
+        
        Upgrade github.com/Masterminds/vcs to version 1.13.3 or higher.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
         
      
-            
      Improper Input Validation
      
+            
      Denial of Service (DoS)
      
             
      
         
                 
      
@@ -1283,12 +1161,12 @@ 
      Improper Input Validation
      
                     
    • 
                             Vulnerable module:
         
-                            golang.org/x/text/language
+                            gopkg.in/yaml.v2
                     
      • 
         
                     
    • Introduced through:
         
-                                sigs.k8s.io/kustomize/kustomize/v4@* and golang.org/x/text/language@v0.3.7
+                                github.com/argoproj/argo-cd/v2@* and gopkg.in/yaml.v2@v2.2.4
         
                     
      • 
                 
@@ -1301,18 +1179,9 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        sigs.k8s.io/kustomize/kustomize/v4@*
-                                          
-                                        golang.org/x/text/language@v0.3.7
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        helm.sh/helm/v3@*
+                                        github.com/argoproj/argo-cd/v2@*
                                           
-                                        golang.org/x/text/language@v0.3.7
+                                        gopkg.in/yaml.v2@v2.2.4
                                         
                                 
         
@@ -1324,22 +1193,33 @@ 
        Detailed paths
        
               
        
               
               
        Overview
        
-        
        Affected versions of this package are vulnerable to Improper Input Validation due to the parser being, by design, exposed to untrusted user input, which can be leveraged to force a program to consume significant time parsing Accept-Language headers.
        
+        
        gopkg.in/yaml.v2 is a YAML support package for the Go language.
+        Affected versions of this package are vulnerable to Denial of Service (DoS). It is possible for authorized users to send malicious YAML payloads to cause kube-apiserver to consume excessive CPU cycles while parsing YAML.
        
+        
        Details
        
+        
        Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
        
+        
        Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
        
+        
        One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.
        
+        
        When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.
        
+        
        Two common types of DoS vulnerabilities:
        
+        
          
+        
        • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
          
+        
          • 
+        
        • Crash - An attacker sending crafted requests that could cause the system to crash. For Example,  npm ws package
          
+        
          • 
+        
        
         
        Remediation
        
-        
        Upgrade golang.org/x/text/language to version 0.3.8 or higher.
        
+        
        Upgrade gopkg.in/yaml.v2 to version 2.2.8 or higher.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
@@ -1365,7 +1245,7 @@ 
      Incorrect Privilege Assignment
      
         
                     
    • Introduced through:
         
-                                helm.sh/helm/v3@* and golang.org/x/sys/unix@v0.0.0-20220722155257-8c9f86f7a55f
+                                helm.sh/helm/v3@* and golang.org/x/sys/unix@v0.0.0-20211216021012-1d35b9e2eb4e
         
                     
      • 
                 
@@ -1380,7 +1260,7 @@ 
      Detailed paths
      
                                 Introduced through:
                                         helm.sh/helm/v3@*
                                           
-                                        golang.org/x/sys/unix@v0.0.0-20220722155257-8c9f86f7a55f
+                                        golang.org/x/sys/unix@v0.0.0-20211216021012-1d35b9e2eb4e
                                         
                                 
         
@@ -1430,7 +1310,7 @@ 
      Denial of Service (DoS)
      
         
                     
    • Introduced through:
         
-                                helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b
+                                helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220107192237-5cfca573fb4d
         
                     
      • 
                 
@@ -1445,7 +1325,7 @@ 
      Detailed paths
      
                                 Introduced through:
                                         helm.sh/helm/v3@*
                                           
-                                        golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b
+                                        golang.org/x/net/http2@v0.0.0-20220107192237-5cfca573fb4d
                                         
                                 
         
@@ -1457,8 +1337,8 @@ 
      Detailed paths
      
               
      
               
               
      Overview
      
-        
      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
      
-        
      Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.
      
+        
      golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
+        Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.
      
         
      Details
      
         
      Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
      
         
      Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
      
@@ -1489,7 +1369,7 @@ 
      References
      
         
         
      
         
      
-            
      Improper Verification of Cryptographic Signature
      
+            
      Denial of Service (DoS)
      
             
      
         
                 
      
@@ -1505,12 +1385,12 @@ 
      Improper Verification of Cryptographic Signature
      
                     
    • 
                             Vulnerable module:
         
-                            golang.org/x/crypto/openpgp/clearsign
+                            golang.org/x/net/http/httpguts
                     
      • 
         
                     
    • Introduced through:
         
-                                helm.sh/helm/v3@* and golang.org/x/crypto/openpgp/clearsign@v0.0.0-20220525230936-793ad666bf5e
+                                sigs.k8s.io/kustomize/kustomize/v4@* and golang.org/x/net/http/httpguts@v0.0.0-20201110031124-69a78807bb2b
         
                     
      • 
                 
@@ -1523,9 +1403,9 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        helm.sh/helm/v3@*
+                                        sigs.k8s.io/kustomize/kustomize/v4@*
                                           
-                                        golang.org/x/crypto/openpgp/clearsign@v0.0.0-20220525230936-793ad666bf5e
+                                        golang.org/x/net/http/httpguts@v0.0.0-20201110031124-69a78807bb2b
                                         
                                 
         
@@ -1537,20 +1417,36 @@ 
        Detailed paths
        
               
        
               
               
        Overview
        
-        
        Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the crypto/openpgp/clearsign/clearsign.go component. An attacker can spoof the 'Hash' Armor Header, leading a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, the attacker can prepend arbitrary text to cleartext messages without invalidating the signatures.
        
+        
        golang.org/x/net/http/httpguts is a package providing functions implementing various details of the HTTP specification
+        Affected versions of this package are vulnerable to Denial of Service (DoS) when processing a large header to ReadRequest or ReadResponse. Servers are only vulnerable if the default max header of 1MB is increased by setting Server.MaxHeaderBytes.
        
+        
        Details
        
+        
        Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
        
+        
        Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
        
+        
        One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.
        
+        
        When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.
        
+        
        Two common types of DoS vulnerabilities:
        
+        
          
+        
        • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
          
+        
          • 
+        
        • Crash - An attacker sending crafted requests that could cause the system to crash. For Example,  npm ws package
          
+        
          • 
+        
        
         
        Remediation
        
-        
        Upgrade golang.org/x/crypto/openpgp/clearsign to version 0.1.0 or higher.
        
+        
        Upgrade golang.org/x/net/http/httpguts to version 0.0.0-20210428140749-89ef3d95e781 or higher.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
@@ -1603,8 +1499,8 @@ 
      Detailed paths
      
               
      
               
               
      Overview
      
-        
      go.mongodb.org/mongo-driver/bson/bsonrw is a The MongoDB supported driver for Go.
      
-        
      Affected versions of this package are vulnerable to Improper Input Validation. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents.
      
+        
      go.mongodb.org/mongo-driver/bson/bsonrw is a The MongoDB supported driver for Go.
+        Affected versions of this package are vulnerable to Improper Input Validation. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents.
      
         
      Remediation
      
         
      Upgrade go.mongodb.org/mongo-driver/bson/bsonrw to version 1.5.1 or higher.
      
         
      References
      
@@ -1644,7 +1540,7 @@ 
      CVE-2022-46908
      
                     
    • Introduced through:
         
         
-                                    docker-image|quay.io/argoproj/argocd@v2.5.22, gnupg2/gpg@2.2.27-3ubuntu2.1 and others
+                                    docker-image|quay.io/argoproj/argocd@v2.4.27, gnupg2/gpg@2.2.27-3ubuntu2.1 and others
                     
      • 
                 
         
@@ -1656,7 +1552,7 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gpg@2.2.27-3ubuntu2.1
                                           
@@ -1692,107 +1588,6 @@ 
        References
        
                 
        More about this vulnerability
        
             
      
         
-        
      
-        
      
-            
      Arbitrary Code Injection
      
-            
      
-        
-                
      
-                    low severity
-                
      
-        
-                
      
-        
-                
        
-                    
      • 
-                        Package Manager: ubuntu:22.04
-                    
        • 
-                    
      • 
-                            Vulnerable module:
-        
-                            shadow/passwd
-                    
        • 
-        
-                    
      • Introduced through:
-        
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and shadow/passwd@1:4.8.1-2ubuntu2.1
-        
-                    
        • 
-                
      
-        
-                
      
-        
-        
-                        
      Detailed paths
      
-        
-                    
        
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        shadow/login@1:4.8.1-2ubuntu2.1
-                                        
-                                
-        
-                            
        • 
-                    
      
-        
-            
      
-        
-              
      
-              
-              
      NVD Description
      
-        
      Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Ubuntu:22.04.
-        See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
      
-        
      In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.
      
-        
      Remediation
      
-        
      There is no fixed version for Ubuntu:22.04 shadow.
      
-        
      References
      
-        
-        
-              
      
-        
-            
      
-                
      More about this vulnerability
      
-            
      
-        
         
      
         
      
             
      Uncontrolled Recursion
      
@@ -1816,7 +1611,7 @@ 
      Uncontrolled Recursion
      
         
                     
    • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
         
                     
      • 
                 
@@ -1829,7 +1624,7 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
                                         
@@ -1838,7 +1633,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         grep@3.7-1build1
                                           
@@ -1867,8 +1662,6 @@ 
        References
        
         
      • MLIST
        • 
         
      • OSS security Advisory
        • 
         
      • Security Focus
        • 
-        
      • cve@mitre.org
        • 
-        
      • cve@mitre.org
        • 
         
      
         
               
      
@@ -1900,7 +1693,7 @@ 
      Release of Invalid Pointer or Reference
      
         
                     
    • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and patch@2.7.6-7build2
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and patch@2.7.6-7build2
         
                     
      • 
                 
@@ -1913,7 +1706,7 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         patch@2.7.6-7build2
                                         
@@ -1967,7 +1760,7 @@ 
        Double Free
        
         
                     
      • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and patch@2.7.6-7build2
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and patch@2.7.6-7build2
         
                     
        • 
                 
      
@@ -1980,7 +1773,7 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         patch@2.7.6-7build2
                                         
@@ -2018,7 +1811,7 @@ 
        References
        
         
         
      
         
      
-            
      Improper Authentication
      
+            
      Improper Locking
      
             
      
         
                 
      
@@ -2039,7 +1832,7 @@ 
      Improper Authentication
      
         
                     
    • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and openssl/libssl3@3.0.2-0ubuntu1.10
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and openssl/libssl3@3.0.2-0ubuntu1.8
         
                     
      • 
                 
@@ -2052,77 +1845,77 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         libfido2/libfido2-1@1.10.0-1
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
+                                        openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        ca-certificates@20230311ubuntu0.22.04.1
+                                        ca-certificates@20211016ubuntu0.22.04.1
                                           
-                                        openssl@3.0.2-0ubuntu1.10
+                                        openssl@3.0.2-0ubuntu1.8
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                           
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
+                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.8
                                           
-                                        libssh/libssh-4@0.9.6-2ubuntu0.22.04.1
+                                        libssh/libssh-4@0.9.6-2build1
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2134,31 +1927,31 @@ 
        Detailed paths
        
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                         
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        openssl@3.0.2-0ubuntu1.10
+                                        openssl@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        ca-certificates@20230311ubuntu0.22.04.1
+                                        ca-certificates@20211016ubuntu0.22.04.1
                                           
-                                        openssl@3.0.2-0ubuntu1.10
+                                        openssl@3.0.2-0ubuntu1.8
                                         
                                 
         
@@ -2172,45 +1965,25 @@ 
        Detailed paths
        
               
        NVD Description
        
         
        Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu:22.04.
         See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
        
-        
        Issue summary: The AES-SIV cipher implementation contains a bug that causes
-        it to ignore empty associated data entries which are unauthenticated as
-        a consequence.
        
-        
        Impact summary: Applications that use the AES-SIV algorithm and want to
-        authenticate empty data entries as associated data can be mislead by removing
-        adding or reordering such empty entries as these are ignored by the OpenSSL
-        implementation. We are currently unaware of any such applications.
        
-        
        The AES-SIV algorithm allows for authentication of multiple associated
-        data entries along with the encryption. To authenticate empty data the
-        application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with
-        NULL pointer as the output buffer and 0 as the input buffer length.
-        The AES-SIV implementation in OpenSSL just returns success for such a call
-        instead of performing the associated data authentication operation.
-        The empty data thus will not be authenticated.
        
-        
        As this issue does not affect non-empty associated data authentication and
-        we expect it to be rare for an application to use empty associated data
-        entries this is qualified as Low severity issue.
        
+        
        If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the -policy&#39; argument to the command line utilities or by calling either X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.
        
         
        Remediation
        
         
        There is no fixed version for Ubuntu:22.04 openssl.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
         
      
-            
      CVE-2023-28531
      
+            
      Improper Privilege Management
      
             
      
         
                 
      
@@ -2231,7 +2004,7 @@ 
      CVE-2023-28531
      
         
                     
    • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and openssh/openssh-client@1:8.9p1-3ubuntu0.3
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and openssh/openssh-client@1:8.9p1-3ubuntu0.1
         
                     
      • 
                 
@@ -2244,9 +2017,9 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
+                                        openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                         
                                 
         
@@ -2260,26 +2033,35 @@ 
        Detailed paths
        
               
        NVD Description
        
         
        Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04.
         See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
        
-        
        ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
        
+        
        sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
        
         
        Remediation
        
         
        There is no fixed version for Ubuntu:22.04 openssh.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
         
      
-            
      NULL Pointer Dereference
      
+            
      Information Exposure
      
             
      
         
                 
      
@@ -2295,13 +2077,13 @@ 
      NULL Pointer Dereference
      
                     
    • 
                             Vulnerable module:
         
-                            openldap/libldap-2.5-0
+                            openssh/openssh-client
                     
      • 
         
                     
    • Introduced through:
         
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and openssh/openssh-client@1:8.9p1-3ubuntu0.1
         
-                                    docker-image|quay.io/argoproj/argocd@v2.5.22, gnupg2/dirmngr@2.2.27-3ubuntu2.1 and others
                     
      • 
                 
         
@@ -2313,33 +2095,9 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        gnupg2/dirmngr@2.2.27-3ubuntu2.1
-                                          
-                                        openldap/libldap-2.5-0@2.5.15+dfsg-0ubuntu0.22.04.1
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
-                                          
-                                        git@1:2.34.1-1ubuntu1.9
-                                          
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
-                                          
-                                        openldap/libldap-2.5-0@2.5.15+dfsg-0ubuntu0.22.04.1
-                                        
-                                
-        
-                            
        • 
-                                
      • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        openldap/libldap-common@2.5.15+dfsg-0ubuntu0.22.04.1
+                                        openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                         
                                 
         
@@ -2351,34 +2109,33 @@ 
        Detailed paths
        
               
        
               
               
        NVD Description
        
-        
        Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Ubuntu:22.04.
+        
        Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04.
         See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
        
-        
        A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
        
+        
        The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
        
         
        Remediation
        
-        
        There is no fixed version for Ubuntu:22.04 openldap.
        
+        
        There is no fixed version for Ubuntu:22.04 openssh.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
         
      
-            
      Resource Exhaustion
      
+            
      Out-of-bounds Read
      
             
      
         
                 
      
@@ -2394,13 +2151,13 @@ 
      Resource Exhaustion
      
                     
    • 
                             Vulnerable module:
         
-                            libzstd/libzstd1
+                            ncurses/libtinfo6
                     
      • 
         
                     
    • Introduced through:
         
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and ncurses/libtinfo6@6.3-2
         
-                                    docker-image|quay.io/argoproj/argocd@v2.5.22, meta-common-packages@meta and others
                     
      • 
                 
         
@@ -2412,11 +2169,200 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        meta-common-packages@meta
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        bash@5.1-6ubuntu1
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        ncurses/libncursesw6@6.3-2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        less@590-1ubuntu0.22.04.1
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        libedit/libedit2@3.1-20210910-1build1
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        ncurses/libncurses6@6.3-2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        ncurses/ncurses-bin@6.3-2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        procps@2:3.3.17-6ubuntu2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        util-linux@2.37.2-4ubuntu3
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        gnupg2/gpg@2.2.27-3ubuntu2.1
+                                          
+                                        gnupg2/gpgconf@2.2.27-3ubuntu2.1
+                                          
+                                        readline/libreadline8@8.1.2-1
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        gnupg2/gnupg@2.2.27-3ubuntu2.1
+                                          
+                                        gnupg2/gpg-agent@2.2.27-3ubuntu2.1
+                                          
+                                        pinentry/pinentry-curses@1.1.1-1build2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        ncurses/libncursesw6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        procps@2:3.3.17-6ubuntu2
+                                          
+                                        ncurses/libncursesw6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        gnupg2/gnupg@2.2.27-3ubuntu2.1
+                                          
+                                        gnupg2/gpg-agent@2.2.27-3ubuntu2.1
+                                          
+                                        pinentry/pinentry-curses@1.1.1-1build2
+                                          
+                                        ncurses/libncursesw6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        ncurses/libncurses6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        procps@2:3.3.17-6ubuntu2
+                                          
+                                        ncurses/libncurses6@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
+                                          
+                                        ncurses/ncurses-base@6.3-2
+                                        
+                                
+        
+                            
        • 
+                                
      • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        libzstd/libzstd1@1.4.8+dfsg-3build1
+                                        ncurses/ncurses-bin@6.3-2
                                         
                                 
         
@@ -2428,22 +2374,25 @@ 
        Detailed paths
        
               
        
               
               
        NVD Description
        
-        
        Note: Versions mentioned in the description apply only to the upstream libzstd package and not the libzstd package as distributed by Ubuntu:22.04.
+        
        Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Ubuntu:22.04.
         See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
        
-        
        A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.
        
+        
        ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
        
         
        Remediation
        
-        
        There is no fixed version for Ubuntu:22.04 libzstd.
        
+        
        There is no fixed version for Ubuntu:22.04 ncurses.
        
         
        References
        
         
         
               
        
         
             
        
-                
        More about this vulnerability
        
+                
        More about this vulnerability
        
             
        
         
         
      
@@ -2469,7 +2418,7 @@ 
      Integer Overflow or Wraparound
      
         
                     
    • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and krb5/libk5crypto3@1.19.2-2ubuntu0.1
         
                     
      • 
                 
@@ -2482,16 +2431,16 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                        krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2503,16 +2452,16 @@ 
        Detailed paths
        
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                        krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                         
                                         
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2524,27 +2473,27 @@ 
        Detailed paths
        
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                        krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                         
                                         
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2556,64 +2505,64 @@ 
        Detailed paths
        
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                         
                                         
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
+                                        openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                           
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
+                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.8
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                           
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
+                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.8
                                           
-                                        libssh/libssh-4@0.9.6-2ubuntu0.22.04.1
+                                        libssh/libssh-4@0.9.6-2build1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2625,18 +2574,18 @@ 
        Detailed paths
        
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                         
         
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         meta-common-packages@meta
                                           
-                                        krb5/libkrb5support0@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5support0@1.19.2-2ubuntu0.1
                                         
                                 
         
@@ -2691,7 +2640,7 @@ 
        Out-of-bounds Write
        
         
                     
      • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and gnupg2/gpgv@2.2.27-3ubuntu2.1
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and gnupg2/gpgv@2.2.27-3ubuntu2.1
         
                     
        • 
                 
      
@@ -2704,7 +2653,7 @@ 
      Detailed paths
      
                     
        
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gpgv@2.2.27-3ubuntu2.1
                                         
@@ -2713,9 +2662,9 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
-                                        apt@2.4.9
+                                        apt@2.4.8
                                           
                                         gnupg2/gpgv@2.2.27-3ubuntu2.1
                                         
@@ -2724,7 +2673,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2735,7 +2684,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/dirmngr@2.2.27-3ubuntu2.1
                                           
@@ -2746,7 +2695,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gpg@2.2.27-3ubuntu2.1
                                           
@@ -2757,7 +2706,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2770,7 +2719,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2783,7 +2732,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/dirmngr@2.2.27-3ubuntu2.1
                                         
@@ -2792,7 +2741,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2803,7 +2752,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2816,7 +2765,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1
                                         
@@ -2825,7 +2774,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2836,7 +2785,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg-utils@2.2.27-3ubuntu2.1
                                         
@@ -2845,7 +2794,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2856,7 +2805,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gpg@2.2.27-3ubuntu2.1
                                         
@@ -2865,7 +2814,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2876,7 +2825,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2889,7 +2838,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2902,7 +2851,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gpg-agent@2.2.27-3ubuntu2.1
                                         
@@ -2911,7 +2860,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2922,7 +2871,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2935,7 +2884,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2948,7 +2897,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1
                                         
@@ -2957,7 +2906,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2968,7 +2917,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1
                                         
@@ -2977,7 +2926,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2988,7 +2937,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gpgsm@2.2.27-3ubuntu2.1
                                         
@@ -2997,7 +2946,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -3008,7 +2957,7 @@ 
        Detailed paths
        
                             
        • 
                                 
      • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.5.22
+                                        docker-image|quay.io/argoproj/argocd@v2.4.27
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                         
@@ -3035,7 +2984,6 @@ 
        References
        
         
      • secalert@redhat.com
        • 
         
      • secalert@redhat.com
        • 
         
      • secalert@redhat.com
        • 
-        
      • secalert@redhat.com
        • 
         
      
         
               
      
@@ -3067,7 +3015,7 @@ 
      Allocation of Resources Without Limits or Throttling
      Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.5.22 and glibc/libc-bin@2.35-0ubuntu3.1
+                                docker-image|quay.io/argoproj/argocd@v2.4.27 and glibc/libc-bin@2.35-0ubuntu3.1
      • @@ -3080,7 +3028,7 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 + docker-image|quay.io/argoproj/argocd@v2.4.27 glibc/libc-bin@2.35-0ubuntu3.1 @@ -3089,7 +3037,7 @@

        Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 + docker-image|quay.io/argoproj/argocd@v2.4.27 meta-common-packages@meta @@ -3148,7 +3096,7 @@

        Improper Input Validation

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22, git@1:2.34.1-1ubuntu1.9 and others + docker-image|quay.io/argoproj/argocd@v2.4.27, git@1:2.34.1-1ubuntu1.8 and others
      @@ -3160,31 +3108,31 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 + docker-image|quay.io/argoproj/argocd@v2.4.27 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - git/git-man@1:2.34.1-1ubuntu1.9 + git/git-man@1:2.34.1-1ubuntu1.8
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 + docker-image|quay.io/argoproj/argocd@v2.4.27 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8
      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 + docker-image|quay.io/argoproj/argocd@v2.4.27 - git-lfs@3.0.2-1ubuntu0.2 + git-lfs@3.0.2-1ubuntu0.1 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 @@ -3237,7 +3185,7 @@

        Improper Input Validation

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 and coreutils@8.32-4.1ubuntu1 + docker-image|quay.io/argoproj/argocd@v2.4.27 and coreutils@8.32-4.1ubuntu1
      @@ -3250,7 +3198,7 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 + docker-image|quay.io/argoproj/argocd@v2.4.27 coreutils@8.32-4.1ubuntu1 @@ -3307,7 +3255,7 @@

        Out-of-bounds Write

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 and bash@5.1-6ubuntu1 + docker-image|quay.io/argoproj/argocd@v2.4.27 and bash@5.1-6ubuntu1
      @@ -3320,7 +3268,7 @@

      Detailed paths

      • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.5.22 + docker-image|quay.io/argoproj/argocd@v2.4.27 bash@5.1-6ubuntu1 diff --git a/docs/snyk/v2.4.27/redis_7.0.8-alpine.html b/docs/snyk/v2.4.27/redis_7.0.8-alpine.html new file mode 100644 index 0000000000000..2f01588fcbcbc --- /dev/null +++ b/docs/snyk/v2.4.27/redis_7.0.8-alpine.html @@ -0,0 +1,492 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
        +
        +
        +
        + + + Snyk - Open Source Security + + + + + + + +
        +

        Snyk test report

        + +

        March 19th 2023, 12:24:43 am

        +
        +
        + Scanned the following path: +
          +
        • redis:7.0.8-alpine (apk)
          • +
        +
        + +
        +
        0 known vulnerabilities
        +
        0 vulnerable dependency paths
        +
        18 dependencies
        +
        +
        +
        +
        +
        +
      Project docker-image|haproxy
      Path haproxy:2.6.14-alpine
      Path haproxy:2.0.31-alpine
      Package Manager apk
      + + + + + + +
      Project docker-image|redis
      Path redis:7.0.8-alpine
      Package Manager apk
      + +
      + No known vulnerabilities detected. +
      + + + + diff --git a/docs/snyk/v2.5.22/argocd-iac-install.html b/docs/snyk/v2.5.15/argocd-iac-install.html similarity index 89% rename from docs/snyk/v2.5.22/argocd-iac-install.html rename to docs/snyk/v2.5.15/argocd-iac-install.html index 312be3f446992..7c6b958b1bb5c 100644 --- a/docs/snyk/v2.5.22/argocd-iac-install.html +++ b/docs/snyk/v2.5.15/argocd-iac-install.html @@ -456,7 +456,7 @@

      Snyk test report

      -

      August 13th 2023, 12:26:29 am (UTC+00:00)

      +

      March 19th 2023, 12:23:26 am

      Scanned the following path: @@ -494,7 +494,7 @@

      Role with dangerous permissions

      -

      More about this issue

      +

      More about this issue

      @@ -540,7 +540,7 @@

      Role with dangerous permissions

      -

      More about this issue

      +

      More about this issue

      @@ -586,7 +586,7 @@

      Role with dangerous permissions

      -

      More about this issue

      +

      More about this issue

      @@ -632,7 +632,7 @@

      Role with dangerous permissions

      -

      More about this issue

      +

      More about this issue

      @@ -678,7 +678,7 @@

      Role with dangerous permissions

      -

      More about this issue

      +

      More about this issue

      @@ -724,7 +724,7 @@

      Role with dangerous permissions

      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
      • Introduced through: @@ -754,7 +754,7 @@

        Remediation

        -

        More about this issue

        +

        More about this issue

        @@ -770,7 +770,7 @@

        Container could be running with outdated image

        • - Public ID: SNYK-CC-K8S-42 + Public ID: SNYK-CC-K8S-42
        • Introduced through: @@ -806,7 +806,7 @@

          Remediation

          -

          More about this issue

          +

          More about this issue

          @@ -822,7 +822,7 @@

          Container has no CPU limit

          • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
          • Introduced through: @@ -864,7 +864,7 @@

            Remediation

            -

            More about this issue

            +

            More about this issue

            @@ -880,7 +880,7 @@

            Container has no CPU limit

            • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
            • Introduced through: @@ -922,7 +922,7 @@

              Remediation

              -

              More about this issue

              +

              More about this issue

              @@ -938,7 +938,7 @@

              Container has no CPU limit

              • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
              • Introduced through: @@ -980,7 +980,7 @@

                Remediation

                -

                More about this issue

                +

                More about this issue

                @@ -996,7 +996,7 @@

                Container has no CPU limit

                • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                • Introduced through: @@ -1038,7 +1038,7 @@

                  Remediation

                  -

                  More about this issue

                  +

                  More about this issue

                  @@ -1054,7 +1054,7 @@

                  Container has no CPU limit

                  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                  • Introduced through: @@ -1096,7 +1096,7 @@

                    Remediation

                    -

                    More about this issue

                    +

                    More about this issue

                    @@ -1112,7 +1112,7 @@

                    Container has no CPU limit

                    • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                    • Introduced through: @@ -1154,7 +1154,7 @@

                      Remediation

                      -

                      More about this issue

                      +

                      More about this issue

                      @@ -1170,7 +1170,7 @@

                      Container has no CPU limit

                      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                      • Introduced through: @@ -1212,7 +1212,7 @@

                        Remediation

                        -

                        More about this issue

                        +

                        More about this issue

                        @@ -1228,7 +1228,7 @@

                        Container has no CPU limit

                        • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                        • Introduced through: @@ -1270,7 +1270,7 @@

                          Remediation

                          -

                          More about this issue

                          +

                          More about this issue

                          @@ -1286,7 +1286,7 @@

                          Container has no CPU limit

                          • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                          • Introduced through: @@ -1328,7 +1328,7 @@

                            Remediation

                            -

                            More about this issue

                            +

                            More about this issue

                            @@ -1344,7 +1344,7 @@

                            Container is running with multiple open ports

                            • - Public ID: SNYK-CC-K8S-36 + Public ID: SNYK-CC-K8S-36
                            • Introduced through: @@ -1380,7 +1380,63 @@

                              Remediation

                              -

                              More about this issue

                              +

                              More about this issue

                              +
                              + + +
                              +

                              Container is running with writable root filesystem

                              +
                              + +
                              + low severity +
                              + +
                              + +
                                +
                              • + Public ID: SNYK-CC-K8S-8 +
                                • + +
                              • Introduced through: + [DocId: 45] + + input + + spec + + template + + spec + + containers[redis] + + securityContext + + readOnlyRootFilesystem + +
                                • + +
                              • + Line number: 10203 +
                                • +
                              + +
                              + +

                              Impact

                              +

                              Compromised process could abuse writable root filesystem to elevate privileges

                              + +

                              Remediation

                              +

                              Set `securityContext.readOnlyRootFilesystem` to `true`

                              + + +
                              +
                              + +
                              +

                              More about this issue

                              @@ -1396,7 +1452,7 @@

                              Container is running without liveness probe

                              • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                              • Introduced through: @@ -1432,7 +1488,7 @@

                                Remediation

                                -

                                More about this issue

                                +

                                More about this issue

                                @@ -1448,7 +1504,7 @@

                                Container is running without liveness probe

                                • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                • Introduced through: @@ -1484,7 +1540,7 @@

                                  Remediation

                                  -

                                  More about this issue

                                  +

                                  More about this issue

                                  @@ -1500,7 +1556,7 @@

                                  Container is running without liveness probe

                                  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                  • Introduced through: @@ -1536,7 +1592,7 @@

                                    Remediation

                                    -

                                    More about this issue

                                    +

                                    More about this issue

                                    @@ -1552,7 +1608,7 @@

                                    Container is running without liveness probe

                                    • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                    • Introduced through: @@ -1588,7 +1644,7 @@

                                      Remediation

                                      -

                                      More about this issue

                                      +

                                      More about this issue

                                      @@ -1604,7 +1660,7 @@

                                      Container is running without liveness probe

                                      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                      • Introduced through: @@ -1640,7 +1696,7 @@

                                        Remediation

                                        -

                                        More about this issue

                                        +

                                        More about this issue

                                        @@ -1656,7 +1712,7 @@

                                        Container is running without memory limit

                                        • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                        • Introduced through: @@ -1698,7 +1754,7 @@

                                          Remediation

                                          -

                                          More about this issue

                                          +

                                          More about this issue

                                          @@ -1714,7 +1770,7 @@

                                          Container is running without memory limit

                                          • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                          • Introduced through: @@ -1756,7 +1812,7 @@

                                            Remediation

                                            -

                                            More about this issue

                                            +

                                            More about this issue

                                            @@ -1772,7 +1828,7 @@

                                            Container is running without memory limit

                                            • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                            • Introduced through: @@ -1814,7 +1870,7 @@

                                              Remediation

                                              -

                                              More about this issue

                                              +

                                              More about this issue

                                              @@ -1830,7 +1886,7 @@

                                              Container is running without memory limit

                                              • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                              • Introduced through: @@ -1872,7 +1928,7 @@

                                                Remediation

                                                -

                                                More about this issue

                                                +

                                                More about this issue

                                                @@ -1888,7 +1944,7 @@

                                                Container is running without memory limit

                                                • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                • Introduced through: @@ -1930,7 +1986,7 @@

                                                  Remediation

                                                  -

                                                  More about this issue

                                                  +

                                                  More about this issue

                                                  @@ -1946,7 +2002,7 @@

                                                  Container is running without memory limit

                                                  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                  • Introduced through: @@ -1988,7 +2044,7 @@

                                                    Remediation

                                                    -

                                                    More about this issue

                                                    +

                                                    More about this issue

                                                    @@ -2004,7 +2060,7 @@

                                                    Container is running without memory limit

                                                    • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                    • Introduced through: @@ -2046,7 +2102,7 @@

                                                      Remediation

                                                      -

                                                      More about this issue

                                                      +

                                                      More about this issue

                                                      @@ -2062,7 +2118,7 @@

                                                      Container is running without memory limit

                                                      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                      • Introduced through: @@ -2104,7 +2160,7 @@

                                                        Remediation

                                                        -

                                                        More about this issue

                                                        +

                                                        More about this issue

                                                        @@ -2120,7 +2176,7 @@

                                                        Container is running without memory limit

                                                        • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                        • Introduced through: @@ -2162,68 +2218,12 @@

                                                          Remediation

                                                          -

                                                          More about this issue

                                                          -
                                                          - - -
                                                          -

                                                          Container or Pod is running with writable root filesystem

                                                          -
                                                          - -
                                                          - low severity -
                                                          - -
                                                          - -
                                                            -
                                                          • - Public ID: SNYK-CC-K8S-8 -
                                                            • - -
                                                          • Introduced through: - [DocId: 45] - - input - - spec - - template - - spec - - containers[redis] - - securityContext - - readOnlyRootFilesystem - -
                                                            • - -
                                                          • - Line number: 10203 -
                                                            • -
                                                          - -
                                                          - -

                                                          Impact

                                                          -

                                                          Compromised process could abuse writable root filesystem to elevate privileges

                                                          - -

                                                          Remediation

                                                          -

                                                          Set `securityContext.readOnlyRootFilesystem` to `true`

                                                          - - -
                                                          -
                                                          - -
                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2234,7 +2234,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2267,19 +2267,19 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2290,7 +2290,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2323,19 +2323,19 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2346,7 +2346,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2379,19 +2379,19 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2402,7 +2402,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2435,19 +2435,19 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2458,7 +2458,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2491,19 +2491,19 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2514,7 +2514,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2547,19 +2547,19 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2570,7 +2570,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2603,19 +2603,19 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2626,7 +2626,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2659,19 +2659,19 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          -

                                                          Container's or Pod's UID could clash with host's UID

                                                          +

                                                          Container's UID could clash with host's UID

                                                          @@ -2682,7 +2682,7 @@

                                                          Container's or Pod's UID could clash with hos
                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                          • Introduced through: @@ -2715,14 +2715,14 @@

                                                            Impact

                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                            Remediation

                                                            -

                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                            +

                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          diff --git a/docs/snyk/v2.5.22/argocd-iac-namespace-install.html b/docs/snyk/v2.5.15/argocd-iac-namespace-install.html similarity index 89% rename from docs/snyk/v2.5.22/argocd-iac-namespace-install.html rename to docs/snyk/v2.5.15/argocd-iac-namespace-install.html index 1932c53c9ffaf..3bffd07f6210b 100644 --- a/docs/snyk/v2.5.22/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.5.15/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

                                                          Snyk test report

                                                          -

                                                          August 13th 2023, 12:26:46 am (UTC+00:00)

                                                          +

                                                          March 19th 2023, 12:23:39 am

                                                          Scanned the following path: @@ -494,7 +494,7 @@

                                                          Role with dangerous permissions

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          @@ -540,7 +540,7 @@

                                                          Role with dangerous permissions

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          @@ -586,7 +586,7 @@

                                                          Role with dangerous permissions

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          @@ -632,7 +632,7 @@

                                                          Role with dangerous permissions

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          @@ -678,7 +678,7 @@

                                                          Role with dangerous permissions

                                                          -

                                                          More about this issue

                                                          +

                                                          More about this issue

                                                          @@ -724,7 +724,7 @@

                                                          Role with dangerous permissions

                                                          • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
                                                          • Introduced through: @@ -754,7 +754,7 @@

                                                            Remediation

                                                            -

                                                            More about this issue

                                                            +

                                                            More about this issue

                                                            @@ -770,7 +770,7 @@

                                                            Container could be running with outdated image

                                                            • - Public ID: SNYK-CC-K8S-42 + Public ID: SNYK-CC-K8S-42
                                                            • Introduced through: @@ -806,7 +806,7 @@

                                                              Remediation

                                                              -

                                                              More about this issue

                                                              +

                                                              More about this issue

                                                              @@ -822,7 +822,7 @@

                                                              Container has no CPU limit

                                                              • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                              • Introduced through: @@ -864,7 +864,7 @@

                                                                Remediation

                                                                -

                                                                More about this issue

                                                                +

                                                                More about this issue

                                                                @@ -880,7 +880,7 @@

                                                                Container has no CPU limit

                                                                • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                • Introduced through: @@ -922,7 +922,7 @@

                                                                  Remediation

                                                                  -

                                                                  More about this issue

                                                                  +

                                                                  More about this issue

                                                                  @@ -938,7 +938,7 @@

                                                                  Container has no CPU limit

                                                                  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                  • Introduced through: @@ -980,7 +980,7 @@

                                                                    Remediation

                                                                    -

                                                                    More about this issue

                                                                    +

                                                                    More about this issue

                                                                    @@ -996,7 +996,7 @@

                                                                    Container has no CPU limit

                                                                    • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                    • Introduced through: @@ -1038,7 +1038,7 @@

                                                                      Remediation

                                                                      -

                                                                      More about this issue

                                                                      +

                                                                      More about this issue

                                                                      @@ -1054,7 +1054,7 @@

                                                                      Container has no CPU limit

                                                                      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                      • Introduced through: @@ -1096,7 +1096,7 @@

                                                                        Remediation

                                                                        -

                                                                        More about this issue

                                                                        +

                                                                        More about this issue

                                                                        @@ -1112,7 +1112,7 @@

                                                                        Container has no CPU limit

                                                                        • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                        • Introduced through: @@ -1154,7 +1154,7 @@

                                                                          Remediation

                                                                          -

                                                                          More about this issue

                                                                          +

                                                                          More about this issue

                                                                          @@ -1170,7 +1170,7 @@

                                                                          Container has no CPU limit

                                                                          • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                          • Introduced through: @@ -1212,7 +1212,7 @@

                                                                            Remediation

                                                                            -

                                                                            More about this issue

                                                                            +

                                                                            More about this issue

                                                                            @@ -1228,7 +1228,7 @@

                                                                            Container has no CPU limit

                                                                            • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                            • Introduced through: @@ -1270,7 +1270,7 @@

                                                                              Remediation

                                                                              -

                                                                              More about this issue

                                                                              +

                                                                              More about this issue

                                                                              @@ -1286,7 +1286,7 @@

                                                                              Container has no CPU limit

                                                                              • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                              • Introduced through: @@ -1328,7 +1328,7 @@

                                                                                Remediation

                                                                                -

                                                                                More about this issue

                                                                                +

                                                                                More about this issue

                                                                                @@ -1344,7 +1344,7 @@

                                                                                Container is running with multiple open ports

                                                                                • - Public ID: SNYK-CC-K8S-36 + Public ID: SNYK-CC-K8S-36
                                                                                • Introduced through: @@ -1380,7 +1380,63 @@

                                                                                  Remediation

                                                                                  -

                                                                                  More about this issue

                                                                                  +

                                                                                  More about this issue

                                                                                  +
                                                                                  + + +
                                                                                  +

                                                                                  Container is running with writable root filesystem

                                                                                  +
                                                                                  + +
                                                                                  + low severity +
                                                                                  + +
                                                                                  + +
                                                                                    +
                                                                                  • + Public ID: SNYK-CC-K8S-8 +
                                                                                    • + +
                                                                                  • Introduced through: + [DocId: 38] + + input + + spec + + template + + spec + + containers[redis] + + securityContext + + readOnlyRootFilesystem + +
                                                                                    • + +
                                                                                  • + Line number: 869 +
                                                                                    • +
                                                                                  + +
                                                                                  + +

                                                                                  Impact

                                                                                  +

                                                                                  Compromised process could abuse writable root filesystem to elevate privileges

                                                                                  + +

                                                                                  Remediation

                                                                                  +

                                                                                  Set `securityContext.readOnlyRootFilesystem` to `true`

                                                                                  + + +
                                                                                  +
                                                                                  + +
                                                                                  +

                                                                                  More about this issue

                                                                                  @@ -1396,7 +1452,7 @@

                                                                                  Container is running without liveness probe

                                                                                  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                  • Introduced through: @@ -1432,7 +1488,7 @@

                                                                                    Remediation

                                                                                    -

                                                                                    More about this issue

                                                                                    +

                                                                                    More about this issue

                                                                                    @@ -1448,7 +1504,7 @@

                                                                                    Container is running without liveness probe

                                                                                    • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                    • Introduced through: @@ -1484,7 +1540,7 @@

                                                                                      Remediation

                                                                                      -

                                                                                      More about this issue

                                                                                      +

                                                                                      More about this issue

                                                                                      @@ -1500,7 +1556,7 @@

                                                                                      Container is running without liveness probe

                                                                                      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                      • Introduced through: @@ -1536,7 +1592,7 @@

                                                                                        Remediation

                                                                                        -

                                                                                        More about this issue

                                                                                        +

                                                                                        More about this issue

                                                                                        @@ -1552,7 +1608,7 @@

                                                                                        Container is running without liveness probe

                                                                                        • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                        • Introduced through: @@ -1588,7 +1644,7 @@

                                                                                          Remediation

                                                                                          -

                                                                                          More about this issue

                                                                                          +

                                                                                          More about this issue

                                                                                          @@ -1604,7 +1660,7 @@

                                                                                          Container is running without liveness probe

                                                                                          • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                          • Introduced through: @@ -1640,7 +1696,7 @@

                                                                                            Remediation

                                                                                            -

                                                                                            More about this issue

                                                                                            +

                                                                                            More about this issue

                                                                                            @@ -1656,7 +1712,7 @@

                                                                                            Container is running without memory limit

                                                                                            • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                            • Introduced through: @@ -1698,7 +1754,7 @@

                                                                                              Remediation

                                                                                              -

                                                                                              More about this issue

                                                                                              +

                                                                                              More about this issue

                                                                                              @@ -1714,7 +1770,7 @@

                                                                                              Container is running without memory limit

                                                                                              • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                              • Introduced through: @@ -1756,7 +1812,7 @@

                                                                                                Remediation

                                                                                                -

                                                                                                More about this issue

                                                                                                +

                                                                                                More about this issue

                                                                                                @@ -1772,7 +1828,7 @@

                                                                                                Container is running without memory limit

                                                                                                • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                • Introduced through: @@ -1814,7 +1870,7 @@

                                                                                                  Remediation

                                                                                                  -

                                                                                                  More about this issue

                                                                                                  +

                                                                                                  More about this issue

                                                                                                  @@ -1830,7 +1886,7 @@

                                                                                                  Container is running without memory limit

                                                                                                  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                  • Introduced through: @@ -1872,7 +1928,7 @@

                                                                                                    Remediation

                                                                                                    -

                                                                                                    More about this issue

                                                                                                    +

                                                                                                    More about this issue

                                                                                                    @@ -1888,7 +1944,7 @@

                                                                                                    Container is running without memory limit

                                                                                                    • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                    • Introduced through: @@ -1930,7 +1986,7 @@

                                                                                                      Remediation

                                                                                                      -

                                                                                                      More about this issue

                                                                                                      +

                                                                                                      More about this issue

                                                                                                      @@ -1946,7 +2002,7 @@

                                                                                                      Container is running without memory limit

                                                                                                      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                      • Introduced through: @@ -1988,7 +2044,7 @@

                                                                                                        Remediation

                                                                                                        -

                                                                                                        More about this issue

                                                                                                        +

                                                                                                        More about this issue

                                                                                                        @@ -2004,7 +2060,7 @@

                                                                                                        Container is running without memory limit

                                                                                                        • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                        • Introduced through: @@ -2046,7 +2102,7 @@

                                                                                                          Remediation

                                                                                                          -

                                                                                                          More about this issue

                                                                                                          +

                                                                                                          More about this issue

                                                                                                          @@ -2062,7 +2118,7 @@

                                                                                                          Container is running without memory limit

                                                                                                          • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                          • Introduced through: @@ -2104,7 +2160,7 @@

                                                                                                            Remediation

                                                                                                            -

                                                                                                            More about this issue

                                                                                                            +

                                                                                                            More about this issue

                                                                                                            @@ -2120,7 +2176,7 @@

                                                                                                            Container is running without memory limit

                                                                                                            • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                            • Introduced through: @@ -2162,68 +2218,12 @@

                                                                                                              Remediation

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              -
                                                                                                              - - -
                                                                                                              -

                                                                                                              Container or Pod is running with writable root filesystem

                                                                                                              -
                                                                                                              - -
                                                                                                              - low severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Public ID: SNYK-CC-K8S-8 -
                                                                                                                • - -
                                                                                                              • Introduced through: - [DocId: 38] - - input - - spec - - template - - spec - - containers[redis] - - securityContext - - readOnlyRootFilesystem - -
                                                                                                                • - -
                                                                                                              • - Line number: 869 -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -

                                                                                                              Impact

                                                                                                              -

                                                                                                              Compromised process could abuse writable root filesystem to elevate privileges

                                                                                                              - -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Set `securityContext.readOnlyRootFilesystem` to `true`

                                                                                                              - - -
                                                                                                              -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2234,7 +2234,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2267,19 +2267,19 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2290,7 +2290,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2323,19 +2323,19 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2346,7 +2346,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2379,19 +2379,19 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2402,7 +2402,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2435,19 +2435,19 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2458,7 +2458,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2491,19 +2491,19 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2514,7 +2514,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2547,19 +2547,19 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2570,7 +2570,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2603,19 +2603,19 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2626,7 +2626,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2659,19 +2659,19 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              -

                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                              +

                                                                                                              Container's UID could clash with host's UID

                                                                                                              @@ -2682,7 +2682,7 @@

                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                              • Introduced through: @@ -2715,14 +2715,14 @@

                                                                                                                Impact

                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                Remediation

                                                                                                                -

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                +

                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              diff --git a/docs/snyk/v2.5.22/argocd-test.html b/docs/snyk/v2.5.15/argocd-test.html similarity index 95% rename from docs/snyk/v2.5.22/argocd-test.html rename to docs/snyk/v2.5.15/argocd-test.html index fc57771eb95e8..f8da1814eecc6 100644 --- a/docs/snyk/v2.5.22/argocd-test.html +++ b/docs/snyk/v2.5.15/argocd-test.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,7 +456,7 @@

                                                                                                              Snyk test report

                                                                                                              -

                                                                                                              August 13th 2023, 12:24:50 am (UTC+00:00)

                                                                                                              +

                                                                                                              March 19th 2023, 12:21:43 am

                                                                                                              Scanned the following paths: @@ -466,7 +466,7 @@

                                                                                                              Snyk test report

                                                                                                              -
                                                                                                              7 known vulnerabilities
                                                                                                              +
                                                                                                              6 known vulnerabilities
                                                                                                              216 vulnerable dependency paths
                                                                                                              1719 dependencies
                                                                                                              @@ -476,158 +476,6 @@

                                                                                                              Snyk test report

                                                                                                              -
                                                                                                              -

                                                                                                              Regular Expression Denial of Service (ReDoS)

                                                                                                              -
                                                                                                              - -
                                                                                                              - high severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: npm -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - semver -
                                                                                                                • - -
                                                                                                              • Introduced through: - - - argo-cd-ui@1.0.0, superagent@7.1.6 and others -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - argo-cd-ui@1.0.0 - - superagent@7.1.6 - - semver@7.3.7 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              Overview

                                                                                                              -

                                                                                                              semver is a semantic version parser used by npm.

                                                                                                              -

                                                                                                              Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.

                                                                                                              -

                                                                                                              PoC

                                                                                                              - 
                                                                                                              
-        const semver = require('semver')
-        const lengths_2 = [2000, 4000, 8000, 16000, 32000, 64000, 128000]
-        
-        console.log("n[+] Valid range - Test payloads")
-        for (let i = 0; i =1.2.3' + ' '.repeat(lengths_2[i]) + '<1.3.0';
-        const start = Date.now()
-        semver.validRange(value)
-        // semver.minVersion(value)
-        // semver.maxSatisfying(["1.2.3"], value)
-        // semver.minSatisfying(["1.2.3"], value)
-        // new semver.Range(value, {})
-        
-        const end = Date.now();
-        console.log('length=%d, time=%d ms', value.length, end - start);
-        }
-
                                                                                                              -

                                                                                                              Details

                                                                                                              -

                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

                                                                                                              -

                                                                                                              The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

                                                                                                              -

                                                                                                              Let’s take the following regular expression as an example:

                                                                                                              - 
                                                                                                              regex = /A(B|C+)+D/
-
                                                                                                              -

                                                                                                              This regular expression accomplishes the following:

                                                                                                              -
                                                                                                                -
                                                                                                              • A The string must start with the letter 'A'
                                                                                                                • -
                                                                                                              • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
                                                                                                                • -
                                                                                                              • D Finally, we ensure this section of the string ends with a 'D'
                                                                                                                • -
                                                                                                              -

                                                                                                              The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

                                                                                                              -

                                                                                                              It most cases, it doesn't take very long for a regex engine to find a match:

                                                                                                              - 
                                                                                                              $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
-        0.04s user 0.01s system 95% cpu 0.052 total
-        
-        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
-        1.79s user 0.02s system 99% cpu 1.812 total
-
                                                                                                              -

                                                                                                              The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

                                                                                                              -

                                                                                                              Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

                                                                                                              -

                                                                                                              Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

                                                                                                              -
                                                                                                                -
                                                                                                              1. CCC
                                                                                                                2. -
                                                                                                              2. CC+C
                                                                                                                3. -
                                                                                                              3. C+CC
                                                                                                                4. -
                                                                                                              4. C+C+C.
                                                                                                                5. -
                                                                                                              -

                                                                                                              The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

                                                                                                              -

                                                                                                              From there, the number of steps the engine must use to validate a string just continues to grow.

                                                                                                              - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                                                                              StringNumber of C'sNumber of steps
                                                                                                              ACCCX338
                                                                                                              ACCCCX471
                                                                                                              ACCCCCX5136
                                                                                                              ACCCCCCCCCCCCCCX1465,553
                                                                                                              -

                                                                                                              By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade semver to version 5.7.2, 6.3.1, 7.5.2 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -

                                                                                                              Server-side Request Forgery (SSRF)

                                                                                                              @@ -681,8 +529,8 @@

                                                                                                              Detailed paths

                                                                                                              Overview

                                                                                                              -

                                                                                                              parse-url is an An advanced url parser supporting git urls too.

                                                                                                              -

                                                                                                              Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to improper detection of protocol, resource, and pathname fields. Exploiting this vulnerability results in bypassing protocol verification.

                                                                                                              +

                                                                                                              parse-url is an An advanced url parser supporting git urls too. + Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to improper detection of protocol, resource, and pathname fields. Exploiting this vulnerability results in bypassing protocol verification.

                                                                                                              PoC:

                                                                                                              import parseUrl from "parse-url";
         import fetch from 'node-fetch';
@@ -763,8 +611,8 @@ 
                                                                                                              Detailed paths
                                                                                                              
               
                                                                                                              
               
               
                                                                                                              Overview
                                                                                                              
-        
                                                                                                              parse-url is an An advanced url parser supporting git urls too.
                                                                                                              
-        
                                                                                                              Affected versions of this package are vulnerable to Improper Input Validation due to incorrect parsing of URLs. This allows the attacker to craft a malformed URL which can lead to a phishing attack.
                                                                                                              
+        
                                                                                                              parse-url is an An advanced url parser supporting git urls too.
+        Affected versions of this package are vulnerable to Improper Input Validation due to incorrect parsing of URLs. This allows the attacker to craft a malformed URL which can lead to a phishing attack.
                                                                                                              
         
                                                                                                              
         const parseUrl = require("parse-url");
         const Url = require("url");
@@ -857,8 +705,8 @@ 
                                                                                                              Detailed paths
                                                                                                              
               
                                                                                                              
               
               
                                                                                                              Overview
                                                                                                              
-        
                                                                                                              minimatch is a minimal matching utility.
                                                                                                              
-        
                                                                                                              Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the braceExpand function in minimatch.js.
                                                                                                              
+        
                                                                                                              minimatch is a minimal matching utility.
+        Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the braceExpand function in minimatch.js.
                                                                                                              
         
                                                                                                              Details
                                                                                                              
         
                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.
                                                                                                              
         
                                                                                                              The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.
                                                                                                              
@@ -1050,7 +898,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                                 Introduced through:
                                         github.com/argoproj/argo-cd/v2@0.0.0
                                           
-                                        github.com/argoproj/gitops-engine/pkg/diff@#98ccd3d43fd9
+                                        k8s.io/apimachinery/pkg/util/managedfields@0.24.2
                                           
                                         sigs.k8s.io/structured-merge-diff/v4/typed@4.2.1
                                           
@@ -1063,7 +911,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                                 Introduced through:
                                         github.com/argoproj/argo-cd/v2@0.0.0
                                           
-                                        k8s.io/apimachinery/pkg/util/managedfields@0.24.2
+                                        github.com/argoproj/gitops-engine/pkg/utils/kube/scheme@#98ccd3d43fd9
                                           
                                         sigs.k8s.io/structured-merge-diff/v4/typed@4.2.1
                                           
@@ -1076,7 +924,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                                 Introduced through:
                                         github.com/argoproj/argo-cd/v2@0.0.0
                                           
-                                        github.com/argoproj/gitops-engine/pkg/utils/kube/scheme@#98ccd3d43fd9
+                                        github.com/argoproj/gitops-engine/pkg/diff@#98ccd3d43fd9
                                           
                                         sigs.k8s.io/structured-merge-diff/v4/typed@4.2.1
                                           
@@ -1102,7 +950,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                                 Introduced through:
                                         github.com/argoproj/argo-cd/v2@0.0.0
                                           
-                                        sigs.k8s.io/structured-merge-diff/v4/typed@4.2.1
+                                        sigs.k8s.io/structured-merge-diff/v4/fieldpath@4.2.1
                                           
                                         sigs.k8s.io/structured-merge-diff/v4/value@4.2.1
                                           
@@ -1115,7 +963,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                                 Introduced through:
                                         github.com/argoproj/argo-cd/v2@0.0.0
                                           
-                                        sigs.k8s.io/structured-merge-diff/v4/fieldpath@4.2.1
+                                        sigs.k8s.io/structured-merge-diff/v4/typed@4.2.1
                                           
                                         sigs.k8s.io/structured-merge-diff/v4/value@4.2.1
                                           
@@ -1206,7 +1054,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                                 Introduced through:
                                         github.com/argoproj/argo-cd/v2@0.0.0
                                           
-                                        github.com/argoproj/notifications-engine/pkg/util/misc@#4d8552b0775f
+                                        github.com/argoproj/notifications-engine/pkg/services@#4d8552b0775f
                                           
                                         github.com/ghodss/yaml@1.0.0
                                           
@@ -1227,6 +1075,32 @@ 
                                                                                                              Detailed paths
                                                                                                              
                                         
                                                                                                                                               
         
+
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/util/misc@#4d8552b0775f + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/notifications-engine/pkg/api@#4d8552b0775f + + github.com/ghodss/yaml@1.0.0 + + gopkg.in/yaml.v2@2.2.4 + + +
                                                                                                            • Introduced through: @@ -1380,22 +1254,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/api/core/v1@0.24.2 - - k8s.io/apimachinery/pkg/runtime@0.24.2 - - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 - - gopkg.in/yaml.v2@2.2.4 - - - -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - github.com/argoproj/gitops-engine/pkg/health@#98ccd3d43fd9 + k8s.io/apimachinery/pkg/watch@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -1410,7 +1269,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/apimachinery/pkg/watch@0.24.2 + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -1425,7 +1284,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 + k8s.io/api/core/v1@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -1470,7 +1329,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/pkg/apis/clientauthentication/v1beta1@0.24.2 + k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -1530,11 +1389,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/health@#98ccd3d43fd9 + github.com/argoproj/gitops-engine/pkg/diff@#98ccd3d43fd9 - github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.1 - sigs.k8s.io/yaml@1.3.0 + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 gopkg.in/yaml.v2@2.2.4 @@ -1545,7 +1404,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 + github.com/argoproj/gitops-engine/pkg/health@#98ccd3d43fd9 github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 @@ -1560,9 +1419,9 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 + github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 - k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 + github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 sigs.k8s.io/yaml@1.3.0 @@ -1575,7 +1434,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/dynamic@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 @@ -1630,36 +1489,6 @@

                                                                                                              Detailed paths

                                                                                                               -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - github.com/argoproj/notifications-engine/pkg/services@#4d8552b0775f - - github.com/argoproj/notifications-engine/pkg/util/misc@#4d8552b0775f - - github.com/ghodss/yaml@1.0.0 - - gopkg.in/yaml.v2@2.2.4 - - - -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - github.com/argoproj/notifications-engine/pkg/api@#4d8552b0775f - - github.com/argoproj/notifications-engine/pkg/subscriptions@#4d8552b0775f - - github.com/ghodss/yaml@1.0.0 - - gopkg.in/yaml.v2@2.2.4 - - -
                                                                                                            • Introduced through: @@ -1816,7 +1645,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/kubectl/pkg/util/resource@0.24.2 + k8s.io/client-go/tools/portforward@0.24.2 k8s.io/api/core/v1@0.24.2 @@ -1884,7 +1713,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/dynamic@0.24.2 + github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 @@ -1901,7 +1730,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync/ignore@#98ccd3d43fd9 + github.com/argoproj/gitops-engine/pkg/sync/hook@#98ccd3d43fd9 k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 @@ -1918,7 +1747,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync/syncwaves@#98ccd3d43fd9 + github.com/argoproj/gitops-engine/pkg/sync/ignore@#98ccd3d43fd9 k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 @@ -1935,7 +1764,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/utils/testing@#98ccd3d43fd9 + github.com/argoproj/gitops-engine/pkg/sync/syncwaves@#98ccd3d43fd9 k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 @@ -1952,9 +1781,9 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/tools/portforward@0.24.2 + github.com/argoproj/gitops-engine/pkg/utils/testing@#98ccd3d43fd9 - k8s.io/api/core/v1@0.24.2 + k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -1986,9 +1815,9 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime@0.11.0 + k8s.io/kubectl/pkg/util/resource@0.24.2 - sigs.k8s.io/controller-runtime/pkg/scheme@0.11.0 + k8s.io/api/core/v1@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -2003,9 +1832,9 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/util/retry@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - k8s.io/apimachinery/pkg/api/errors@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer/versioning@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -2020,11 +1849,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/diff@#98ccd3d43fd9 + k8s.io/client-go/pkg/apis/clientauthentication/v1beta1@0.24.2 - sigs.k8s.io/structured-merge-diff/v4/merge@4.2.1 + k8s.io/client-go/pkg/apis/clientauthentication@0.24.2 - sigs.k8s.io/structured-merge-diff/v4/fieldpath@4.2.1 + k8s.io/apimachinery/pkg/runtime@0.24.2 sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 @@ -2037,9 +1866,60 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 + sigs.k8s.io/controller-runtime@0.11.0 - k8s.io/kubectl/pkg/cmd/util@0.24.2 + sigs.k8s.io/controller-runtime/pkg/scheme@0.11.0 + + k8s.io/apimachinery/pkg/runtime@0.24.2 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/util/retry@0.24.2 + + k8s.io/apimachinery/pkg/api/errors@0.24.2 + + k8s.io/apimachinery/pkg/runtime@0.24.2 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/tools/record@0.24.2 + + k8s.io/client-go/tools/reference@0.24.2 + + k8s.io/apimachinery/pkg/runtime@0.24.2 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 + + k8s.io/kubectl/pkg/cmd/util@0.24.2 k8s.io/kubectl/pkg/validation@0.24.2 @@ -2170,6 +2050,25 @@

                                                                                                              Detailed paths

                                                                                                               +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime/pkg/handler@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.24.2 + + k8s.io/kube-openapi/pkg/util/proto@#011e075b9cb8 + + gopkg.in/yaml.v2@2.2.4 + + +
                                                                                                            • Introduced through: @@ -2194,11 +2093,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/discovery@0.24.2 - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -2213,11 +2112,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/tools/record@0.24.2 + k8s.io/client-go/dynamic@0.24.2 - k8s.io/client-go/tools/reference@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -2232,11 +2131,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 + k8s.io/client-go/transport/spdy@0.24.2 - k8s.io/apimachinery/pkg/apis/meta/v1@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/apimachinery/pkg/watch@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -2251,7 +2150,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/transport/spdy@0.24.2 + github.com/argoproj/pkg/kubeclientmetrics@#36c59d8fafe0 k8s.io/client-go/rest@0.24.2 @@ -2270,7 +2169,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/pkg/kubeclientmetrics@#36c59d8fafe0 + k8s.io/client-go/testing@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -2289,7 +2188,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/testing@0.24.2 + k8s.io/client-go/kubernetes@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -2365,11 +2264,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync/hook@#98ccd3d43fd9 + k8s.io/client-go/kubernetes/scheme@0.24.2 - github.com/argoproj/gitops-engine/pkg/sync/resource@#98ccd3d43fd9 + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer/versioning@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -2384,11 +2283,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 + k8s.io/client-go/listers/core/v1@0.24.2 - k8s.io/apimachinery/pkg/runtime/serializer/versioning@0.24.2 + k8s.io/client-go/tools/cache@0.24.2 - k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 + k8s.io/client-go/tools/pager@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -2403,7 +2302,26 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/listers/core/v1@0.24.2 + github.com/argoproj/notifications-engine/pkg/api@#4d8552b0775f + + k8s.io/client-go/tools/cache@0.24.2 + + k8s.io/client-go/tools/pager@0.24.2 + + k8s.io/apimachinery/pkg/runtime@0.24.2 + + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers/core/v1@0.24.2 k8s.io/client-go/tools/cache@0.24.2 @@ -2588,25 +2506,6 @@

                                                                                                              Detailed paths

                                                                                                               -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - k8s.io/client-go/discovery@0.24.2 - - k8s.io/client-go/kubernetes/scheme@0.24.2 - - k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - - k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 - - sigs.k8s.io/yaml@1.3.0 - - gopkg.in/yaml.v2@2.2.4 - - -
                                                                                                            • Introduced through: @@ -2669,11 +2568,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/discovery@0.24.2 + github.com/argoproj/gitops-engine/pkg/health@#98ccd3d43fd9 - k8s.io/client-go/openapi@0.24.2 + github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 - k8s.io/kube-openapi/pkg/handler3@#011e075b9cb8 + k8s.io/kubectl/pkg/util/openapi@0.24.2 k8s.io/kube-openapi/pkg/validation/spec@#011e075b9cb8 @@ -2688,7 +2587,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/health@#98ccd3d43fd9 + github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 @@ -2707,11 +2606,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 + k8s.io/client-go/discovery@0.24.2 - github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 + k8s.io/client-go/openapi@0.24.2 - k8s.io/kubectl/pkg/util/openapi@0.24.2 + k8s.io/kube-openapi/pkg/handler3@#011e075b9cb8 k8s.io/kube-openapi/pkg/validation/spec@#011e075b9cb8 @@ -2845,27 +2744,6 @@

                                                                                                              Detailed paths

                                                                                                               -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - sigs.k8s.io/controller-runtime/pkg/handler@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/client@0.11.0 - - k8s.io/apimachinery/pkg/util/strategicpatch@0.24.2 - - k8s.io/kube-openapi/pkg/util/proto@#011e075b9cb8 - - gopkg.in/yaml.v2@2.2.4 - - -
                                                                                                            • Introduced through: @@ -2955,13 +2833,13 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/discovery@0.24.2 + github.com/argoproj/gitops-engine/pkg/health@#98ccd3d43fd9 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/kubectl/pkg/util/podutils@0.24.2 - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/apimachinery/pkg/apis/meta/v1@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/apimachinery/pkg/watch@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -2976,9 +2854,9 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/discovery/fake@0.24.2 + k8s.io/kubectl/pkg/util/openapi@0.24.2 - k8s.io/client-go/testing@0.24.2 + k8s.io/client-go/discovery@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -2997,7 +2875,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/kubernetes/fake@0.24.2 + k8s.io/client-go/discovery/fake@0.24.2 k8s.io/client-go/testing@0.24.2 @@ -3018,9 +2896,9 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/tools/remotecommand@0.24.2 + k8s.io/client-go/kubernetes/fake@0.24.2 - k8s.io/client-go/transport/spdy@0.24.2 + k8s.io/client-go/testing@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -3039,34 +2917,13 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/tools/clientcmd@0.24.2 - - k8s.io/client-go/tools/clientcmd/api/latest@0.24.2 - - k8s.io/apimachinery/pkg/runtime/serializer/versioning@0.24.2 - - k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 - - k8s.io/apimachinery/pkg/runtime@0.24.2 - - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 - - gopkg.in/yaml.v2@2.2.4 - - - -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - github.com/argoproj/notifications-engine/pkg/api@#4d8552b0775f + k8s.io/client-go/tools/remotecommand@0.24.2 - k8s.io/client-go/listers/core/v1@0.24.2 + k8s.io/client-go/transport/spdy@0.24.2 - k8s.io/client-go/tools/cache@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/client-go/tools/pager@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -3081,13 +2938,13 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/informers/core/v1@0.24.2 + k8s.io/client-go/tools/clientcmd@0.24.2 - k8s.io/client-go/listers/core/v1@0.24.2 + k8s.io/client-go/tools/clientcmd/api/latest@0.24.2 - k8s.io/client-go/tools/cache@0.24.2 + k8s.io/client-go/tools/clientcmd/api/v1@0.24.2 - k8s.io/client-go/tools/pager@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -3102,9 +2959,9 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1@0.24.2 + k8s.io/apimachinery/pkg/api/validation@0.24.2 - k8s.io/apimachinery/pkg/api/equality@0.24.2 + k8s.io/apimachinery/pkg/apis/meta/v1/validation@0.24.2 k8s.io/apimachinery/pkg/apis/meta/v1@0.24.2 @@ -3123,17 +2980,17 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime/pkg/controller/controllerutil@0.11.0 + github.com/argoproj/gitops-engine/pkg/sync/ignore@#98ccd3d43fd9 - k8s.io/apimachinery/pkg/api/equality@0.24.2 + github.com/argoproj/gitops-engine/pkg/sync/hook@#98ccd3d43fd9 - k8s.io/apimachinery/pkg/apis/meta/v1@0.24.2 + github.com/argoproj/gitops-engine/pkg/sync/hook/helm@#98ccd3d43fd9 - k8s.io/apimachinery/pkg/watch@0.24.2 + github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 - k8s.io/apimachinery/pkg/runtime@0.24.2 + github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + sigs.k8s.io/yaml@1.3.0 gopkg.in/yaml.v2@2.2.4 @@ -3144,17 +3001,17 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/apimachinery/pkg/api/validation@0.24.2 + github.com/argoproj/gitops-engine/pkg/utils/kube/scheme@#98ccd3d43fd9 - k8s.io/apimachinery/pkg/apis/meta/v1/validation@0.24.2 + k8s.io/kubernetes/pkg/apis/storage/install@1.24.2 - k8s.io/apimachinery/pkg/apis/meta/v1@0.24.2 + k8s.io/kubernetes/pkg/api/legacyscheme@1.24.2 - k8s.io/apimachinery/pkg/watch@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - k8s.io/apimachinery/pkg/runtime@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + sigs.k8s.io/yaml@1.3.0 gopkg.in/yaml.v2@2.2.4 @@ -3165,15 +3022,15 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync/ignore@#98ccd3d43fd9 + k8s.io/client-go/tools/cache@0.24.2 - github.com/argoproj/gitops-engine/pkg/sync/hook@#98ccd3d43fd9 + k8s.io/client-go/rest@0.24.2 - github.com/argoproj/gitops-engine/pkg/sync/hook/helm@#98ccd3d43fd9 + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 - github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 + k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 sigs.k8s.io/yaml@1.3.0 @@ -3186,11 +3043,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/kubectl/pkg/util/openapi@0.24.2 - k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 @@ -3207,11 +3064,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/kubernetes@0.24.2 + k8s.io/client-go/dynamic@0.24.2 - k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 @@ -3228,7 +3085,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/tools/cache@0.24.2 + k8s.io/client-go/transport/spdy@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -3249,7 +3106,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/transport/spdy@0.24.2 + github.com/argoproj/pkg/kubeclientmetrics@#36c59d8fafe0 k8s.io/client-go/rest@0.24.2 @@ -3270,7 +3127,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/pkg/kubeclientmetrics@#36c59d8fafe0 + k8s.io/client-go/testing@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -3291,7 +3148,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/testing@0.24.2 + k8s.io/client-go/kubernetes@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -3488,15 +3345,38 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 + github.com/argoproj/gitops-engine/pkg/cache@#98ccd3d43fd9 + k8s.io/kubectl/pkg/util/openapi@0.24.2 k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 + + k8s.io/client-go/tools/clientcmd/api@0.24.2 - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/apimachinery/pkg/runtime@0.24.2 - k8s.io/api/core/v1@0.24.2 + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + + gopkg.in/yaml.v2@2.2.4 + + + +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + github.com/argoproj/gitops-engine/pkg/sync@#98ccd3d43fd9 + + k8s.io/kubectl/pkg/util/openapi@0.24.2 + + k8s.io/client-go/discovery@0.24.2 + + k8s.io/client-go/rest@0.24.2 + + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -3511,15 +3391,15 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/kubernetes@0.24.2 + github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 - k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.24.2 + k8s.io/kubectl/pkg/util/openapi@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/discovery@0.24.2 - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -3563,9 +3443,9 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/tools/clientcmd/api/latest@0.24.2 - k8s.io/apimachinery/pkg/runtime/serializer/versioning@0.24.2 + k8s.io/client-go/tools/clientcmd/api/v1@0.24.2 - k8s.io/apimachinery/pkg/apis/meta/v1/unstructured@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -3626,13 +3506,13 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/cache@#98ccd3d43fd9 - k8s.io/kubectl/pkg/util/openapi@0.24.2 k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 @@ -3649,13 +3529,13 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync@#98ccd3d43fd9 + k8s.io/client-go/listers/core/v1@0.24.2 - k8s.io/kubectl/pkg/util/openapi@0.24.2 + k8s.io/client-go/tools/cache@0.24.2 - k8s.io/client-go/discovery@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 @@ -3672,7 +3552,30 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/listers/core/v1@0.24.2 + github.com/argoproj/notifications-engine/pkg/api@#4d8552b0775f + + k8s.io/client-go/tools/cache@0.24.2 + + k8s.io/client-go/rest@0.24.2 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 + + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 + + k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 + + sigs.k8s.io/yaml@1.3.0 + + gopkg.in/yaml.v2@2.2.4 + + + +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + k8s.io/client-go/informers/core/v1@0.24.2 k8s.io/client-go/tools/cache@0.24.2 @@ -3889,9 +3792,34 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/kubectl/pkg/util/openapi@0.24.2 - k8s.io/kube-openapi/pkg/validation/spec@#011e075b9cb8 + k8s.io/kube-openapi/pkg/validation/spec@#011e075b9cb8 + + github.com/go-openapi/swag@0.19.14 + + gopkg.in/yaml.v2@2.2.4 + +                                                                                                               + +
                                                                                                              • +
                                                                                                            • + Introduced through: + github.com/argoproj/argo-cd/v2@0.0.0 + + sigs.k8s.io/controller-runtime@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/webhook@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/webhook/admission@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + + k8s.io/apimachinery/pkg/util/strategicpatch@0.24.2 - github.com/go-openapi/swag@0.19.14 + k8s.io/kube-openapi/pkg/util/proto@#011e075b9cb8 gopkg.in/yaml.v2@2.2.4 @@ -3902,17 +3830,17 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/health@#98ccd3d43fd9 + sigs.k8s.io/controller-runtime@0.11.0 - github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 + sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 - k8s.io/kubectl/pkg/cmd/util@0.24.2 + sigs.k8s.io/controller-runtime/pkg/leaderelection@0.11.0 - k8s.io/client-go/kubernetes@0.24.2 + k8s.io/client-go/tools/leaderelection/resourcelock@0.24.2 - k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.24.2 + k8s.io/client-go/kubernetes/typed/core/v1@0.24.2 - k8s.io/client-go/applyconfigurations/storage/v1beta1@0.24.2 + k8s.io/client-go/applyconfigurations/core/v1@0.24.2 k8s.io/client-go/applyconfigurations/meta/v1@0.24.2 @@ -3927,7 +3855,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 + github.com/argoproj/gitops-engine/pkg/health@#98ccd3d43fd9 github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 @@ -3952,21 +3880,21 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/cache@#98ccd3d43fd9 + github.com/argoproj/gitops-engine/pkg/sync/common@#98ccd3d43fd9 - k8s.io/kubectl/pkg/util/openapi@0.24.2 + github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 - k8s.io/client-go/discovery@0.24.2 + k8s.io/kubectl/pkg/cmd/util@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/kubernetes@0.24.2 - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/client-go/applyconfigurations/storage/v1beta1@0.24.2 - k8s.io/apimachinery/pkg/runtime@0.24.2 + k8s.io/client-go/applyconfigurations/meta/v1@0.24.2 - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + sigs.k8s.io/structured-merge-diff/v4/typed@4.2.1 gopkg.in/yaml.v2@2.2.4 @@ -3977,42 +3905,17 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - github.com/argoproj/gitops-engine/pkg/sync@#98ccd3d43fd9 - - k8s.io/kubectl/pkg/util/openapi@0.24.2 - - k8s.io/client-go/discovery@0.24.2 - - k8s.io/client-go/kubernetes/scheme@0.24.2 - - k8s.io/api/storage/v1beta1@0.24.2 - - k8s.io/api/core/v1@0.24.2 - - k8s.io/apimachinery/pkg/runtime@0.24.2 - - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 - - gopkg.in/yaml.v2@2.2.4 - - - -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 + sigs.k8s.io/controller-runtime/pkg/controller/controllerutil@0.11.0 - github.com/argoproj/gitops-engine/pkg/utils/kube@#98ccd3d43fd9 + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 - k8s.io/kubectl/pkg/util/openapi@0.24.2 + k8s.io/client-go/restmapper@0.24.2 k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 - - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -4052,37 +3955,12 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime/pkg/controller/controllerutil@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + github.com/argoproj/gitops-engine/pkg/cache@#98ccd3d43fd9 - k8s.io/client-go/restmapper@0.24.2 + k8s.io/kubectl/pkg/util/openapi@0.24.2 k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 - - k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - - k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 - - sigs.k8s.io/yaml@1.3.0 - - gopkg.in/yaml.v2@2.2.4 - - - -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - github.com/argoproj/notifications-engine/pkg/api@#4d8552b0775f - - k8s.io/client-go/listers/core/v1@0.24.2 - - k8s.io/client-go/tools/cache@0.24.2 - k8s.io/client-go/rest@0.24.2 k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 @@ -4102,11 +3980,11 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - k8s.io/client-go/informers/core/v1@0.24.2 + github.com/argoproj/gitops-engine/pkg/sync@#98ccd3d43fd9 - k8s.io/client-go/listers/core/v1@0.24.2 + k8s.io/kubectl/pkg/util/openapi@0.24.2 - k8s.io/client-go/tools/cache@0.24.2 + k8s.io/client-go/discovery@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -4302,50 +4180,23 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/webhook@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/webhook/admission@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 - sigs.k8s.io/controller-runtime/pkg/client@0.11.0 - k8s.io/apimachinery/pkg/util/strategicpatch@0.24.2 - - k8s.io/kube-openapi/pkg/util/proto@#011e075b9cb8 - - gopkg.in/yaml.v2@2.2.4 - - - -
                                                                                                              • -
                                                                                                            • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - sigs.k8s.io/controller-runtime@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 - sigs.k8s.io/controller-runtime/pkg/leaderelection@0.11.0 + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 - k8s.io/client-go/tools/leaderelection/resourcelock@0.24.2 + k8s.io/client-go/restmapper@0.24.2 - k8s.io/client-go/kubernetes@0.24.2 + k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/typed/storage/v1beta1@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/client-go/applyconfigurations/storage/v1beta1@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 - k8s.io/client-go/applyconfigurations/meta/v1@0.24.2 + k8s.io/apimachinery/pkg/runtime@0.24.2 - sigs.k8s.io/structured-merge-diff/v4/typed@4.2.1 + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 gopkg.in/yaml.v2@2.2.4 @@ -4356,7 +4207,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 @@ -4366,13 +4217,13 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 - k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 + k8s.io/apimachinery/pkg/runtime@0.24.2 - sigs.k8s.io/yaml@1.3.0 + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 gopkg.in/yaml.v2@2.2.4 @@ -4383,9 +4234,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + sigs.k8s.io/controller-runtime/pkg/controller/controllerutil@0.11.0 sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 @@ -4393,7 +4242,9 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 @@ -4549,6 +4400,8 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 + sigs.k8s.io/controller-runtime/pkg/event@0.11.0 + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 @@ -4559,11 +4412,9 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 - - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -4578,7 +4429,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 @@ -4588,15 +4439,15 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - k8s.io/apimachinery/pkg/runtime@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + sigs.k8s.io/yaml@1.3.0 gopkg.in/yaml.v2@2.2.4 @@ -4607,9 +4458,7 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime/pkg/event@0.11.0 - - sigs.k8s.io/controller-runtime/pkg/client@0.11.0 + sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 @@ -4619,7 +4468,9 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 + + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 @@ -4870,7 +4721,9 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime/pkg/event@0.11.0 + sigs.k8s.io/controller-runtime/pkg/handler@0.11.0 + + sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 sigs.k8s.io/controller-runtime/pkg/client@0.11.0 @@ -4882,11 +4735,9 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 - - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 k8s.io/apimachinery/pkg/runtime@0.24.2 @@ -4901,21 +4752,21 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime/pkg/handler@0.11.0 + sigs.k8s.io/controller-runtime@0.11.0 - sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 + sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 - sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 + sigs.k8s.io/controller-runtime/pkg/webhook@0.11.0 - sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 + sigs.k8s.io/controller-runtime/pkg/webhook/internal/metrics@0.11.0 - sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 + sigs.k8s.io/controller-runtime/pkg/metrics@0.11.0 - k8s.io/client-go/restmapper@0.24.2 + k8s.io/client-go/tools/cache@0.24.2 - k8s.io/client-go/discovery@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 @@ -4932,17 +4783,17 @@

                                                                                                              Detailed paths

                                                                                                              Introduced through: github.com/argoproj/argo-cd/v2@0.0.0 - sigs.k8s.io/controller-runtime@0.11.0 + sigs.k8s.io/controller-runtime/pkg/event@0.11.0 - sigs.k8s.io/controller-runtime/pkg/manager@0.11.0 + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 - sigs.k8s.io/controller-runtime/pkg/webhook@0.11.0 + sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 - sigs.k8s.io/controller-runtime/pkg/webhook/internal/metrics@0.11.0 + sigs.k8s.io/controller-runtime/pkg/client/apiutil@0.11.0 - sigs.k8s.io/controller-runtime/pkg/metrics@0.11.0 + k8s.io/client-go/restmapper@0.24.2 - k8s.io/client-go/tools/cache@0.24.2 + k8s.io/client-go/discovery@0.24.2 k8s.io/client-go/rest@0.24.2 @@ -4998,7 +4849,7 @@

                                                                                                              Detailed paths

                                                                                                              sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 - sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 @@ -5029,7 +4880,7 @@

                                                                                                              Detailed paths

                                                                                                              sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 - sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 @@ -5039,15 +4890,15 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - k8s.io/apimachinery/pkg/runtime@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + sigs.k8s.io/yaml@1.3.0 gopkg.in/yaml.v2@2.2.4 @@ -5076,13 +4927,13 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 + k8s.io/client-go/tools/clientcmd/api@0.24.2 - k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 + k8s.io/apimachinery/pkg/runtime@0.24.2 - sigs.k8s.io/yaml@1.3.0 + sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 gopkg.in/yaml.v2@2.2.4 @@ -5146,15 +4997,15 @@

                                                                                                              Detailed paths

                                                                                                              k8s.io/client-go/discovery@0.24.2 - k8s.io/client-go/kubernetes/scheme@0.24.2 + k8s.io/client-go/rest@0.24.2 - k8s.io/api/storage/v1beta1@0.24.2 + k8s.io/client-go/plugin/pkg/client/auth/exec@0.24.2 - k8s.io/api/core/v1@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer@0.24.2 - k8s.io/apimachinery/pkg/runtime@0.24.2 + k8s.io/apimachinery/pkg/runtime/serializer/json@0.24.2 - sigs.k8s.io/structured-merge-diff/v4/value@4.2.1 + sigs.k8s.io/yaml@1.3.0 gopkg.in/yaml.v2@2.2.4 @@ -5175,7 +5026,7 @@

                                                                                                              Detailed paths

                                                                                                              sigs.k8s.io/controller-runtime/pkg/runtime/inject@0.11.0 - sigs.k8s.io/controller-runtime/pkg/cache@0.11.0 + sigs.k8s.io/controller-runtime/pkg/client@0.11.0 sigs.k8s.io/controller-runtime/pkg/internal/objectutil@0.11.0 @@ -5205,8 +5056,8 @@

                                                                                                              Detailed paths

                                                                                                              Overview

                                                                                                              -

                                                                                                              gopkg.in/yaml.v2 is a YAML support package for the Go language.

                                                                                                              -

                                                                                                              Affected versions of this package are vulnerable to Denial of Service (DoS). It is possible for authorized users to send malicious YAML payloads to cause kube-apiserver to consume excessive CPU cycles while parsing YAML.

                                                                                                              +

                                                                                                              gopkg.in/yaml.v2 is a YAML support package for the Go language. + Affected versions of this package are vulnerable to Denial of Service (DoS). It is possible for authorized users to send malicious YAML payloads to cause kube-apiserver to consume excessive CPU cycles while parsing YAML.

                                                                                                              Details

                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                              @@ -5311,8 +5162,8 @@

                                                                                                              Detailed paths

                                                                                                              Overview

                                                                                                              -

                                                                                                              go.mongodb.org/mongo-driver/bson/bsonrw is a The MongoDB supported driver for Go.

                                                                                                              -

                                                                                                              Affected versions of this package are vulnerable to Improper Input Validation. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents.

                                                                                                              +

                                                                                                              go.mongodb.org/mongo-driver/bson/bsonrw is a The MongoDB supported driver for Go. + Affected versions of this package are vulnerable to Improper Input Validation. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents.

                                                                                                              Remediation

                                                                                                              Upgrade go.mongodb.org/mongo-driver/bson/bsonrw to version 1.5.1 or higher.

                                                                                                              References

                                                                                                              diff --git a/docs/snyk/v2.5.15/ghcr.io_dexidp_dex_v2.35.3.html b/docs/snyk/v2.5.15/ghcr.io_dexidp_dex_v2.35.3.html new file mode 100644 index 0000000000000..61bea269be49d --- /dev/null +++ b/docs/snyk/v2.5.15/ghcr.io_dexidp_dex_v2.35.3.html @@ -0,0 +1,1420 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
                                                                                                              +
                                                                                                              +
                                                                                                              +
                                                                                                              + + + Snyk - Open Source Security + + + + + + + +
                                                                                                              +

                                                                                                              Snyk test report

                                                                                                              + +

                                                                                                              March 19th 2023, 12:21:51 am

                                                                                                              +
                                                                                                              +
                                                                                                              + Scanned the following paths: +
                                                                                                                +
                                                                                                              • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (apk)
                                                                                                              • ghcr.io/dexidp/dex:v2.35.3/hairyhenderson/gomplate/v3 (gomodules)
                                                                                                              • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (gomodules)
                                                                                                              • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (gomodules)
                                                                                                                • +
                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              9 known vulnerabilities
                                                                                                              +
                                                                                                              37 vulnerable dependency paths
                                                                                                              +
                                                                                                              756 dependencies
                                                                                                              +
                                                                                                              +
                                                                                                              +
                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +
                                                                                                              +

                                                                                                              Double Free

                                                                                                              +
                                                                                                              + +
                                                                                                              + high severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: alpine:3.16 +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + openssl/libcrypto1.1 +
                                                                                                                • + +
                                                                                                              • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              NVD Description

                                                                                                              +

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

                                                                                                              +

                                                                                                              The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.

                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +

                                                                                                              Access of Resource Using Incompatible Type ('Type Confusion')

                                                                                                              +
                                                                                                              + +
                                                                                                              + high severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: alpine:3.16 +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + openssl/libcrypto1.1 +
                                                                                                                • + +
                                                                                                              • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              NVD Description

                                                                                                              +

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

                                                                                                              +

                                                                                                              There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +

                                                                                                              Use After Free

                                                                                                              +
                                                                                                              + +
                                                                                                              + high severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: alpine:3.16 +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + openssl/libcrypto1.1 +
                                                                                                                • + +
                                                                                                              • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              NVD Description

                                                                                                              +

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

                                                                                                              +

                                                                                                              The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.

                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +

                                                                                                              Denial of Service (DoS)

                                                                                                              +
                                                                                                              + +
                                                                                                              + high severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: golang +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + golang.org/x/net/http2/hpack +
                                                                                                                • + +
                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2/hpack@v0.0.0-20220909164309-bea034e7d591 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2/hpack@v0.0.0-20220909164309-bea034e7d591 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2/hpack@v0.0.0-20220927171203-f486391704dc + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              Overview

                                                                                                              +

                                                                                                              Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

                                                                                                              +

                                                                                                              Details

                                                                                                              +

                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                              +

                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                              +

                                                                                                              One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                              +

                                                                                                              When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                              +

                                                                                                              Two common types of DoS vulnerabilities:

                                                                                                              +
                                                                                                                +

                                                                                                              • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                +
                                                                                                                • +

                                                                                                              • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                +
                                                                                                                • +
                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade golang.org/x/net/http2/hpack to version 0.7.0 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +

                                                                                                              Denial of Service (DoS)

                                                                                                              +
                                                                                                              + +
                                                                                                              + high severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: golang +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + golang.org/x/net/http2 +
                                                                                                                • + +
                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2@v0.0.0-20220927171203-f486391704dc + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              Overview

                                                                                                              +

                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

                                                                                                              +

                                                                                                              Details

                                                                                                              +

                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                              +

                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                              +

                                                                                                              One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                              +

                                                                                                              When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                              +

                                                                                                              Two common types of DoS vulnerabilities:

                                                                                                              +
                                                                                                                +

                                                                                                              • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                +
                                                                                                                • +

                                                                                                              • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                +
                                                                                                                • +
                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade golang.org/x/net/http2 to version 0.7.0 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +

                                                                                                              CVE-2022-4304

                                                                                                              +
                                                                                                              + +
                                                                                                              + medium severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: alpine:3.16 +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + openssl/libcrypto1.1 +
                                                                                                                • + +
                                                                                                              • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              NVD Description

                                                                                                              +

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

                                                                                                              +

                                                                                                              A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.

                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +

                                                                                                              Improper Input Validation

                                                                                                              +
                                                                                                              + +
                                                                                                              + medium severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: golang +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + golang.org/x/text/language +
                                                                                                                • + +
                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/text/language@v0.3.7 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/text/language@v0.3.7 + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              Overview

                                                                                                              +

                                                                                                              Affected versions of this package are vulnerable to Improper Input Validation due to the parser being, by design, exposed to untrusted user input, which can be leveraged to force a program to consume significant time parsing Accept-Language headers.

                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade golang.org/x/text/language to version 0.3.8 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +

                                                                                                              Incorrect Privilege Assignment

                                                                                                              +
                                                                                                              + +
                                                                                                              + medium severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: golang +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + golang.org/x/sys/unix +
                                                                                                                • + +
                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              Overview

                                                                                                              +

                                                                                                              Affected versions of this package are vulnerable to Incorrect Privilege Assignment such that when called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible.

                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade golang.org/x/sys/unix to version 0.1.0 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +

                                                                                                              Denial of Service (DoS)

                                                                                                              +
                                                                                                              + +
                                                                                                              + medium severity +
                                                                                                              + +
                                                                                                              + +
                                                                                                                +
                                                                                                              • + Package Manager: golang +
                                                                                                                • +
                                                                                                              • + Vulnerable module: + + golang.org/x/net/http2 +
                                                                                                                • + +
                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + + +

                                                                                                              Detailed paths

                                                                                                              + +
                                                                                                                +
                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + + + +
                                                                                                                • +
                                                                                                              • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2@v0.0.0-20220927171203-f486391704dc + + + +
                                                                                                                • +
                                                                                                              + +
                                                                                                              + +
                                                                                                              + +

                                                                                                              Overview

                                                                                                              +

                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.

                                                                                                              +

                                                                                                              Details

                                                                                                              +

                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                              +

                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                              +

                                                                                                              One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                              +

                                                                                                              When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                              +

                                                                                                              Two common types of DoS vulnerabilities:

                                                                                                              +
                                                                                                                +

                                                                                                              • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                +
                                                                                                                • +

                                                                                                              • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                +
                                                                                                                • +
                                                                                                              +

                                                                                                              Remediation

                                                                                                              +

                                                                                                              Upgrade golang.org/x/net/http2 to version 0.4.0 or higher.

                                                                                                              +

                                                                                                              References

                                                                                                              + + +
                                                                                                              + +
                                                                                                              +

                                                                                                              More about this vulnerability

                                                                                                              +
                                                                                                              + +
                                                                                                              +
                                                                                                              +
                                                                                                              +
                                                                                                              + + + diff --git a/docs/snyk/master/haproxy_2.6.14-alpine.html b/docs/snyk/v2.5.15/haproxy_2.6.9-alpine.html similarity index 98% rename from docs/snyk/master/haproxy_2.6.14-alpine.html rename to docs/snyk/v2.5.15/haproxy_2.6.9-alpine.html index 5908a781791c8..c4bbb407dcddb 100644 --- a/docs/snyk/master/haproxy_2.6.14-alpine.html +++ b/docs/snyk/v2.5.15/haproxy_2.6.9-alpine.html @@ -456,12 +456,12 @@

                                                                                                              Snyk test report

                                                                                                              -

                                                                                                              August 13th 2023, 12:13:45 am (UTC+00:00)

                                                                                                              +

                                                                                                              March 19th 2023, 12:21:56 am

                                                                                                              Scanned the following path:
                                                                                                                -
                                                                                                              • haproxy:2.6.14-alpine (apk)
                                                                                                                • +
                                                                                                              • haproxy:2.6.9-alpine (apk)
                                                                                                              @@ -477,7 +477,7 @@

                                                                                                              Snyk test report

                                                                                                              - + diff --git a/docs/snyk/v2.6.14/quay.io_argoproj_argocd_v2.6.14.html b/docs/snyk/v2.5.15/quay.io_argoproj_argocd_v2.5.15.html similarity index 83% rename from docs/snyk/v2.6.14/quay.io_argoproj_argocd_v2.6.14.html rename to docs/snyk/v2.5.15/quay.io_argoproj_argocd_v2.5.15.html index 4db5b90015ec7..f407e8ac70756 100644 --- a/docs/snyk/v2.6.14/quay.io_argoproj_argocd_v2.6.14.html +++ b/docs/snyk/v2.5.15/quay.io_argoproj_argocd_v2.5.15.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,19 +456,19 @@

                                                                                                              Snyk test report

                                                                                                              -

                                                                                                              August 13th 2023, 12:22:43 am (UTC+00:00)

                                                                                                              +

                                                                                                              March 19th 2023, 12:22:19 am

                                                                                                              Scanned the following paths:
                                                                                                                -
                                                                                                              • quay.io/argoproj/argocd:v2.6.14/argoproj/argocd (deb)
                                                                                                              • quay.io/argoproj/argocd:v2.6.14/argoproj/argo-cd/v2 (gomodules)
                                                                                                              • quay.io/argoproj/argocd:v2.6.14/kustomize/kustomize/v4 (gomodules)
                                                                                                              • quay.io/argoproj/argocd:v2.6.14/helm/v3 (gomodules)
                                                                                                              • quay.io/argoproj/argocd:v2.6.14/git-lfs/git-lfs (gomodules)
                                                                                                                • +
                                                                                                              • quay.io/argoproj/argocd:v2.5.15/argoproj/argocd (deb)
                                                                                                              • quay.io/argoproj/argocd:v2.5.15/argoproj/argo-cd/v2 (gomodules)
                                                                                                              • quay.io/argoproj/argocd:v2.5.15/kustomize/kustomize/v4 (gomodules)
                                                                                                              • quay.io/argoproj/argocd:v2.5.15/helm/v3 (gomodules)
                                                                                                              • quay.io/argoproj/argocd:v2.5.15/git-lfs/git-lfs (gomodules)
                                                                                                              -
                                                                                                              26 known vulnerabilities
                                                                                                              -
                                                                                                              95 vulnerable dependency paths
                                                                                                              -
                                                                                                              2064 dependencies
                                                                                                              +
                                                                                                              24 known vulnerabilities
                                                                                                              +
                                                                                                              93 vulnerable dependency paths
                                                                                                              +
                                                                                                              2047 dependencies
                                                                                                              @@ -525,8 +525,8 @@

                                                                                                              Detailed paths

                                                                                                              Overview

                                                                                                              -

                                                                                                              gopkg.in/yaml.v3 is a YAML support package for the Go language.

                                                                                                              -

                                                                                                              Affected versions of this package are vulnerable to Denial of Service (DoS) via the Unmarshal function, which causes the program to crash when attempting to deserialize invalid input.

                                                                                                              +

                                                                                                              gopkg.in/yaml.v3 is a YAML support package for the Go language. + Affected versions of this package are vulnerable to Denial of Service (DoS) via the Unmarshal function, which causes the program to crash when attempting to deserialize invalid input.

                                                                                                              PoC

                                                                                                              package main
         
@@ -615,8 +615,8 @@ 
                                                                                                              Detailed paths
                                                                                                              
               
                                                                                                              
               
               
                                                                                                              Overview
                                                                                                              
-        
                                                                                                              gopkg.in/yaml.v3 is a YAML support package for the Go language.
                                                                                                              
-        
                                                                                                              Affected versions of this package are vulnerable to NULL Pointer Dereference when parsing #\n-\n-\n0 via the parserc.go parser.
                                                                                                              
+        
                                                                                                              gopkg.in/yaml.v3 is a YAML support package for the Go language.
+        Affected versions of this package are vulnerable to NULL Pointer Dereference when parsing #\n-\n-\n0 via the parserc.go parser.
                                                                                                              
         
                                                                                                              PoC
                                                                                                              
         
                                                                                                              package main
         
@@ -781,8 +781,8 @@ 
                                                                                                              Detailed paths
                                                                                                              
               
                                                                                                              
               
               
                                                                                                              Overview
                                                                                                              
-        
                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
                                                                                                              
-        
                                                                                                              Affected versions of this package are vulnerable to Denial of Service as an HTTP/2 connection can hang during closing if a shutdown was preempted by a fatal error.
                                                                                                              
+        
                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
+        Affected versions of this package are vulnerable to Denial of Service as an HTTP/2 connection can hang during closing if a shutdown was preempted by a fatal error.
                                                                                                              
         
                                                                                                              Remediation
                                                                                                              
         
                                                                                                              Upgrade golang.org/x/net/http2 to version 0.0.0-20220906165146-f3363e06e74c, 1.18.6, 1.19.1 or higher.
                                                                                                              
         
                                                                                                              References
                                                                                                              
@@ -847,8 +847,8 @@ 
                                                                                                              Detailed paths
                                                                                                              
               
                                                                                                              
               
               
                                                                                                              Overview
                                                                                                              
-        
                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
                                                                                                              
-        
                                                                                                              Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.
                                                                                                              
+        
                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
+        Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.
                                                                                                              
         
                                                                                                              Details
                                                                                                              
         
                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
                                                                                                              
         
                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
                                                                                                              
@@ -879,7 +879,7 @@ 
                                                                                                              References
                                                                                                              
         
         
         
                                                                                                              
-            
                                                                                                              Out-of-bounds Write
                                                                                                              
+            
                                                                                                              Denial of Service (DoS)
                                                                                                              
             
                                                                                                              
         
                 
                                                                                                              
@@ -890,17 +890,17 @@ 
                                                                                                              Out-of-bounds Write
                                                                                                              
         
                 
                                                                                                                
                     
                                                                                                              • 
-                        Package Manager: ubuntu:22.04
+                        Package Manager: golang
                     
                                                                                                                • 
                     
                                                                                                              • 
                             Vulnerable module:
         
-                            procps/libprocps8
+                            gopkg.in/yaml.v2
                     
                                                                                                                • 
         
                     
                                                                                                              • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and procps/libprocps8@2:3.3.17-6ubuntu2
+                                github.com/argoproj/argo-cd/v2@* and gopkg.in/yaml.v2@v2.2.4
         
                     
                                                                                                                • 
                 
                                                                                                              
@@ -913,29 +913,9 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        procps/libprocps8@2:3.3.17-6ubuntu2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        procps@2:3.3.17-6ubuntu2
-                                          
-                                        procps/libprocps8@2:3.3.17-6ubuntu2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        github.com/argoproj/argo-cd/v2@*
                                           
-                                        procps@2:3.3.17-6ubuntu2
+                                        gopkg.in/yaml.v2@v2.2.4
                                         
                                 
         
@@ -946,244 +926,34 @@ 
                                                                                                                Detailed paths
                                                                                                                
         
               
                                                                                                                
               
-              
                                                                                                                NVD Description
                                                                                                                
-        
                                                                                                                Note: Versions mentioned in the description apply only to the upstream procps package and not the procps package as distributed by Ubuntu:22.04.
-        See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
                                                                                                                
-        
                                                                                                                Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
                                                                                                                
-        
                                                                                                                Remediation
                                                                                                                
-        
                                                                                                                There is no fixed version for Ubuntu:22.04 procps.
                                                                                                                
-        
                                                                                                                References
                                                                                                                
+              
                                                                                                                Overview
                                                                                                                
+        
                                                                                                                gopkg.in/yaml.v2 is a YAML support package for the Go language.
+        Affected versions of this package are vulnerable to Denial of Service (DoS). It is possible for authorized users to send malicious YAML payloads to cause kube-apiserver to consume excessive CPU cycles while parsing YAML.
                                                                                                                
+        
                                                                                                                Details
                                                                                                                
+        
                                                                                                                Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
                                                                                                                
+        
                                                                                                                Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
                                                                                                                
+        
                                                                                                                One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.
                                                                                                                
+        
                                                                                                                When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.
                                                                                                                
+        
                                                                                                                Two common types of DoS vulnerabilities:
                                                                                                                
         
-        
-              
                                                                                                                
-        
-            
                                                                                                                
-                
                                                                                                                More about this vulnerability
                                                                                                                
-            
                                                                                                                
-        
-        
                                                                                                              
-        
                                                                                                              
-            
                                                                                                              CVE-2023-36054
                                                                                                              
-            
                                                                                                              
-        
-                
                                                                                                              
-                    medium severity
-                
                                                                                                              
-        
-                
                                                                                                              
-        
-                
                                                                                                                
-                    
                                                                                                              • 
-                        Package Manager: ubuntu:22.04
-                    
                                                                                                                • 
-                    
                                                                                                              • 
-                            Vulnerable module:
-        
-                            krb5/libk5crypto3
-                    
                                                                                                                • 
-        
-                    
                                                                                                              • Introduced through:
-        
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and krb5/libk5crypto3@1.19.2-2ubuntu0.2
-        
-                    
                                                                                                                • 
-                
                                                                                                              
-        
-                
                                                                                                              
-        
-        
-                        
                                                                                                              Detailed paths
                                                                                                              
-        
-                    
                                                                                                                
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                          
-                                        pam/libpam-modules@1.4.0-11ubuntu2.3
-                                          
-                                        libnsl/libnsl2@1.3.0-2build2
-                                          
-                                        libtirpc/libtirpc3@1.3.2-2ubuntu0.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                          
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                          
-                                        pam/libpam-modules@1.4.0-11ubuntu2.3
-                                          
-                                        libnsl/libnsl2@1.3.0-2build2
-                                          
-                                        libtirpc/libtirpc3@1.3.2-2ubuntu0.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                          
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
-                                          
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                          
-                                        pam/libpam-modules@1.4.0-11ubuntu2.3
-                                          
-                                        libnsl/libnsl2@1.3.0-2build2
-                                          
-                                        libtirpc/libtirpc3@1.3.2-2ubuntu0.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                          
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        git@1:2.34.1-1ubuntu1.9
-                                          
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        git@1:2.34.1-1ubuntu1.9
-                                          
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
-                                          
-                                        libssh/libssh-4@0.9.6-2ubuntu0.22.04.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                          
-                                        pam/libpam-modules@1.4.0-11ubuntu2.3
-                                          
-                                        libnsl/libnsl2@1.3.0-2build2
-                                          
-                                        libtirpc/libtirpc3@1.3.2-2ubuntu0.1
-                                          
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        meta-common-packages@meta
-                                          
-                                        krb5/libkrb5support0@1.19.2-2ubuntu0.2
-                                        
-                                
-        
-                            
                                                                                                                • 
-                    
                                                                                                              
-        
-            
                                                                                                              
-        
-              
                                                                                                              
-              
-              
                                                                                                              NVD Description
                                                                                                              
-        
                                                                                                              Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu:22.04.
-        See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
                                                                                                              
-        
                                                                                                              lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
                                                                                                              
         
                                                                                                              Remediation
                                                                                                              
-        
                                                                                                              There is no fixed version for Ubuntu:22.04 krb5.
                                                                                                              
+        
                                                                                                              Upgrade gopkg.in/yaml.v2 to version 2.2.8 or higher.
                                                                                                              
         
                                                                                                              References
                                                                                                              
         
         
               
                                                                                                              
         
             
                                                                                                              
-                
                                                                                                              More about this vulnerability
                                                                                                              
+                
                                                                                                              More about this vulnerability
                                                                                                              
             
                                                                                                              
         
         
                                                                                                              
@@ -1378,8 +1148,8 @@ 
                                                                                                              Detailed paths
                                                                                                              
               
                                                                                                              
               
               
                                                                                                              Overview
                                                                                                              
-        
                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
                                                                                                              
-        
                                                                                                              Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.
                                                                                                              
+        
                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.
+        Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.
                                                                                                              
         
                                                                                                              Details
                                                                                                              
         
                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
                                                                                                              
         
                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
                                                                                                              
@@ -1410,7 +1180,7 @@ 
                                                                                                              References
                                                                                                              
         
         
                                                                                                              
         
                                                                                                              
-            
                                                                                                              Improper Verification of Cryptographic Signature
                                                                                                              
+            
                                                                                                              Improper Input Validation
                                                                                                              
             
                                                                                                              
         
                 
                                                                                                              
@@ -1426,12 +1196,12 @@ 
                                                                                                              Improper Verification of Cryptographic Signature
                                                                                                              
                     
                                                                                                            • 
                             Vulnerable module:
         
-                            golang.org/x/crypto/openpgp/clearsign
+                            go.mongodb.org/mongo-driver/bson/bsonrw
                     
                                                                                                              • 
         
                     
                                                                                                            • Introduced through:
         
-                                helm.sh/helm/v3@* and golang.org/x/crypto/openpgp/clearsign@v0.0.0-20220525230936-793ad666bf5e
+                                github.com/argoproj/argo-cd/v2@* and go.mongodb.org/mongo-driver/bson/bsonrw@v1.1.2
         
                     
                                                                                                              • 
                 
@@ -1444,9 +1214,9 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        helm.sh/helm/v3@*
+                                        github.com/argoproj/argo-cd/v2@*
                                           
-                                        golang.org/x/crypto/openpgp/clearsign@v0.0.0-20220525230936-793ad666bf5e
+                                        go.mongodb.org/mongo-driver/bson/bsonrw@v1.1.2
                                         
                                 
         
@@ -1458,20 +1228,21 @@ 
                                                                                                                Detailed paths
                                                                                                                
               
                                                                                                                
               
               
                                                                                                                Overview
                                                                                                                
-        
                                                                                                                Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the crypto/openpgp/clearsign/clearsign.go component. An attacker can spoof the 'Hash' Armor Header, leading a victim to believe the signature was generated using a different message digest algorithm than what was actually used. Moreover, the attacker can prepend arbitrary text to cleartext messages without invalidating the signatures.
                                                                                                                
+        
                                                                                                                go.mongodb.org/mongo-driver/bson/bsonrw is a The MongoDB supported driver for Go.
+        Affected versions of this package are vulnerable to Improper Input Validation. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents.
                                                                                                                
         
                                                                                                                Remediation
                                                                                                                
-        
                                                                                                                Upgrade golang.org/x/crypto/openpgp/clearsign to version 0.1.0 or higher.
                                                                                                                
+        
                                                                                                                Upgrade go.mongodb.org/mongo-driver/bson/bsonrw to version 1.5.1 or higher.
                                                                                                                
         
                                                                                                                References
                                                                                                                
         
         
               
                                                                                                                
         
             
                                                                                                                
-                
                                                                                                                More about this vulnerability
                                                                                                                
+                
                                                                                                                More about this vulnerability
                                                                                                                
             
                                                                                                                
         
         
                                                                                                              
@@ -1498,7 +1269,7 @@ 
                                                                                                              CVE-2022-46908
                                                                                                              
                     
                                                                                                            • Introduced through:
         
         
-                                    docker-image|quay.io/argoproj/argocd@v2.6.14, gnupg2/gpg@2.2.27-3ubuntu2.1 and others
+                                    docker-image|quay.io/argoproj/argocd@v2.5.15, gnupg2/gpg@2.2.27-3ubuntu2.1 and others
                     
                                                                                                              • 
                 
         
@@ -1510,7 +1281,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gpg@2.2.27-3ubuntu2.1
                                           
@@ -1546,107 +1317,6 @@ 
                                                                                                                References
                                                                                                                
                 
                                                                                                                More about this vulnerability
                                                                                                                
             
                                                                                                              
         
-        
                                                                                                              
-        
                                                                                                              
-            
                                                                                                              Arbitrary Code Injection
                                                                                                              
-            
                                                                                                              
-        
-                
                                                                                                              
-                    low severity
-                
                                                                                                              
-        
-                
                                                                                                              
-        
-                
                                                                                                                
-                    
                                                                                                              • 
-                        Package Manager: ubuntu:22.04
-                    
                                                                                                                • 
-                    
                                                                                                              • 
-                            Vulnerable module:
-        
-                            shadow/passwd
-                    
                                                                                                                • 
-        
-                    
                                                                                                              • Introduced through:
-        
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and shadow/passwd@1:4.8.1-2ubuntu2.1
-        
-                    
                                                                                                                • 
-                
                                                                                                              
-        
-                
                                                                                                              
-        
-        
-                        
                                                                                                              Detailed paths
                                                                                                              
-        
-                    
                                                                                                                
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        adduser@3.118ubuntu5
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
-                                          
-                                        shadow/passwd@1:4.8.1-2ubuntu2.1
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        shadow/login@1:4.8.1-2ubuntu2.1
-                                        
-                                
-        
-                            
                                                                                                                • 
-                    
                                                                                                              
-        
-            
                                                                                                              
-        
-              
                                                                                                              
-              
-              
                                                                                                              NVD Description
                                                                                                              
-        
                                                                                                              Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Ubuntu:22.04.
-        See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
                                                                                                              
-        
                                                                                                              In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.
                                                                                                              
-        
                                                                                                              Remediation
                                                                                                              
-        
                                                                                                              There is no fixed version for Ubuntu:22.04 shadow.
                                                                                                              
-        
                                                                                                              References
                                                                                                              
-        
-        
-              
                                                                                                              
-        
-            
                                                                                                              
-                
                                                                                                              More about this vulnerability
                                                                                                              
-            
                                                                                                              
-        
         
                                                                                                              
         
                                                                                                              
             
                                                                                                              Uncontrolled Recursion
                                                                                                              
@@ -1670,7 +1340,7 @@ 
                                                                                                              Uncontrolled Recursion
                                                                                                              
         
                     
                                                                                                            • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
         
                     
                                                                                                              • 
                 
@@ -1683,7 +1353,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
                                         
@@ -1692,7 +1362,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         grep@3.7-1build1
                                           
@@ -1721,8 +1391,6 @@ 
                                                                                                                References
                                                                                                                
         
                                                                                                              • MLIST
                                                                                                                • 
         
                                                                                                              • OSS security Advisory
                                                                                                                • 
         
                                                                                                              • Security Focus
                                                                                                                • 
-        
                                                                                                              • cve@mitre.org
                                                                                                                • 
-        
                                                                                                              • cve@mitre.org
                                                                                                                • 
         
                                                                                                              
         
               
                                                                                                              
@@ -1754,7 +1422,7 @@ 
                                                                                                              Release of Invalid Pointer or Reference
                                                                                                              
         
                     
                                                                                                            • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and patch@2.7.6-7build2
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and patch@2.7.6-7build2
         
                     
                                                                                                              • 
                 
@@ -1767,7 +1435,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         patch@2.7.6-7build2
                                         
@@ -1821,7 +1489,7 @@ 
                                                                                                                Double Free
                                                                                                                
         
                     
                                                                                                              • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and patch@2.7.6-7build2
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and patch@2.7.6-7build2
         
                     
                                                                                                                • 
                 
                                                                                                              
@@ -1834,7 +1502,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         patch@2.7.6-7build2
                                         
@@ -1872,7 +1540,7 @@ 
                                                                                                                References
                                                                                                                
         
         
                                                                                                              
         
                                                                                                              
-            
                                                                                                              Improper Authentication
                                                                                                              
+            
                                                                                                              Improper Locking
                                                                                                              
             
                                                                                                              
         
                 
                                                                                                              
@@ -1893,7 +1561,7 @@ 
                                                                                                              Improper Authentication
                                                                                                              
         
                     
                                                                                                            • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and openssl/libssl3@3.0.2-0ubuntu1.10
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and openssl/libssl3@3.0.2-0ubuntu1.8
         
                     
                                                                                                              • 
                 
@@ -1906,77 +1574,77 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         libfido2/libfido2-1@1.10.0-1
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
+                                        openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        ca-certificates@20230311ubuntu0.22.04.1
+                                        ca-certificates@20211016ubuntu0.22.04.1
                                           
-                                        openssl@3.0.2-0ubuntu1.10
+                                        openssl@3.0.2-0ubuntu1.8
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                           
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
+                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.8
                                           
-                                        libssh/libssh-4@0.9.6-2ubuntu0.22.04.1
+                                        libssh/libssh-4@0.9.6-2build1
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -1988,31 +1656,31 @@ 
                                                                                                                Detailed paths
                                                                                                                
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                           
-                                        openssl/libssl3@3.0.2-0ubuntu1.10
+                                        openssl/libssl3@3.0.2-0ubuntu1.8
                                         
                                                                                                                                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        openssl@3.0.2-0ubuntu1.10
+                                        openssl@3.0.2-0ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        ca-certificates@20230311ubuntu0.22.04.1
+                                        ca-certificates@20211016ubuntu0.22.04.1
                                           
-                                        openssl@3.0.2-0ubuntu1.10
+                                        openssl@3.0.2-0ubuntu1.8
                                         
                                 
         
@@ -2026,45 +1694,25 @@ 
                                                                                                                Detailed paths
                                                                                                                
               
                                                                                                                NVD Description
                                                                                                                
         
                                                                                                                Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu:22.04.
         See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
                                                                                                                
-        
                                                                                                                Issue summary: The AES-SIV cipher implementation contains a bug that causes
-        it to ignore empty associated data entries which are unauthenticated as
-        a consequence.
                                                                                                                
-        
                                                                                                                Impact summary: Applications that use the AES-SIV algorithm and want to
-        authenticate empty data entries as associated data can be mislead by removing
-        adding or reordering such empty entries as these are ignored by the OpenSSL
-        implementation. We are currently unaware of any such applications.
                                                                                                                
-        
                                                                                                                The AES-SIV algorithm allows for authentication of multiple associated
-        data entries along with the encryption. To authenticate empty data the
-        application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with
-        NULL pointer as the output buffer and 0 as the input buffer length.
-        The AES-SIV implementation in OpenSSL just returns success for such a call
-        instead of performing the associated data authentication operation.
-        The empty data thus will not be authenticated.
                                                                                                                
-        
                                                                                                                As this issue does not affect non-empty associated data authentication and
-        we expect it to be rare for an application to use empty associated data
-        entries this is qualified as Low severity issue.
                                                                                                                
+        
                                                                                                                If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the -policy&#39; argument to the command line utilities or by calling either X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.
                                                                                                                
         
                                                                                                                Remediation
                                                                                                                
         
                                                                                                                There is no fixed version for Ubuntu:22.04 openssl.
                                                                                                                
         
                                                                                                                References
                                                                                                                
         
         
               
                                                                                                                
         
             
                                                                                                                
-                
                                                                                                                More about this vulnerability
                                                                                                                
+                
                                                                                                                More about this vulnerability
                                                                                                                
             
                                                                                                                
         
         
                                                                                                              
         
                                                                                                              
-            
                                                                                                              CVE-2023-28531
                                                                                                              
+            
                                                                                                              Improper Privilege Management
                                                                                                              
             
                                                                                                              
         
                 
                                                                                                              
@@ -2085,7 +1733,7 @@ 
                                                                                                              CVE-2023-28531
                                                                                                              
         
                     
                                                                                                            • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and openssh/openssh-client@1:8.9p1-3ubuntu0.3
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and openssh/openssh-client@1:8.9p1-3ubuntu0.1
         
                     
                                                                                                              • 
                 
@@ -2098,9 +1746,9 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
+                                        openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                         
                                 
         
@@ -2114,26 +1762,35 @@ 
                                                                                                                Detailed paths
                                                                                                                
               
                                                                                                                NVD Description
                                                                                                                
         
                                                                                                                Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04.
         See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
                                                                                                                
-        
                                                                                                                ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
                                                                                                                
+        
                                                                                                                sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
                                                                                                                
         
                                                                                                                Remediation
                                                                                                                
         
                                                                                                                There is no fixed version for Ubuntu:22.04 openssh.
                                                                                                                
         
                                                                                                                References
                                                                                                                
         
         
               
                                                                                                                
         
             
                                                                                                                
-                
                                                                                                                More about this vulnerability
                                                                                                                
+                
                                                                                                                More about this vulnerability
                                                                                                                
             
                                                                                                                
         
         
                                                                                                              
         
                                                                                                              
-            
                                                                                                              NULL Pointer Dereference
                                                                                                              
+            
                                                                                                              Information Exposure
                                                                                                              
             
                                                                                                              
         
                 
                                                                                                              
@@ -2149,13 +1806,13 @@ 
                                                                                                              NULL Pointer Dereference
                                                                                                              
                     
                                                                                                            • 
                             Vulnerable module:
         
-                            openldap/libldap-2.5-0
+                            openssh/openssh-client
                     
                                                                                                              • 
         
                     
                                                                                                            • Introduced through:
         
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and openssh/openssh-client@1:8.9p1-3ubuntu0.1
         
-                                    docker-image|quay.io/argoproj/argocd@v2.6.14, gnupg2/dirmngr@2.2.27-3ubuntu2.1 and others
                     
                                                                                                              • 
                 
         
@@ -2167,33 +1824,9 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        gnupg2/dirmngr@2.2.27-3ubuntu2.1
-                                          
-                                        openldap/libldap-2.5-0@2.5.15+dfsg-0ubuntu0.22.04.1
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        git@1:2.34.1-1ubuntu1.9
-                                          
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
-                                          
-                                        openldap/libldap-2.5-0@2.5.15+dfsg-0ubuntu0.22.04.1
-                                        
-                                
-        
-                            
                                                                                                                • 
-                                
                                                                                                              • 
-                                Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
-                                          
-                                        openldap/libldap-common@2.5.15+dfsg-0ubuntu0.22.04.1
+                                        openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                         
                                 
         
@@ -2205,34 +1838,33 @@ 
                                                                                                                Detailed paths
                                                                                                                
               
                                                                                                                
               
               
                                                                                                                NVD Description
                                                                                                                
-        
                                                                                                                Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Ubuntu:22.04.
+        
                                                                                                                Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04.
         See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
                                                                                                                
-        
                                                                                                                A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
                                                                                                                
+        
                                                                                                                The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
                                                                                                                
         
                                                                                                                Remediation
                                                                                                                
-        
                                                                                                                There is no fixed version for Ubuntu:22.04 openldap.
                                                                                                                
+        
                                                                                                                There is no fixed version for Ubuntu:22.04 openssh.
                                                                                                                
         
                                                                                                                References
                                                                                                                
         
         
               
                                                                                                                
         
             
                                                                                                                
-                
                                                                                                                More about this vulnerability
                                                                                                                
+                
                                                                                                                More about this vulnerability
                                                                                                                
             
                                                                                                                
         
         
                                                                                                              
         
                                                                                                              
-            
                                                                                                              Resource Exhaustion
                                                                                                              
+            
                                                                                                              Out-of-bounds Read
                                                                                                              
             
                                                                                                              
         
                 
                                                                                                              
@@ -2248,13 +1880,13 @@ 
                                                                                                              Resource Exhaustion
                                                                                                              
                     
                                                                                                            • 
                             Vulnerable module:
         
-                            libzstd/libzstd1
+                            ncurses/libtinfo6
                     
                                                                                                              • 
         
                     
                                                                                                            • Introduced through:
         
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and ncurses/libtinfo6@6.3-2
         
-                                    docker-image|quay.io/argoproj/argocd@v2.6.14, meta-common-packages@meta and others
                     
                                                                                                              • 
                 
         
@@ -2266,11 +1898,200 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        meta-common-packages@meta
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        bash@5.1-6ubuntu1
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        ncurses/libncursesw6@6.3-2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        less@590-1ubuntu0.22.04.1
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        libedit/libedit2@3.1-20210910-1build1
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        ncurses/libncurses6@6.3-2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        ncurses/ncurses-bin@6.3-2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        procps@2:3.3.17-6ubuntu2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        util-linux@2.37.2-4ubuntu3
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        gnupg2/gpg@2.2.27-3ubuntu2.1
+                                          
+                                        gnupg2/gpgconf@2.2.27-3ubuntu2.1
+                                          
+                                        readline/libreadline8@8.1.2-1
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        gnupg2/gnupg@2.2.27-3ubuntu2.1
+                                          
+                                        gnupg2/gpg-agent@2.2.27-3ubuntu2.1
+                                          
+                                        pinentry/pinentry-curses@1.1.1-1build2
+                                          
+                                        ncurses/libtinfo6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        ncurses/libncursesw6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        procps@2:3.3.17-6ubuntu2
+                                          
+                                        ncurses/libncursesw6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        gnupg2/gnupg@2.2.27-3ubuntu2.1
+                                          
+                                        gnupg2/gpg-agent@2.2.27-3ubuntu2.1
+                                          
+                                        pinentry/pinentry-curses@1.1.1-1build2
+                                          
+                                        ncurses/libncursesw6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        ncurses/libncurses6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        procps@2:3.3.17-6ubuntu2
+                                          
+                                        ncurses/libncurses6@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
+                                          
+                                        ncurses/ncurses-base@6.3-2
+                                        
+                                
+        
+                            
                                                                                                                • 
+                                
                                                                                                              • 
+                                Introduced through:
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        libzstd/libzstd1@1.4.8+dfsg-3build1
+                                        ncurses/ncurses-bin@6.3-2
                                         
                                 
         
@@ -2282,22 +2103,25 @@ 
                                                                                                                Detailed paths
                                                                                                                
               
                                                                                                                
               
               
                                                                                                                NVD Description
                                                                                                                
-        
                                                                                                                Note: Versions mentioned in the description apply only to the upstream libzstd package and not the libzstd package as distributed by Ubuntu:22.04.
+        
                                                                                                                Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Ubuntu:22.04.
         See How to fix? for Ubuntu:22.04 relevant fixed versions and status.
                                                                                                                
-        
                                                                                                                A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.
                                                                                                                
+        
                                                                                                                ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
                                                                                                                
         
                                                                                                                Remediation
                                                                                                                
-        
                                                                                                                There is no fixed version for Ubuntu:22.04 libzstd.
                                                                                                                
+        
                                                                                                                There is no fixed version for Ubuntu:22.04 ncurses.
                                                                                                                
         
                                                                                                                References
                                                                                                                
         
         
               
                                                                                                                
         
             
                                                                                                                
-                
                                                                                                                More about this vulnerability
                                                                                                                
+                
                                                                                                                More about this vulnerability
                                                                                                                
             
                                                                                                                
         
         
                                                                                                              
@@ -2323,7 +2147,7 @@ 
                                                                                                              Integer Overflow or Wraparound
                                                                                                              
         
                     
                                                                                                            • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and krb5/libk5crypto3@1.19.2-2ubuntu0.1
         
                     
                                                                                                              • 
                 
@@ -2336,16 +2160,16 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                        krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2357,16 +2181,16 @@ 
                                                                                                                Detailed paths
                                                                                                                
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                        krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                         
                                                                                                                                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2378,27 +2202,27 @@ 
                                                                                                                Detailed paths
                                                                                                                
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libk5crypto3@1.19.2-2ubuntu0.2
+                                        krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                         
                                                                                                                                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2410,64 +2234,64 @@ 
                                                                                                                Detailed paths
                                                                                                                
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                           
-                                        krb5/libkrb5-3@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                         
                                                                                                                                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        openssh/openssh-client@1:8.9p1-3ubuntu0.3
+                                        openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                           
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
+                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.8
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                           
-                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.13
+                                        curl/libcurl3-gnutls@7.81.0-1ubuntu1.8
                                           
-                                        libssh/libssh-4@0.9.6-2ubuntu0.22.04.1
+                                        libssh/libssh-4@0.9.6-2build1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         adduser@3.118ubuntu5
                                           
@@ -2479,18 +2303,18 @@ 
                                                                                                                Detailed paths
                                                                                                                
                                           
                                         libtirpc/libtirpc3@1.3.2-2ubuntu0.1
                                           
-                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2
+                                        krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                         
                                                                                                                                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         meta-common-packages@meta
                                           
-                                        krb5/libkrb5support0@1.19.2-2ubuntu0.2
+                                        krb5/libkrb5support0@1.19.2-2ubuntu0.1
                                         
                                 
         
@@ -2545,7 +2369,7 @@ 
                                                                                                                Out-of-bounds Write
                                                                                                                
         
                     
                                                                                                              • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and gnupg2/gpgv@2.2.27-3ubuntu2.1
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and gnupg2/gpgv@2.2.27-3ubuntu2.1
         
                     
                                                                                                                • 
                 
                                                                                                              
@@ -2558,7 +2382,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gpgv@2.2.27-3ubuntu2.1
                                         
@@ -2567,9 +2391,9 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        apt@2.4.9
+                                        apt@2.4.8
                                           
                                         gnupg2/gpgv@2.2.27-3ubuntu2.1
                                         
@@ -2578,7 +2402,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2589,7 +2413,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/dirmngr@2.2.27-3ubuntu2.1
                                           
@@ -2600,7 +2424,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gpg@2.2.27-3ubuntu2.1
                                           
@@ -2611,7 +2435,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2624,7 +2448,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2637,7 +2461,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/dirmngr@2.2.27-3ubuntu2.1
                                         
@@ -2646,7 +2470,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2657,7 +2481,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2670,7 +2494,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1
                                         
@@ -2679,7 +2503,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2690,7 +2514,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg-utils@2.2.27-3ubuntu2.1
                                         
@@ -2699,7 +2523,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2710,7 +2534,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gpg@2.2.27-3ubuntu2.1
                                         
@@ -2719,7 +2543,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2730,7 +2554,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2743,7 +2567,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2756,7 +2580,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gpg-agent@2.2.27-3ubuntu2.1
                                         
@@ -2765,7 +2589,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2776,7 +2600,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2789,7 +2613,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2802,7 +2626,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1
                                         
@@ -2811,7 +2635,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2822,7 +2646,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1
                                         
@@ -2831,7 +2655,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2842,7 +2666,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gpgsm@2.2.27-3ubuntu2.1
                                         
@@ -2851,7 +2675,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                           
@@ -2862,7 +2686,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         gnupg2/gnupg@2.2.27-3ubuntu2.1
                                         
@@ -2889,7 +2713,6 @@ 
                                                                                                                References
                                                                                                                
         
                                                                                                              • secalert@redhat.com
                                                                                                                • 
         
                                                                                                              • secalert@redhat.com
                                                                                                                • 
         
                                                                                                              • secalert@redhat.com
                                                                                                                • 
-        
                                                                                                              • secalert@redhat.com
                                                                                                                • 
         
                                                                                                              
         
               
                                                                                                              
@@ -2921,7 +2744,7 @@ 
                                                                                                              Allocation of Resources Without Limits or Throttling
                                                                                                              Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and glibc/libc-bin@2.35-0ubuntu3.1
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and glibc/libc-bin@2.35-0ubuntu3.1
         
                     
                 
@@ -2934,7 +2757,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         glibc/libc-bin@2.35-0ubuntu3.1
                                         
@@ -2943,7 +2766,7 @@ 
                                                                                                                Detailed paths
                                                                                                                
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         meta-common-packages@meta
                                           
@@ -3002,7 +2825,7 @@ 
                                                                                                                Improper Input Validation
                                                                                                                
                     
                                                                                                              • Introduced through:
         
         
-                                    docker-image|quay.io/argoproj/argocd@v2.6.14, git@1:2.34.1-1ubuntu1.9 and others
+                                    docker-image|quay.io/argoproj/argocd@v2.5.15, git@1:2.34.1-1ubuntu1.8 and others
                     
                                                                                                                • 
                 
                                                                                                              
         
@@ -3014,31 +2837,31 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                           
-                                        git/git-man@1:2.34.1-1ubuntu1.9
+                                        git/git-man@1:2.34.1-1ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                         
                                 
         
                             
                                                                                                                • 
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
-                                        git-lfs@3.0.2-1ubuntu0.2
+                                        git-lfs@3.0.2-1ubuntu0.1
                                           
-                                        git@1:2.34.1-1ubuntu1.9
+                                        git@1:2.34.1-1ubuntu1.8
                                         
                                 
         
@@ -3091,7 +2914,7 @@ 
                                                                                                                Improper Input Validation
                                                                                                                
         
                     
                                                                                                              • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and coreutils@8.32-4.1ubuntu1
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and coreutils@8.32-4.1ubuntu1
         
                     
                                                                                                                • 
                 
                                                                                                              
@@ -3104,7 +2927,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         coreutils@8.32-4.1ubuntu1
                                         
@@ -3161,7 +2984,7 @@ 
                                                                                                                Out-of-bounds Write
                                                                                                                
         
                     
                                                                                                              • Introduced through:
         
-                                docker-image|quay.io/argoproj/argocd@v2.6.14 and bash@5.1-6ubuntu1
+                                docker-image|quay.io/argoproj/argocd@v2.5.15 and bash@5.1-6ubuntu1
         
                     
                                                                                                                • 
                 
                                                                                                              
@@ -3174,7 +2997,7 @@ 
                                                                                                              Detailed paths
                                                                                                              
                     
                                                                                                                
                                 
                                                                                                              • 
                                 Introduced through:
-                                        docker-image|quay.io/argoproj/argocd@v2.6.14
+                                        docker-image|quay.io/argoproj/argocd@v2.5.15
                                           
                                         bash@5.1-6ubuntu1
                                         
diff --git a/docs/snyk/v2.5.15/redis_7.0.8-alpine.html b/docs/snyk/v2.5.15/redis_7.0.8-alpine.html
new file mode 100644
index 0000000000000..27c693601e697
--- /dev/null
+++ b/docs/snyk/v2.5.15/redis_7.0.8-alpine.html
@@ -0,0 +1,492 @@
+
+
+
+
+  
+  
+  
+  
+  Snyk test report
+  
+  
+  
+  
+  
+  
+
+
+
+  
                                                                                                                
+        
                                                                                                                
+          
                                                                                                                
+            
                                                                                                                
+              
+                
+                  Snyk - Open Source Security
+                  
+                    
+                      
+                    
+                  
+                
+              
+              
                                                                                                                
+                  
                                                                                                                Snyk test report
                                                                                                                
+    
+                
                                                                                                                March 19th 2023, 12:22:25 am
                                                                                                                
+              
                                                                                                                
+              
                                                                                                                
+                Scanned the following path:
+                
                                                                                                                  
+                  
                                                                                                                • redis:7.0.8-alpine (apk)
                                                                                                                  • 
+                
                                                                                                                
+              
                                                                                                                
+    
+              
                                                                                                                
+                
                                                                                                                0 known vulnerabilities
                                                                                                                
+                
                                                                                                                0 vulnerable dependency paths
                                                                                                                
+                
                                                                                                                18 dependencies
                                                                                                                
+              
                                                                                                                
+            
                                                                                                                
+          
                                                                                                                
+        
                                                                                                                
+      
                                                                                                                
+
                                                                                                              Project docker-image|haproxy
                                                                                                              Path haproxy:2.6.14-alpine
                                                                                                              Path haproxy:2.6.9-alpine
                                                                                                              Package Manager apk
                                                                                                              + + + + + + +
                                                                                                              Project docker-image|redis
                                                                                                              Path redis:7.0.8-alpine
                                                                                                              Package Manager apk
                                                                                                              + +
                                                                                                              + No known vulnerabilities detected. +
                                                                                                              + + + + diff --git a/docs/snyk/v2.5.22/ghcr.io_dexidp_dex_v2.37.0.html b/docs/snyk/v2.5.22/ghcr.io_dexidp_dex_v2.37.0.html deleted file mode 100644 index 854284df5423c..0000000000000 --- a/docs/snyk/v2.5.22/ghcr.io_dexidp_dex_v2.37.0.html +++ /dev/null @@ -1,1079 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                              -

                                                                                                              Snyk test report

                                                                                                              - -

                                                                                                              August 13th 2023, 12:25:00 am (UTC+00:00)

                                                                                                              -
                                                                                                              -
                                                                                                              - Scanned the following paths: -
                                                                                                                -
                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (apk)
                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/hairyhenderson/gomplate/v3 (gomodules)
                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
                                                                                                                • -
                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              4 known vulnerabilities
                                                                                                              -
                                                                                                              22 vulnerable dependency paths
                                                                                                              -
                                                                                                              786 dependencies
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -
                                                                                                              -

                                                                                                              Improper Authentication

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                              -

                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                              -

                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Inefficient Regular Expression Complexity

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                              -

                                                                                                              The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

                                                                                                              -

                                                                                                              However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

                                                                                                              -

                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

                                                                                                              -

                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                              -

                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

                                                                                                              -

                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Excessive Iteration

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                              -

                                                                                                              The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

                                                                                                              -

                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

                                                                                                              -

                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                              -

                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

                                                                                                              -

                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue.

                                                                                                              -

                                                                                                              The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Cross-site Scripting (XSS)

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: golang -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - golang.org/x/net/html -
                                                                                                                • - -
                                                                                                              • Introduced through: - - github.com/dexidp/dex@* and golang.org/x/net/html@v0.11.0 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - github.com/dexidp/dex@* - - golang.org/x/net/html@v0.11.0 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              Overview

                                                                                                              -

                                                                                                              golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser.

                                                                                                              -

                                                                                                              Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the render1() function in render.go. Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be.

                                                                                                              -

                                                                                                              Details

                                                                                                              -

                                                                                                              A cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.

                                                                                                              -

                                                                                                              This is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser’s Same Origin Policy.

                                                                                                              -

                                                                                                              Injecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.

                                                                                                              -

                                                                                                              Escaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, < can be coded as &lt; and > can be coded as &gt; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses < and > as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they’ve been correctly escaped in the application code and in this way the attempted attack is diverted.

                                                                                                              -

                                                                                                              The most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware.

                                                                                                              -

                                                                                                              Types of attacks

                                                                                                              -

                                                                                                              There are a few methods by which XSS can be manipulated:

                                                                                                              - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                                                                              TypeOriginDescription
                                                                                                              StoredServerThe malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.
                                                                                                              ReflectedServerThe attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user’s browser.
                                                                                                              DOM-basedClientThe attacker forces the user’s browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.
                                                                                                              MutatedThe attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.
                                                                                                              -

                                                                                                              Affected environments

                                                                                                              -

                                                                                                              The following environments are susceptible to an XSS attack:

                                                                                                              -
                                                                                                                -
                                                                                                              • Web servers
                                                                                                                • -
                                                                                                              • Application servers
                                                                                                                • -
                                                                                                              • Web application environments
                                                                                                                • -
                                                                                                              -

                                                                                                              How to prevent

                                                                                                              -

                                                                                                              This section describes the top best practices designed to specifically protect your code:

                                                                                                              -
                                                                                                                -
                                                                                                              • Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches.
                                                                                                                • -
                                                                                                              • Convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents.
                                                                                                                • -
                                                                                                              • Give users the option to disable client-side scripts.
                                                                                                                • -
                                                                                                              • Redirect invalid requests.
                                                                                                                • -
                                                                                                              • Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.
                                                                                                                • -
                                                                                                              • Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.
                                                                                                                • -
                                                                                                              • Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.
                                                                                                                • -
                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade golang.org/x/net/html to version 0.13.0 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - diff --git a/docs/snyk/v2.5.22/redis_7.0.11-alpine.html b/docs/snyk/v2.5.22/redis_7.0.11-alpine.html deleted file mode 100644 index 8632f50ae8e07..0000000000000 --- a/docs/snyk/v2.5.22/redis_7.0.11-alpine.html +++ /dev/null @@ -1,1031 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                              -

                                                                                                              Snyk test report

                                                                                                              - -

                                                                                                              August 13th 2023, 12:25:30 am (UTC+00:00)

                                                                                                              -
                                                                                                              -
                                                                                                              - Scanned the following path: -
                                                                                                                -
                                                                                                              • redis:7.0.11-alpine (apk)
                                                                                                                • -
                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              3 known vulnerabilities
                                                                                                              -
                                                                                                              27 vulnerable dependency paths
                                                                                                              -
                                                                                                              18 dependencies
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - - - - - -
                                                                                                              Project docker-image|redis
                                                                                                              Path redis:7.0.11-alpine
                                                                                                              Package Manager apk
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -

                                                                                                              Improper Authentication

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                              -

                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                              -

                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Inefficient Regular Expression Complexity

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                              -

                                                                                                              The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

                                                                                                              -

                                                                                                              However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

                                                                                                              -

                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

                                                                                                              -

                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                              -

                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

                                                                                                              -

                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Excessive Iteration

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                              -

                                                                                                              The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

                                                                                                              -

                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

                                                                                                              -

                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                              -

                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

                                                                                                              -

                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue.

                                                                                                              -

                                                                                                              The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - diff --git a/docs/snyk/v2.6.14/argocd-test.html b/docs/snyk/v2.6.14/argocd-test.html deleted file mode 100644 index 6bb7dda5535f3..0000000000000 --- a/docs/snyk/v2.6.14/argocd-test.html +++ /dev/null @@ -1,636 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                              -

                                                                                                              Snyk test report

                                                                                                              - -

                                                                                                              August 13th 2023, 12:22:11 am (UTC+00:00)

                                                                                                              -
                                                                                                              -
                                                                                                              - Scanned the following paths: -
                                                                                                                -
                                                                                                              • /argo-cd/argoproj/argo-cd/v2 (gomodules)
                                                                                                              • /argo-cd (yarn)
                                                                                                                • -
                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              1 known vulnerabilities
                                                                                                              -
                                                                                                              1 vulnerable dependency paths
                                                                                                              -
                                                                                                              1727 dependencies
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -
                                                                                                              -

                                                                                                              Regular Expression Denial of Service (ReDoS)

                                                                                                              -
                                                                                                              - -
                                                                                                              - high severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: npm -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - semver -
                                                                                                                • - -
                                                                                                              • Introduced through: - - - argo-cd-ui@1.0.0, superagent@7.1.6 and others -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - argo-cd-ui@1.0.0 - - superagent@7.1.6 - - semver@7.3.7 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              Overview

                                                                                                              -

                                                                                                              semver is a semantic version parser used by npm.

                                                                                                              -

                                                                                                              Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.

                                                                                                              -

                                                                                                              PoC

                                                                                                              - 
                                                                                                              
-        const semver = require('semver')
-        const lengths_2 = [2000, 4000, 8000, 16000, 32000, 64000, 128000]
-        
-        console.log("n[+] Valid range - Test payloads")
-        for (let i = 0; i =1.2.3' + ' '.repeat(lengths_2[i]) + '<1.3.0';
-        const start = Date.now()
-        semver.validRange(value)
-        // semver.minVersion(value)
-        // semver.maxSatisfying(["1.2.3"], value)
-        // semver.minSatisfying(["1.2.3"], value)
-        // new semver.Range(value, {})
-        
-        const end = Date.now();
-        console.log('length=%d, time=%d ms', value.length, end - start);
-        }
-
                                                                                                              -

                                                                                                              Details

                                                                                                              -

                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

                                                                                                              -

                                                                                                              The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

                                                                                                              -

                                                                                                              Let’s take the following regular expression as an example:

                                                                                                              - 
                                                                                                              regex = /A(B|C+)+D/
-
                                                                                                              -

                                                                                                              This regular expression accomplishes the following:

                                                                                                              -
                                                                                                                -
                                                                                                              • A The string must start with the letter 'A'
                                                                                                                • -
                                                                                                              • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
                                                                                                                • -
                                                                                                              • D Finally, we ensure this section of the string ends with a 'D'
                                                                                                                • -
                                                                                                              -

                                                                                                              The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

                                                                                                              -

                                                                                                              It most cases, it doesn't take very long for a regex engine to find a match:

                                                                                                              - 
                                                                                                              $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
-        0.04s user 0.01s system 95% cpu 0.052 total
-        
-        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
-        1.79s user 0.02s system 99% cpu 1.812 total
-
                                                                                                              -

                                                                                                              The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

                                                                                                              -

                                                                                                              Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

                                                                                                              -

                                                                                                              Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

                                                                                                              -
                                                                                                                -
                                                                                                              1. CCC
                                                                                                                2. -
                                                                                                              2. CC+C
                                                                                                                3. -
                                                                                                              3. C+CC
                                                                                                                4. -
                                                                                                              4. C+C+C.
                                                                                                                5. -
                                                                                                              -

                                                                                                              The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

                                                                                                              -

                                                                                                              From there, the number of steps the engine must use to validate a string just continues to grow.

                                                                                                              - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                                                                              StringNumber of C'sNumber of steps
                                                                                                              ACCCX338
                                                                                                              ACCCCX471
                                                                                                              ACCCCCX5136
                                                                                                              ACCCCCCCCCCCCCCX1465,553
                                                                                                              -

                                                                                                              By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade semver to version 5.7.2, 6.3.1, 7.5.2 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - diff --git a/docs/snyk/v2.6.14/ghcr.io_dexidp_dex_v2.37.0.html b/docs/snyk/v2.6.14/ghcr.io_dexidp_dex_v2.37.0.html deleted file mode 100644 index ce3acf27ba464..0000000000000 --- a/docs/snyk/v2.6.14/ghcr.io_dexidp_dex_v2.37.0.html +++ /dev/null @@ -1,1079 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                              -

                                                                                                              Snyk test report

                                                                                                              - -

                                                                                                              August 13th 2023, 12:22:18 am (UTC+00:00)

                                                                                                              -
                                                                                                              -
                                                                                                              - Scanned the following paths: -
                                                                                                                -
                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (apk)
                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/hairyhenderson/gomplate/v3 (gomodules)
                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
                                                                                                                • -
                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              4 known vulnerabilities
                                                                                                              -
                                                                                                              22 vulnerable dependency paths
                                                                                                              -
                                                                                                              786 dependencies
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -
                                                                                                              -

                                                                                                              Improper Authentication

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                              -

                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                              -

                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Inefficient Regular Expression Complexity

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                              -

                                                                                                              The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

                                                                                                              -

                                                                                                              However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

                                                                                                              -

                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

                                                                                                              -

                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                              -

                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

                                                                                                              -

                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Excessive Iteration

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                              -

                                                                                                              The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

                                                                                                              -

                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

                                                                                                              -

                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                              -

                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

                                                                                                              -

                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue.

                                                                                                              -

                                                                                                              The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Cross-site Scripting (XSS)

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: golang -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - golang.org/x/net/html -
                                                                                                                • - -
                                                                                                              • Introduced through: - - github.com/dexidp/dex@* and golang.org/x/net/html@v0.11.0 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - github.com/dexidp/dex@* - - golang.org/x/net/html@v0.11.0 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              Overview

                                                                                                              -

                                                                                                              golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser.

                                                                                                              -

                                                                                                              Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the render1() function in render.go. Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be.

                                                                                                              -

                                                                                                              Details

                                                                                                              -

                                                                                                              A cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.

                                                                                                              -

                                                                                                              This is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser’s Same Origin Policy.

                                                                                                              -

                                                                                                              Injecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.

                                                                                                              -

                                                                                                              Escaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, < can be coded as &lt; and > can be coded as &gt; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses < and > as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they’ve been correctly escaped in the application code and in this way the attempted attack is diverted.

                                                                                                              -

                                                                                                              The most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware.

                                                                                                              -

                                                                                                              Types of attacks

                                                                                                              -

                                                                                                              There are a few methods by which XSS can be manipulated:

                                                                                                              - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                                                                              TypeOriginDescription
                                                                                                              StoredServerThe malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.
                                                                                                              ReflectedServerThe attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user’s browser.
                                                                                                              DOM-basedClientThe attacker forces the user’s browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.
                                                                                                              MutatedThe attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.
                                                                                                              -

                                                                                                              Affected environments

                                                                                                              -

                                                                                                              The following environments are susceptible to an XSS attack:

                                                                                                              -
                                                                                                                -
                                                                                                              • Web servers
                                                                                                                • -
                                                                                                              • Application servers
                                                                                                                • -
                                                                                                              • Web application environments
                                                                                                                • -
                                                                                                              -

                                                                                                              How to prevent

                                                                                                              -

                                                                                                              This section describes the top best practices designed to specifically protect your code:

                                                                                                              -
                                                                                                                -
                                                                                                              • Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches.
                                                                                                                • -
                                                                                                              • Convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents.
                                                                                                                • -
                                                                                                              • Give users the option to disable client-side scripts.
                                                                                                                • -
                                                                                                              • Redirect invalid requests.
                                                                                                                • -
                                                                                                              • Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.
                                                                                                                • -
                                                                                                              • Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.
                                                                                                                • -
                                                                                                              • Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.
                                                                                                                • -
                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade golang.org/x/net/html to version 0.13.0 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - diff --git a/docs/snyk/v2.6.14/redis_7.0.11-alpine.html b/docs/snyk/v2.6.14/redis_7.0.11-alpine.html deleted file mode 100644 index fc44050d1a0c3..0000000000000 --- a/docs/snyk/v2.6.14/redis_7.0.11-alpine.html +++ /dev/null @@ -1,1031 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                              -

                                                                                                              Snyk test report

                                                                                                              - -

                                                                                                              August 13th 2023, 12:22:49 am (UTC+00:00)

                                                                                                              -
                                                                                                              -
                                                                                                              - Scanned the following path: -
                                                                                                                -
                                                                                                              • redis:7.0.11-alpine (apk)
                                                                                                                • -
                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              3 known vulnerabilities
                                                                                                              -
                                                                                                              27 vulnerable dependency paths
                                                                                                              -
                                                                                                              18 dependencies
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - - - - - -
                                                                                                              Project docker-image|redis
                                                                                                              Path redis:7.0.11-alpine
                                                                                                              Package Manager apk
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              -

                                                                                                              Improper Authentication

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                              -

                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                              -

                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Inefficient Regular Expression Complexity

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                              -

                                                                                                              The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

                                                                                                              -

                                                                                                              However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

                                                                                                              -

                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

                                                                                                              -

                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                              -

                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

                                                                                                              -

                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -

                                                                                                              Excessive Iteration

                                                                                                              -
                                                                                                              - -
                                                                                                              - medium severity -
                                                                                                              - -
                                                                                                              - -
                                                                                                                -
                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                • -
                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                • - -
                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - - -

                                                                                                              Detailed paths

                                                                                                              - -
                                                                                                                -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                • -
                                                                                                              - -
                                                                                                              - -
                                                                                                              - -

                                                                                                              NVD Description

                                                                                                              -

                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                              -

                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                              -

                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                              -

                                                                                                              The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

                                                                                                              -

                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

                                                                                                              -

                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                              -

                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

                                                                                                              -

                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue.

                                                                                                              -

                                                                                                              The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                              -

                                                                                                              Remediation

                                                                                                              -

                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

                                                                                                              -

                                                                                                              References

                                                                                                              - - -
                                                                                                              - -
                                                                                                              -

                                                                                                              More about this vulnerability

                                                                                                              -
                                                                                                              - -
                                                                                                              -
                                                                                                              -
                                                                                                              -
                                                                                                              - - - diff --git a/docs/snyk/v2.6.14/argocd-iac-install.html b/docs/snyk/v2.6.6/argocd-iac-install.html similarity index 89% rename from docs/snyk/v2.6.14/argocd-iac-install.html rename to docs/snyk/v2.6.6/argocd-iac-install.html index 6279b54663276..5d629cf8a1d8a 100644 --- a/docs/snyk/v2.6.14/argocd-iac-install.html +++ b/docs/snyk/v2.6.6/argocd-iac-install.html @@ -456,7 +456,7 @@

                                                                                                              Snyk test report

                                                                                                              -

                                                                                                              August 13th 2023, 12:24:11 am (UTC+00:00)

                                                                                                              +

                                                                                                              March 19th 2023, 12:21:11 am

                                                                                                              Scanned the following path: @@ -494,7 +494,7 @@

                                                                                                              Role with dangerous permissions

                                                                                                              -

                                                                                                              More about this issue

                                                                                                              +

                                                                                                              More about this issue

                                                                                                              @@ -540,7 +540,7 @@

                                                                                                              Role with dangerous permissions

                                                                                                              • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
                                                                                                              • Introduced through: @@ -570,7 +570,7 @@

                                                                                                                Remediation

                                                                                                                -

                                                                                                                More about this issue

                                                                                                                +

                                                                                                                More about this issue

                                                                                                                @@ -586,7 +586,7 @@

                                                                                                                Role with dangerous permissions

                                                                                                                • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
                                                                                                                • Introduced through: @@ -616,7 +616,7 @@

                                                                                                                  Remediation

                                                                                                                  -

                                                                                                                  More about this issue

                                                                                                                  +

                                                                                                                  More about this issue

                                                                                                                  @@ -632,7 +632,7 @@

                                                                                                                  Role with dangerous permissions

                                                                                                                  • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
                                                                                                                  • Introduced through: @@ -662,7 +662,7 @@

                                                                                                                    Remediation

                                                                                                                    -

                                                                                                                    More about this issue

                                                                                                                    +

                                                                                                                    More about this issue

                                                                                                                    @@ -678,7 +678,7 @@

                                                                                                                    Role with dangerous permissions

                                                                                                                    • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
                                                                                                                    • Introduced through: @@ -708,7 +708,7 @@

                                                                                                                      Remediation

                                                                                                                      -

                                                                                                                      More about this issue

                                                                                                                      +

                                                                                                                      More about this issue

                                                                                                                      @@ -724,7 +724,7 @@

                                                                                                                      Role with dangerous permissions

                                                                                                                      • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
                                                                                                                      • Introduced through: @@ -754,7 +754,7 @@

                                                                                                                        Remediation

                                                                                                                        -

                                                                                                                        More about this issue

                                                                                                                        +

                                                                                                                        More about this issue

                                                                                                                        @@ -770,7 +770,7 @@

                                                                                                                        Container could be running with outdated image

                                                                                                                        • - Public ID: SNYK-CC-K8S-42 + Public ID: SNYK-CC-K8S-42
                                                                                                                        • Introduced through: @@ -806,7 +806,7 @@

                                                                                                                          Remediation

                                                                                                                          -

                                                                                                                          More about this issue

                                                                                                                          +

                                                                                                                          More about this issue

                                                                                                                          @@ -822,7 +822,7 @@

                                                                                                                          Container has no CPU limit

                                                                                                                          • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                          • Introduced through: @@ -864,7 +864,7 @@

                                                                                                                            Remediation

                                                                                                                            -

                                                                                                                            More about this issue

                                                                                                                            +

                                                                                                                            More about this issue

                                                                                                                            @@ -880,7 +880,7 @@

                                                                                                                            Container has no CPU limit

                                                                                                                            • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                            • Introduced through: @@ -922,7 +922,7 @@

                                                                                                                              Remediation

                                                                                                                              -

                                                                                                                              More about this issue

                                                                                                                              +

                                                                                                                              More about this issue

                                                                                                                              @@ -938,7 +938,7 @@

                                                                                                                              Container has no CPU limit

                                                                                                                              • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                              • Introduced through: @@ -980,7 +980,7 @@

                                                                                                                                Remediation

                                                                                                                                -

                                                                                                                                More about this issue

                                                                                                                                +

                                                                                                                                More about this issue

                                                                                                                                @@ -996,7 +996,7 @@

                                                                                                                                Container has no CPU limit

                                                                                                                                • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                • Introduced through: @@ -1038,7 +1038,7 @@

                                                                                                                                  Remediation

                                                                                                                                  -

                                                                                                                                  More about this issue

                                                                                                                                  +

                                                                                                                                  More about this issue

                                                                                                                                  @@ -1054,7 +1054,7 @@

                                                                                                                                  Container has no CPU limit

                                                                                                                                  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                  • Introduced through: @@ -1096,7 +1096,7 @@

                                                                                                                                    Remediation

                                                                                                                                    -

                                                                                                                                    More about this issue

                                                                                                                                    +

                                                                                                                                    More about this issue

                                                                                                                                    @@ -1112,7 +1112,7 @@

                                                                                                                                    Container has no CPU limit

                                                                                                                                    • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                    • Introduced through: @@ -1154,7 +1154,7 @@

                                                                                                                                      Remediation

                                                                                                                                      -

                                                                                                                                      More about this issue

                                                                                                                                      +

                                                                                                                                      More about this issue

                                                                                                                                      @@ -1170,7 +1170,7 @@

                                                                                                                                      Container has no CPU limit

                                                                                                                                      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                      • Introduced through: @@ -1212,7 +1212,7 @@

                                                                                                                                        Remediation

                                                                                                                                        -

                                                                                                                                        More about this issue

                                                                                                                                        +

                                                                                                                                        More about this issue

                                                                                                                                        @@ -1228,7 +1228,7 @@

                                                                                                                                        Container has no CPU limit

                                                                                                                                        • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                        • Introduced through: @@ -1270,7 +1270,7 @@

                                                                                                                                          Remediation

                                                                                                                                          -

                                                                                                                                          More about this issue

                                                                                                                                          +

                                                                                                                                          More about this issue

                                                                                                                                          @@ -1286,7 +1286,7 @@

                                                                                                                                          Container has no CPU limit

                                                                                                                                          • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                          • Introduced through: @@ -1328,7 +1328,7 @@

                                                                                                                                            Remediation

                                                                                                                                            -

                                                                                                                                            More about this issue

                                                                                                                                            +

                                                                                                                                            More about this issue

                                                                                                                                            @@ -1344,7 +1344,7 @@

                                                                                                                                            Container is running with multiple open ports

                                                                                                                                            • - Public ID: SNYK-CC-K8S-36 + Public ID: SNYK-CC-K8S-36
                                                                                                                                            • Introduced through: @@ -1380,7 +1380,63 @@

                                                                                                                                              Remediation

                                                                                                                                              -

                                                                                                                                              More about this issue

                                                                                                                                              +

                                                                                                                                              More about this issue

                                                                                                                                              +
                                                                                                                                              + + +
                                                                                                                                              +

                                                                                                                                              Container is running with writable root filesystem

                                                                                                                                              +
                                                                                                                                              + +
                                                                                                                                              + low severity +
                                                                                                                                              + +
                                                                                                                                              + +
                                                                                                                                                +
                                                                                                                                              • + Public ID: SNYK-CC-K8S-8 +
                                                                                                                                                • + +
                                                                                                                                              • Introduced through: + [DocId: 45] + + input + + spec + + template + + spec + + containers[redis] + + securityContext + + readOnlyRootFilesystem + +
                                                                                                                                                • + +
                                                                                                                                              • + Line number: 16125 +
                                                                                                                                                • +
                                                                                                                                              + +
                                                                                                                                              + +

                                                                                                                                              Impact

                                                                                                                                              +

                                                                                                                                              Compromised process could abuse writable root filesystem to elevate privileges

                                                                                                                                              + +

                                                                                                                                              Remediation

                                                                                                                                              +

                                                                                                                                              Set `securityContext.readOnlyRootFilesystem` to `true`

                                                                                                                                              + + +
                                                                                                                                              +
                                                                                                                                              + +
                                                                                                                                              +

                                                                                                                                              More about this issue

                                                                                                                                              @@ -1396,7 +1452,7 @@

                                                                                                                                              Container is running without liveness probe

                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                              • Introduced through: @@ -1432,7 +1488,7 @@

                                                                                                                                                Remediation

                                                                                                                                                -

                                                                                                                                                More about this issue

                                                                                                                                                +

                                                                                                                                                More about this issue

                                                                                                                                                @@ -1448,7 +1504,7 @@

                                                                                                                                                Container is running without liveness probe

                                                                                                                                                • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                • Introduced through: @@ -1484,7 +1540,7 @@

                                                                                                                                                  Remediation

                                                                                                                                                  -

                                                                                                                                                  More about this issue

                                                                                                                                                  +

                                                                                                                                                  More about this issue

                                                                                                                                                  @@ -1500,7 +1556,7 @@

                                                                                                                                                  Container is running without liveness probe

                                                                                                                                                  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                  • Introduced through: @@ -1536,7 +1592,7 @@

                                                                                                                                                    Remediation

                                                                                                                                                    -

                                                                                                                                                    More about this issue

                                                                                                                                                    +

                                                                                                                                                    More about this issue

                                                                                                                                                    @@ -1552,7 +1608,7 @@

                                                                                                                                                    Container is running without liveness probe

                                                                                                                                                    • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                    • Introduced through: @@ -1588,7 +1644,7 @@

                                                                                                                                                      Remediation

                                                                                                                                                      -

                                                                                                                                                      More about this issue

                                                                                                                                                      +

                                                                                                                                                      More about this issue

                                                                                                                                                      @@ -1604,7 +1660,7 @@

                                                                                                                                                      Container is running without liveness probe

                                                                                                                                                      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                      • Introduced through: @@ -1640,7 +1696,7 @@

                                                                                                                                                        Remediation

                                                                                                                                                        -

                                                                                                                                                        More about this issue

                                                                                                                                                        +

                                                                                                                                                        More about this issue

                                                                                                                                                        @@ -1656,7 +1712,7 @@

                                                                                                                                                        Container is running without memory limit

                                                                                                                                                        • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                        • Introduced through: @@ -1698,7 +1754,7 @@

                                                                                                                                                          Remediation

                                                                                                                                                          -

                                                                                                                                                          More about this issue

                                                                                                                                                          +

                                                                                                                                                          More about this issue

                                                                                                                                                          @@ -1714,7 +1770,7 @@

                                                                                                                                                          Container is running without memory limit

                                                                                                                                                          • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                          • Introduced through: @@ -1756,7 +1812,7 @@

                                                                                                                                                            Remediation

                                                                                                                                                            -

                                                                                                                                                            More about this issue

                                                                                                                                                            +

                                                                                                                                                            More about this issue

                                                                                                                                                            @@ -1772,7 +1828,7 @@

                                                                                                                                                            Container is running without memory limit

                                                                                                                                                            • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                            • Introduced through: @@ -1814,7 +1870,7 @@

                                                                                                                                                              Remediation

                                                                                                                                                              -

                                                                                                                                                              More about this issue

                                                                                                                                                              +

                                                                                                                                                              More about this issue

                                                                                                                                                              @@ -1830,7 +1886,7 @@

                                                                                                                                                              Container is running without memory limit

                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                              • Introduced through: @@ -1872,7 +1928,7 @@

                                                                                                                                                                Remediation

                                                                                                                                                                -

                                                                                                                                                                More about this issue

                                                                                                                                                                +

                                                                                                                                                                More about this issue

                                                                                                                                                                @@ -1888,7 +1944,7 @@

                                                                                                                                                                Container is running without memory limit

                                                                                                                                                                • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                • Introduced through: @@ -1930,7 +1986,7 @@

                                                                                                                                                                  Remediation

                                                                                                                                                                  -

                                                                                                                                                                  More about this issue

                                                                                                                                                                  +

                                                                                                                                                                  More about this issue

                                                                                                                                                                  @@ -1946,7 +2002,7 @@

                                                                                                                                                                  Container is running without memory limit

                                                                                                                                                                  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                  • Introduced through: @@ -1988,7 +2044,7 @@

                                                                                                                                                                    Remediation

                                                                                                                                                                    -

                                                                                                                                                                    More about this issue

                                                                                                                                                                    +

                                                                                                                                                                    More about this issue

                                                                                                                                                                    @@ -2004,7 +2060,7 @@

                                                                                                                                                                    Container is running without memory limit

                                                                                                                                                                    • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                    • Introduced through: @@ -2046,7 +2102,7 @@

                                                                                                                                                                      Remediation

                                                                                                                                                                      -

                                                                                                                                                                      More about this issue

                                                                                                                                                                      +

                                                                                                                                                                      More about this issue

                                                                                                                                                                      @@ -2062,7 +2118,7 @@

                                                                                                                                                                      Container is running without memory limit

                                                                                                                                                                      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                      • Introduced through: @@ -2104,7 +2160,7 @@

                                                                                                                                                                        Remediation

                                                                                                                                                                        -

                                                                                                                                                                        More about this issue

                                                                                                                                                                        +

                                                                                                                                                                        More about this issue

                                                                                                                                                                        @@ -2120,7 +2176,7 @@

                                                                                                                                                                        Container is running without memory limit

                                                                                                                                                                        • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                        • Introduced through: @@ -2162,68 +2218,12 @@

                                                                                                                                                                          Remediation

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -
                                                                                                                                                                          - - -
                                                                                                                                                                          -

                                                                                                                                                                          Container or Pod is running with writable root filesystem

                                                                                                                                                                          -
                                                                                                                                                                          - -
                                                                                                                                                                          - low severity -
                                                                                                                                                                          - -
                                                                                                                                                                          - -
                                                                                                                                                                            -
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-8 -
                                                                                                                                                                            • - -
                                                                                                                                                                          • Introduced through: - [DocId: 45] - - input - - spec - - template - - spec - - containers[redis] - - securityContext - - readOnlyRootFilesystem - -
                                                                                                                                                                            • - -
                                                                                                                                                                          • - Line number: 16125 -
                                                                                                                                                                            • -
                                                                                                                                                                          - -
                                                                                                                                                                          - -

                                                                                                                                                                          Impact

                                                                                                                                                                          -

                                                                                                                                                                          Compromised process could abuse writable root filesystem to elevate privileges

                                                                                                                                                                          - -

                                                                                                                                                                          Remediation

                                                                                                                                                                          -

                                                                                                                                                                          Set `securityContext.readOnlyRootFilesystem` to `true`

                                                                                                                                                                          - - -
                                                                                                                                                                          -
                                                                                                                                                                          - -
                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2234,7 +2234,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2267,19 +2267,19 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2290,7 +2290,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2323,19 +2323,19 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2346,7 +2346,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2379,19 +2379,19 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2402,7 +2402,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2435,19 +2435,19 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2458,7 +2458,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2491,19 +2491,19 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2514,7 +2514,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2547,19 +2547,19 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2570,7 +2570,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2603,19 +2603,19 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2626,7 +2626,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2659,19 +2659,19 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          -

                                                                                                                                                                          Container's or Pod's UID could clash with host's UID

                                                                                                                                                                          +

                                                                                                                                                                          Container's UID could clash with host's UID

                                                                                                                                                                          @@ -2682,7 +2682,7 @@

                                                                                                                                                                          Container's or Pod's UID could clash with hos
                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                          • Introduced through: @@ -2715,14 +2715,14 @@

                                                                                                                                                                            Impact

                                                                                                                                                                            UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                            +

                                                                                                                                                                            Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          diff --git a/docs/snyk/v2.6.14/argocd-iac-namespace-install.html b/docs/snyk/v2.6.6/argocd-iac-namespace-install.html similarity index 89% rename from docs/snyk/v2.6.14/argocd-iac-namespace-install.html rename to docs/snyk/v2.6.6/argocd-iac-namespace-install.html index f242ea2ce943e..053ce17183cab 100644 --- a/docs/snyk/v2.6.14/argocd-iac-namespace-install.html +++ b/docs/snyk/v2.6.6/argocd-iac-namespace-install.html @@ -456,7 +456,7 @@

                                                                                                                                                                          Snyk test report

                                                                                                                                                                          -

                                                                                                                                                                          August 13th 2023, 12:24:31 am (UTC+00:00)

                                                                                                                                                                          +

                                                                                                                                                                          March 19th 2023, 12:21:23 am

                                                                                                                                                                          Scanned the following path: @@ -494,7 +494,7 @@

                                                                                                                                                                          Role with dangerous permissions

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          @@ -540,7 +540,7 @@

                                                                                                                                                                          Role with dangerous permissions

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          @@ -586,7 +586,7 @@

                                                                                                                                                                          Role with dangerous permissions

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          @@ -632,7 +632,7 @@

                                                                                                                                                                          Role with dangerous permissions

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          @@ -678,7 +678,7 @@

                                                                                                                                                                          Role with dangerous permissions

                                                                                                                                                                          -

                                                                                                                                                                          More about this issue

                                                                                                                                                                          +

                                                                                                                                                                          More about this issue

                                                                                                                                                                          @@ -724,7 +724,7 @@

                                                                                                                                                                          Role with dangerous permissions

                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-47 + Public ID: SNYK-CC-K8S-47
                                                                                                                                                                          • Introduced through: @@ -754,7 +754,7 @@

                                                                                                                                                                            Remediation

                                                                                                                                                                            -

                                                                                                                                                                            More about this issue

                                                                                                                                                                            +

                                                                                                                                                                            More about this issue

                                                                                                                                                                            @@ -770,7 +770,7 @@

                                                                                                                                                                            Container could be running with outdated image

                                                                                                                                                                            • - Public ID: SNYK-CC-K8S-42 + Public ID: SNYK-CC-K8S-42
                                                                                                                                                                            • Introduced through: @@ -806,7 +806,7 @@

                                                                                                                                                                              Remediation

                                                                                                                                                                              -

                                                                                                                                                                              More about this issue

                                                                                                                                                                              +

                                                                                                                                                                              More about this issue

                                                                                                                                                                              @@ -822,7 +822,7 @@

                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                              • Introduced through: @@ -864,7 +864,7 @@

                                                                                                                                                                                Remediation

                                                                                                                                                                                -

                                                                                                                                                                                More about this issue

                                                                                                                                                                                +

                                                                                                                                                                                More about this issue

                                                                                                                                                                                @@ -880,7 +880,7 @@

                                                                                                                                                                                Container has no CPU limit

                                                                                                                                                                                • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                                • Introduced through: @@ -922,7 +922,7 @@

                                                                                                                                                                                  Remediation

                                                                                                                                                                                  -

                                                                                                                                                                                  More about this issue

                                                                                                                                                                                  +

                                                                                                                                                                                  More about this issue

                                                                                                                                                                                  @@ -938,7 +938,7 @@

                                                                                                                                                                                  Container has no CPU limit

                                                                                                                                                                                  • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                                  • Introduced through: @@ -980,7 +980,7 @@

                                                                                                                                                                                    Remediation

                                                                                                                                                                                    -

                                                                                                                                                                                    More about this issue

                                                                                                                                                                                    +

                                                                                                                                                                                    More about this issue

                                                                                                                                                                                    @@ -996,7 +996,7 @@

                                                                                                                                                                                    Container has no CPU limit

                                                                                                                                                                                    • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                                    • Introduced through: @@ -1038,7 +1038,7 @@

                                                                                                                                                                                      Remediation

                                                                                                                                                                                      -

                                                                                                                                                                                      More about this issue

                                                                                                                                                                                      +

                                                                                                                                                                                      More about this issue

                                                                                                                                                                                      @@ -1054,7 +1054,7 @@

                                                                                                                                                                                      Container has no CPU limit

                                                                                                                                                                                      • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                                      • Introduced through: @@ -1096,7 +1096,7 @@

                                                                                                                                                                                        Remediation

                                                                                                                                                                                        -

                                                                                                                                                                                        More about this issue

                                                                                                                                                                                        +

                                                                                                                                                                                        More about this issue

                                                                                                                                                                                        @@ -1112,7 +1112,7 @@

                                                                                                                                                                                        Container has no CPU limit

                                                                                                                                                                                        • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                                        • Introduced through: @@ -1154,7 +1154,7 @@

                                                                                                                                                                                          Remediation

                                                                                                                                                                                          -

                                                                                                                                                                                          More about this issue

                                                                                                                                                                                          +

                                                                                                                                                                                          More about this issue

                                                                                                                                                                                          @@ -1170,7 +1170,7 @@

                                                                                                                                                                                          Container has no CPU limit

                                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                                          • Introduced through: @@ -1212,7 +1212,7 @@

                                                                                                                                                                                            Remediation

                                                                                                                                                                                            -

                                                                                                                                                                                            More about this issue

                                                                                                                                                                                            +

                                                                                                                                                                                            More about this issue

                                                                                                                                                                                            @@ -1228,7 +1228,7 @@

                                                                                                                                                                                            Container has no CPU limit

                                                                                                                                                                                            • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                                            • Introduced through: @@ -1270,7 +1270,7 @@

                                                                                                                                                                                              Remediation

                                                                                                                                                                                              -

                                                                                                                                                                                              More about this issue

                                                                                                                                                                                              +

                                                                                                                                                                                              More about this issue

                                                                                                                                                                                              @@ -1286,7 +1286,7 @@

                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 + Public ID: SNYK-CC-K8S-5
                                                                                                                                                                                              • Introduced through: @@ -1328,7 +1328,7 @@

                                                                                                                                                                                                Remediation

                                                                                                                                                                                                -

                                                                                                                                                                                                More about this issue

                                                                                                                                                                                                +

                                                                                                                                                                                                More about this issue

                                                                                                                                                                                                @@ -1344,7 +1344,7 @@

                                                                                                                                                                                                Container is running with multiple open ports

                                                                                                                                                                                                • - Public ID: SNYK-CC-K8S-36 + Public ID: SNYK-CC-K8S-36
                                                                                                                                                                                                • Introduced through: @@ -1380,7 +1380,63 @@

                                                                                                                                                                                                  Remediation

                                                                                                                                                                                                  -

                                                                                                                                                                                                  More about this issue

                                                                                                                                                                                                  +

                                                                                                                                                                                                  More about this issue

                                                                                                                                                                                                  +
                                                                                                                                                                                                  + + +
                                                                                                                                                                                                  +

                                                                                                                                                                                                  Container is running with writable root filesystem

                                                                                                                                                                                                  +
                                                                                                                                                                                                  + +
                                                                                                                                                                                                  + low severity +
                                                                                                                                                                                                  + +
                                                                                                                                                                                                  + +
                                                                                                                                                                                                    +
                                                                                                                                                                                                  • + Public ID: SNYK-CC-K8S-8 +
                                                                                                                                                                                                    • + +
                                                                                                                                                                                                  • Introduced through: + [DocId: 38] + + input + + spec + + template + + spec + + containers[redis] + + securityContext + + readOnlyRootFilesystem + +
                                                                                                                                                                                                    • + +
                                                                                                                                                                                                  • + Line number: 929 +
                                                                                                                                                                                                    • +
                                                                                                                                                                                                  + +
                                                                                                                                                                                                  + +

                                                                                                                                                                                                  Impact

                                                                                                                                                                                                  +

                                                                                                                                                                                                  Compromised process could abuse writable root filesystem to elevate privileges

                                                                                                                                                                                                  + +

                                                                                                                                                                                                  Remediation

                                                                                                                                                                                                  +

                                                                                                                                                                                                  Set `securityContext.readOnlyRootFilesystem` to `true`

                                                                                                                                                                                                  + + +
                                                                                                                                                                                                  +
                                                                                                                                                                                                  + +
                                                                                                                                                                                                  +

                                                                                                                                                                                                  More about this issue

                                                                                                                                                                                                  @@ -1396,7 +1452,7 @@

                                                                                                                                                                                                  Container is running without liveness probe

                                                                                                                                                                                                  • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                                                                  • Introduced through: @@ -1432,7 +1488,7 @@

                                                                                                                                                                                                    Remediation

                                                                                                                                                                                                    -

                                                                                                                                                                                                    More about this issue

                                                                                                                                                                                                    +

                                                                                                                                                                                                    More about this issue

                                                                                                                                                                                                    @@ -1448,7 +1504,7 @@

                                                                                                                                                                                                    Container is running without liveness probe

                                                                                                                                                                                                    • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                                                                    • Introduced through: @@ -1484,7 +1540,7 @@

                                                                                                                                                                                                      Remediation

                                                                                                                                                                                                      -

                                                                                                                                                                                                      More about this issue

                                                                                                                                                                                                      +

                                                                                                                                                                                                      More about this issue

                                                                                                                                                                                                      @@ -1500,7 +1556,7 @@

                                                                                                                                                                                                      Container is running without liveness probe

                                                                                                                                                                                                      • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                                                                      • Introduced through: @@ -1536,7 +1592,7 @@

                                                                                                                                                                                                        Remediation

                                                                                                                                                                                                        -

                                                                                                                                                                                                        More about this issue

                                                                                                                                                                                                        +

                                                                                                                                                                                                        More about this issue

                                                                                                                                                                                                        @@ -1552,7 +1608,7 @@

                                                                                                                                                                                                        Container is running without liveness probe

                                                                                                                                                                                                        • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                                                                        • Introduced through: @@ -1588,7 +1644,7 @@

                                                                                                                                                                                                          Remediation

                                                                                                                                                                                                          -

                                                                                                                                                                                                          More about this issue

                                                                                                                                                                                                          +

                                                                                                                                                                                                          More about this issue

                                                                                                                                                                                                          @@ -1604,7 +1660,7 @@

                                                                                                                                                                                                          Container is running without liveness probe

                                                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-41 + Public ID: SNYK-CC-K8S-41
                                                                                                                                                                                                          • Introduced through: @@ -1640,7 +1696,7 @@

                                                                                                                                                                                                            Remediation

                                                                                                                                                                                                            -

                                                                                                                                                                                                            More about this issue

                                                                                                                                                                                                            +

                                                                                                                                                                                                            More about this issue

                                                                                                                                                                                                            @@ -1656,7 +1712,7 @@

                                                                                                                                                                                                            Container is running without memory limit

                                                                                                                                                                                                            • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                            • Introduced through: @@ -1698,7 +1754,7 @@

                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                              -

                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                              +

                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                              @@ -1714,7 +1770,7 @@

                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                              • Introduced through: @@ -1756,7 +1812,7 @@

                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                -

                                                                                                                                                                                                                More about this issue

                                                                                                                                                                                                                +

                                                                                                                                                                                                                More about this issue

                                                                                                                                                                                                                @@ -1772,7 +1828,7 @@

                                                                                                                                                                                                                Container is running without memory limit

                                                                                                                                                                                                                • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                                • Introduced through: @@ -1814,7 +1870,7 @@

                                                                                                                                                                                                                  Remediation

                                                                                                                                                                                                                  -

                                                                                                                                                                                                                  More about this issue

                                                                                                                                                                                                                  +

                                                                                                                                                                                                                  More about this issue

                                                                                                                                                                                                                  @@ -1830,7 +1886,7 @@

                                                                                                                                                                                                                  Container is running without memory limit

                                                                                                                                                                                                                  • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                                  • Introduced through: @@ -1872,7 +1928,7 @@

                                                                                                                                                                                                                    Remediation

                                                                                                                                                                                                                    -

                                                                                                                                                                                                                    More about this issue

                                                                                                                                                                                                                    +

                                                                                                                                                                                                                    More about this issue

                                                                                                                                                                                                                    @@ -1888,7 +1944,7 @@

                                                                                                                                                                                                                    Container is running without memory limit

                                                                                                                                                                                                                    • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                                    • Introduced through: @@ -1930,7 +1986,7 @@

                                                                                                                                                                                                                      Remediation

                                                                                                                                                                                                                      -

                                                                                                                                                                                                                      More about this issue

                                                                                                                                                                                                                      +

                                                                                                                                                                                                                      More about this issue

                                                                                                                                                                                                                      @@ -1946,7 +2002,7 @@

                                                                                                                                                                                                                      Container is running without memory limit

                                                                                                                                                                                                                      • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                                      • Introduced through: @@ -1988,7 +2044,7 @@

                                                                                                                                                                                                                        Remediation

                                                                                                                                                                                                                        -

                                                                                                                                                                                                                        More about this issue

                                                                                                                                                                                                                        +

                                                                                                                                                                                                                        More about this issue

                                                                                                                                                                                                                        @@ -2004,7 +2060,7 @@

                                                                                                                                                                                                                        Container is running without memory limit

                                                                                                                                                                                                                        • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                                        • Introduced through: @@ -2046,7 +2102,7 @@

                                                                                                                                                                                                                          Remediation

                                                                                                                                                                                                                          -

                                                                                                                                                                                                                          More about this issue

                                                                                                                                                                                                                          +

                                                                                                                                                                                                                          More about this issue

                                                                                                                                                                                                                          @@ -2062,7 +2118,7 @@

                                                                                                                                                                                                                          Container is running without memory limit

                                                                                                                                                                                                                          • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                                          • Introduced through: @@ -2104,7 +2160,7 @@

                                                                                                                                                                                                                            Remediation

                                                                                                                                                                                                                            -

                                                                                                                                                                                                                            More about this issue

                                                                                                                                                                                                                            +

                                                                                                                                                                                                                            More about this issue

                                                                                                                                                                                                                            @@ -2120,7 +2176,7 @@

                                                                                                                                                                                                                            Container is running without memory limit

                                                                                                                                                                                                                            • - Public ID: SNYK-CC-K8S-4 + Public ID: SNYK-CC-K8S-4
                                                                                                                                                                                                                            • Introduced through: @@ -2162,68 +2218,12 @@

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container or Pod is running with writable root filesystem

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-8 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - input - - spec - - template - - spec - - containers[redis] - - securityContext - - readOnlyRootFilesystem - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 929 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Compromised process could abuse writable root filesystem to elevate privileges

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.readOnlyRootFilesystem` to `true`

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2234,7 +2234,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2267,19 +2267,19 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2290,7 +2290,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2323,19 +2323,19 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2346,7 +2346,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2379,19 +2379,19 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2402,7 +2402,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2435,19 +2435,19 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2458,7 +2458,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2491,19 +2491,19 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2514,7 +2514,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2547,19 +2547,19 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2570,7 +2570,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2603,19 +2603,19 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2626,7 +2626,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2659,19 +2659,19 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Container's UID could clash with host's UID

                                                                                                                                                                                                                              @@ -2682,7 +2682,7 @@

                                                                                                                                                                                                                              Container's or Pod's UID could clash with hos
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 + Public ID: SNYK-CC-K8S-11
                                                                                                                                                                                                                              • Introduced through: @@ -2715,14 +2715,14 @@

                                                                                                                                                                                                                                Impact

                                                                                                                                                                                                                                UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Set `securityContext.runAsUser` value to greater or equal than 10000

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              diff --git a/docs/snyk/v2.6.6/argocd-test.html b/docs/snyk/v2.6.6/argocd-test.html new file mode 100644 index 0000000000000..67dc9ea78a3f0 --- /dev/null +++ b/docs/snyk/v2.6.6/argocd-test.html @@ -0,0 +1,483 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + + + Snyk - Open Source Security + + + + + + + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              March 19th 2023, 12:18:56 am

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + Scanned the following paths: +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • /argo-cd/argoproj/argo-cd/v2 (gomodules)
                                                                                                                                                                                                                              • /argo-cd (yarn)
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              0 known vulnerabilities
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              0 vulnerable dependency paths
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              1730 dependencies
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + No known vulnerabilities detected. +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + + + diff --git a/docs/snyk/v2.6.6/ghcr.io_dexidp_dex_v2.35.3.html b/docs/snyk/v2.6.6/ghcr.io_dexidp_dex_v2.35.3.html new file mode 100644 index 0000000000000..3d17f39a77af5 --- /dev/null +++ b/docs/snyk/v2.6.6/ghcr.io_dexidp_dex_v2.35.3.html @@ -0,0 +1,1420 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + + + Snyk - Open Source Security + + + + + + + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              March 19th 2023, 12:19:04 am

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + Scanned the following paths: +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (apk)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.35.3/hairyhenderson/gomplate/v3 (gomodules)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (gomodules)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.35.3/dexidp/dex (gomodules)
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              9 known vulnerabilities
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              37 vulnerable dependency paths
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              756 dependencies
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Double Free

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + high severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: alpine:3.16 +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + openssl/libcrypto1.1 +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Access of Resource Using Incompatible Type ('Type Confusion')

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + high severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: alpine:3.16 +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + openssl/libcrypto1.1 +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Use After Free

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + high severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: alpine:3.16 +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + openssl/libcrypto1.1 +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Denial of Service (DoS)

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + high severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: golang +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + golang.org/x/net/http2/hpack +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2/hpack@v0.0.0-20220909164309-bea034e7d591 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2/hpack@v0.0.0-20220909164309-bea034e7d591 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2/hpack@v0.0.0-20220927171203-f486391704dc + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Details

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Two common types of DoS vulnerabilities:

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                              • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                • +

                                                                                                                                                                                                                              • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade golang.org/x/net/http2/hpack to version 0.7.0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Denial of Service (DoS)

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + high severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: golang +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + golang.org/x/net/http2 +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2@v0.0.0-20220927171203-f486391704dc + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Details

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Two common types of DoS vulnerabilities:

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                              • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                • +

                                                                                                                                                                                                                              • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade golang.org/x/net/http2 to version 0.7.0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              CVE-2022-4304

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + medium severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: alpine:3.16 +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + openssl/libcrypto1.1 +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + docker-image|ghcr.io/dexidp/dex@v2.35.3 and openssl/libcrypto1.1@1.1.1q-r0 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libcrypto1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + apk-tools/apk-tools@2.12.9-r3 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|ghcr.io/dexidp/dex@v2.35.3 + + busybox/ssl_client@1.35.0-r17 + + openssl/libssl1.1@1.1.1q-r0 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.16. + See How to fix? for Alpine:3.16 relevant fixed versions and status.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade Alpine:3.16 openssl to version 1.1.1t-r0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Improper Input Validation

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + medium severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: golang +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + golang.org/x/text/language +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/text/language@v0.3.7 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/text/language@v0.3.7 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Affected versions of this package are vulnerable to Improper Input Validation due to the parser being, by design, exposed to untrusted user input, which can be leveraged to force a program to consume significant time parsing Accept-Language headers.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade golang.org/x/text/language to version 0.3.8 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Incorrect Privilege Assignment

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + medium severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: golang +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + golang.org/x/sys/unix +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/sys/unix@v0.0.0-20220728004956-3c1f35247d10 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Affected versions of this package are vulnerable to Incorrect Privilege Assignment such that when called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade golang.org/x/sys/unix to version 0.1.0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Denial of Service (DoS)

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + medium severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: golang +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + golang.org/x/net/http2 +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + github.com/hairyhenderson/gomplate/v3@* and golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + github.com/hairyhenderson/gomplate/v3@* + + golang.org/x/net/http2@v0.0.0-20220909164309-bea034e7d591 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + github.com/dexidp/dex@* + + golang.org/x/net/http2@v0.0.0-20220927171203-f486391704dc + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Details

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Two common types of DoS vulnerabilities:

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                              • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                • +

                                                                                                                                                                                                                              • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade golang.org/x/net/http2 to version 0.4.0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + + + diff --git a/docs/snyk/v2.7.11/haproxy_2.6.14-alpine.html b/docs/snyk/v2.6.6/haproxy_2.6.9-alpine.html similarity index 98% rename from docs/snyk/v2.7.11/haproxy_2.6.14-alpine.html rename to docs/snyk/v2.6.6/haproxy_2.6.9-alpine.html index 48873a3503971..e1905d6652df1 100644 --- a/docs/snyk/v2.7.11/haproxy_2.6.14-alpine.html +++ b/docs/snyk/v2.6.6/haproxy_2.6.9-alpine.html @@ -456,12 +456,12 @@

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              August 13th 2023, 12:19:45 am (UTC+00:00)

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              March 19th 2023, 12:19:09 am

                                                                                                                                                                                                                              Scanned the following path:
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • haproxy:2.6.14-alpine (apk)
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • haproxy:2.6.9-alpine (apk)
                                                                                                                                                                                                                              @@ -477,7 +477,7 @@

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - + diff --git a/docs/snyk/v2.7.11/quay.io_argoproj_argocd_v2.7.11.html b/docs/snyk/v2.6.6/quay.io_argoproj_argocd_v2.6.6.html similarity index 79% rename from docs/snyk/v2.7.11/quay.io_argoproj_argocd_v2.7.11.html rename to docs/snyk/v2.6.6/quay.io_argoproj_argocd_v2.6.6.html index f155da7317d4c..aae73fcb0dc6f 100644 --- a/docs/snyk/v2.7.11/quay.io_argoproj_argocd_v2.7.11.html +++ b/docs/snyk/v2.6.6/quay.io_argoproj_argocd_v2.6.6.html @@ -7,7 +7,7 @@ Snyk test report - + @@ -456,19 +456,19 @@

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              August 13th 2023, 12:20:07 am (UTC+00:00)

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              March 19th 2023, 12:19:35 am

                                                                                                                                                                                                                              Scanned the following paths:
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.7.11/argoproj/argocd (deb)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.7.11/argoproj/argo-cd/v2 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.7.11/kustomize/kustomize/v5 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.7.11/helm/v3 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.7.11/git-lfs/git-lfs (gomodules)
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.6.6/argoproj/argocd (deb)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.6.6/argoproj/argo-cd/v2 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.6.6/kustomize/kustomize/v4 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.6.6/helm/v3 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.6.6/git-lfs/git-lfs (gomodules)
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              19 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              86 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              2066 dependencies
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              22 known vulnerabilities
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              91 vulnerable dependency paths
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              2063 dependencies
                                                                                                                                                                                                                              @@ -493,12 +493,12 @@

                                                                                                                                                                                                                              Denial of Service (DoS)

                                                                                                                                                                                                                            • Vulnerable module: - golang.org/x/net/http2/hpack + gopkg.in/yaml.v3
                                                                                                                                                                                                                            • Introduced through: - helm.sh/helm/v3@* and golang.org/x/net/http2/hpack@v0.5.0 + sigs.k8s.io/kustomize/kustomize/v4@* and gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b
                                                                                                                                                                                                                              • @@ -511,9 +511,9 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - helm.sh/helm/v3@* + sigs.k8s.io/kustomize/kustomize/v4@* - golang.org/x/net/http2/hpack@v0.5.0 + gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b @@ -525,7 +525,20 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                Overview

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                gopkg.in/yaml.v3 is a YAML support package for the Go language. + Affected versions of this package are vulnerable to Denial of Service (DoS) via the Unmarshal function, which causes the program to crash when attempting to deserialize invalid input.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                PoC

                                                                                                                                                                                                                                + 
                                                                                                                                                                                                                                package main
+        
+        import (
+            "gopkg.in/yaml.v3"
+        )
+        
+        func main() {
+            var t interface{}
+            yaml.Unmarshal([]byte("0: [:!00 \xef"), &t)
+        }
+

                                                                                                                                                                                                                                Details

                                                                                                                                                                                                                                Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                                Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                                                                                                                                                @@ -539,19 +552,95 @@

                                                                                                                                                                                                                                Details

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade golang.org/x/net/http2/hpack to version 0.7.0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade gopkg.in/yaml.v3 to version 3.0.0 or higher.

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              NULL Pointer Dereference

                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + high severity +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Package Manager: golang +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Vulnerable module: + + gopkg.in/yaml.v3 +
                                                                                                                                                                                                                                • + +
                                                                                                                                                                                                                              • Introduced through: + + sigs.k8s.io/kustomize/kustomize/v4@* and gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + + +

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + sigs.k8s.io/kustomize/kustomize/v4@* + + gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + +

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              gopkg.in/yaml.v3 is a YAML support package for the Go language. + Affected versions of this package are vulnerable to NULL Pointer Dereference when parsing #\n-\n-\n0 via the parserc.go parser.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              PoC

                                                                                                                                                                                                                              + 
                                                                                                                                                                                                                              package main
+        
+        import (
+            "gopkg.in/yaml.v3"
+        )
+        
+        func main() {
+            var t interface{}
+            yaml.Unmarshal([]byte("#\n-\n-\n0"), &t)
+        }
+
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade gopkg.in/yaml.v3 to version 3.0.1 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              + + +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              @@ -572,12 +661,12 @@

                                                                                                                                                                                                                              Denial of Service (DoS)

                                                                                                                                                                                                                            • Vulnerable module: - golang.org/x/net/http2 + golang.org/x/net/http2/hpack
                                                                                                                                                                                                                            • Introduced through: - helm.sh/helm/v3@* and golang.org/x/net/http2@v0.5.0 + sigs.k8s.io/kustomize/kustomize/v4@* and golang.org/x/net/http2/hpack@v0.0.0-20220127200216-cd36cc0744dd
                                                                                                                                                                                                                              • @@ -588,11 +677,20 @@

                                                                                                                                                                                                                              Denial of Service (DoS)

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              • + Introduced through: + sigs.k8s.io/kustomize/kustomize/v4@* + + golang.org/x/net/http2/hpack@v0.0.0-20220127200216-cd36cc0744dd + + + +
                                                                                                                                                                                                                              • Introduced through: helm.sh/helm/v3@* - golang.org/x/net/http2@v0.5.0 + golang.org/x/net/http2/hpack@v0.0.0-20220722155237-a158d28d115b @@ -604,7 +702,6 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                Overview

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go.

                                                                                                                                                                                                                                Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

                                                                                                                                                                                                                                Details

                                                                                                                                                                                                                                Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                                @@ -619,7 +716,7 @@

                                                                                                                                                                                                                                Details

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade golang.org/x/net/http2 to version 0.7.0 or higher.

                                                                                                                                                                                                                              +

                                                                                                                                                                                                                              Upgrade golang.org/x/net/http2/hpack to version 0.7.0 or higher.

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              • GitHub Commit
                                                                                                                                                                                                                                • @@ -631,33 +728,33 @@

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Out-of-bounds Write

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Denial of Service

                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                - medium severity +
                                                                                                                                                                                                                                + high severity
                                                                                                                                                                                                                                • - Package Manager: ubuntu:22.04 + Package Manager: golang
                                                                                                                                                                                                                                • Vulnerable module: - procps/libprocps8 + golang.org/x/net/http2
                                                                                                                                                                                                                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and procps/libprocps8@2:3.3.17-6ubuntu2 + helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b
                                                                                                                                                                                                                                @@ -670,29 +767,75 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + helm.sh/helm/v3@* - procps/libprocps8@2:3.3.17-6ubuntu2 + golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b
                                                                                                                                                                                                                                  • -
                                                                                                                                                                                                                                • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - procps@2:3.3.17-6ubuntu2 - - procps/libprocps8@2:3.3.17-6ubuntu2 - - +
                                                                                                                                                                                                                                - +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                + +

                                                                                                                                                                                                                                Overview

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service as an HTTP/2 connection can hang during closing if a shutdown was preempted by a fatal error.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Upgrade golang.org/x/net/http2 to version 0.0.0-20220906165146-f3363e06e74c, 1.18.6, 1.19.1 or higher.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                + + +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Denial of Service (DoS)

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                + high severity +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                  +
                                                                                                                                                                                                                                • + Package Manager: golang +
                                                                                                                                                                                                                                  • +
                                                                                                                                                                                                                                • + Vulnerable module: + + golang.org/x/net/http2 +
                                                                                                                                                                                                                                  • + +
                                                                                                                                                                                                                                • Introduced through: + + helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b + +
                                                                                                                                                                                                                                  • +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                + + +

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + helm.sh/helm/v3@* - procps@2:3.3.17-6ubuntu2 + golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b @@ -703,27 +846,40 @@

                                                                                                                                                                                                                                  Detailed paths

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  NVD Description

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  Note: Versions mentioned in the description apply only to the upstream procps package and not the procps package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Overview

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) such that a maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Details

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Two common types of DoS vulnerabilities:

                                                                                                                                                                                                                                  +
                                                                                                                                                                                                                                    +

                                                                                                                                                                                                                                  • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                                                                                                                                    +
                                                                                                                                                                                                                                    • +

                                                                                                                                                                                                                                  • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                                                                                                                                    +
                                                                                                                                                                                                                                    • +

                                                                                                                                                                                                                                  Remediation

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  There is no fixed version for Ubuntu:22.04 procps.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Upgrade golang.org/x/net/http2 to version 0.7.0 or higher.

                                                                                                                                                                                                                                  References

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  More about this vulnerability

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  More about this vulnerability

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                CVE-2023-36054

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Improper Input Validation

                                                                                                                                                                                                                                @@ -734,17 +890,17 @@

                                                                                                                                                                                                                                CVE-2023-36054

                                                                                                                                                                                                                                • - Package Manager: ubuntu:22.04 + Package Manager: golang
                                                                                                                                                                                                                                • Vulnerable module: - krb5/libk5crypto3 + golang.org/x/text/language
                                                                                                                                                                                                                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and krb5/libk5crypto3@1.19.2-2ubuntu0.2 + sigs.k8s.io/kustomize/kustomize/v4@* and golang.org/x/text/language@v0.3.7
                                                                                                                                                                                                                                @@ -757,161 +913,86 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + sigs.k8s.io/kustomize/kustomize/v4@* - krb5/libk5crypto3@1.19.2-2ubuntu0.2 + golang.org/x/text/language@v0.3.7
                                                                                                                                                                                                                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + helm.sh/helm/v3@* - krb5/libk5crypto3@1.19.2-2ubuntu0.2 + golang.org/x/text/language@v0.3.7
                                                                                                                                                                                                                                  • -
                                                                                                                                                                                                                                • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - +
                                                                                                                                                                                                                                - -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - +
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - +
                                                                                                                                                                                                                                + +

                                                                                                                                                                                                                                Overview

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Affected versions of this package are vulnerable to Improper Input Validation due to the parser being, by design, exposed to untrusted user input, which can be leveraged to force a program to consume significant time parsing Accept-Language headers.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Upgrade golang.org/x/text/language to version 0.3.8 or higher.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                + -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - +
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Incorrect Privilege Assignment

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                - -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - +
                                                                                                                                                                                                                                + medium severity +
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - +
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                                  +
                                                                                                                                                                                                                                • + Package Manager: golang +
                                                                                                                                                                                                                                  • +
                                                                                                                                                                                                                                • + Vulnerable module: + + golang.org/x/sys/unix +
                                                                                                                                                                                                                                  • + +
                                                                                                                                                                                                                                • Introduced through: + + helm.sh/helm/v3@* and golang.org/x/sys/unix@v0.0.0-20220722155257-8c9f86f7a55f + +
                                                                                                                                                                                                                                  • +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                + + +

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - meta-common-packages@meta + Introduced through: + helm.sh/helm/v3@* - krb5/libkrb5support0@1.19.2-2ubuntu0.2 + golang.org/x/sys/unix@v0.0.0-20220722155257-8c9f86f7a55f @@ -922,52 +1003,47 @@

                                                                                                                                                                                                                                  Detailed paths

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  NVD Description

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Overview

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Affected versions of this package are vulnerable to Incorrect Privilege Assignment such that when called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible.

                                                                                                                                                                                                                                  Remediation

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  There is no fixed version for Ubuntu:22.04 krb5.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Upgrade golang.org/x/sys/unix to version 0.1.0 or higher.

                                                                                                                                                                                                                                  References

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  More about this vulnerability

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  More about this vulnerability

                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                CVE-2022-46908

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Denial of Service (DoS)

                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                - low severity +
                                                                                                                                                                                                                                + medium severity
                                                                                                                                                                                                                                • - Package Manager: ubuntu:22.04 + Package Manager: golang
                                                                                                                                                                                                                                • Vulnerable module: - sqlite3/libsqlite3-0 + golang.org/x/net/http2
                                                                                                                                                                                                                                • Introduced through: + helm.sh/helm/v3@* and golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b - docker-image|quay.io/argoproj/argocd@v2.7.11, gnupg2/gpg@2.2.27-3ubuntu2.1 and others
                                                                                                                                                                                                                                @@ -979,11 +1055,9 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - gnupg2/gpg@2.2.27-3ubuntu2.1 + helm.sh/helm/v3@* - sqlite3/libsqlite3-0@3.37.2-2ubuntu0.1 + golang.org/x/net/http2@v0.0.0-20220722155237-a158d28d115b @@ -994,30 +1068,40 @@

                                                                                                                                                                                                                                  Detailed paths

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  NVD Description

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Overview

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  golang.org/x/net/http2 is a work-in-progress HTTP/2 implementation for Go. + Affected versions of this package are vulnerable to Denial of Service (DoS) due to improper checks and limitations for the number of entries in the cache, which can allow an attacker to consume unbounded amounts of memory by sending a small number of very large keys.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Details

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Two common types of DoS vulnerabilities:

                                                                                                                                                                                                                                  +
                                                                                                                                                                                                                                    +

                                                                                                                                                                                                                                  • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                                                                                                                                    +
                                                                                                                                                                                                                                    • +

                                                                                                                                                                                                                                  • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                                                                                                                                    +
                                                                                                                                                                                                                                    • +

                                                                                                                                                                                                                                  Remediation

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  There is no fixed version for Ubuntu:22.04 sqlite3.

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  Upgrade golang.org/x/net/http2 to version 0.4.0 or higher.

                                                                                                                                                                                                                                  References

                                                                                                                                                                                                                                  -

                                                                                                                                                                                                                                  More about this vulnerability

                                                                                                                                                                                                                                  +

                                                                                                                                                                                                                                  More about this vulnerability

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Arbitrary Code Injection

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                CVE-2022-46908

                                                                                                                                                                                                                                @@ -1033,13 +1117,13 @@

                                                                                                                                                                                                                                Arbitrary Code Injection

                                                                                                                                                                                                                              • Vulnerable module: - shadow/passwd + sqlite3/libsqlite3-0
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and shadow/passwd@1:4.8.1-2ubuntu2.1 + docker-image|quay.io/argoproj/argocd@v2.6.6, gnupg2/gpg@2.2.27-3ubuntu2.1 and others
                                                                                                                                                                                                                              @@ -1051,40 +1135,11 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 + docker-image|quay.io/argoproj/argocd@v2.6.6 - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + gnupg2/gpg@2.2.27-3ubuntu2.1 - shadow/login@1:4.8.1-2ubuntu2.1 + sqlite3/libsqlite3-0@3.37.2-2ubuntu0.1 @@ -1096,24 +1151,24 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                NVD Description

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Ubuntu:22.04. +

                                                                                                                                                                                                                                Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                There is no fixed version for Ubuntu:22.04 shadow.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                There is no fixed version for Ubuntu:22.04 sqlite3.

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                @@ -1139,7 +1194,7 @@

                                                                                                                                                                                                                                Uncontrolled Recursion

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 + docker-image|quay.io/argoproj/argocd@v2.6.6 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1
                                                                                                                                                                                                                              @@ -1152,7 +1207,7 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 @@ -1161,7 +1216,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 grep@3.7-1build1 @@ -1190,8 +1245,6 @@

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                              • MLIST
                                                                                                                                                                                                                              • OSS security Advisory
                                                                                                                                                                                                                              • Security Focus
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • cve@mitre.org
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • cve@mitre.org
                                                                                                                                                                                                                              @@ -1223,7 +1276,7 @@

                                                                                                                                                                                                                              Release of Invalid Pointer or Reference

                                                                                                                                                                                                                            • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and patch@2.7.6-7build2 + docker-image|quay.io/argoproj/argocd@v2.6.6 and patch@2.7.6-7build2
                                                                                                                                                                                                                              • @@ -1236,7 +1289,7 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 patch@2.7.6-7build2 @@ -1290,7 +1343,7 @@

                                                                                                                                                                                                                                Double Free

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and patch@2.7.6-7build2 + docker-image|quay.io/argoproj/argocd@v2.6.6 and patch@2.7.6-7build2
                                                                                                                                                                                                                              @@ -1303,7 +1356,7 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 patch@2.7.6-7build2 @@ -1341,7 +1394,7 @@

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Improper Authentication

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Improper Locking

                                                                                                                                                                                                                                @@ -1362,7 +1415,7 @@

                                                                                                                                                                                                                                Improper Authentication

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and openssl/libssl3@3.0.2-0ubuntu1.10 + docker-image|quay.io/argoproj/argocd@v2.6.6 and openssl/libssl3@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              @@ -1375,77 +1428,77 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 libfido2/libfido2-1@1.10.0-1 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - openssh/openssh-client@1:8.9p1-3ubuntu0.3 + openssh/openssh-client@1:8.9p1-3ubuntu0.1 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - ca-certificates@20230311ubuntu0.22.04.1 + ca-certificates@20211016ubuntu0.22.04.1 - openssl@3.0.2-0ubuntu1.10 + openssl@3.0.2-0ubuntu1.8 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.8 - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 + libssh/libssh-4@0.9.6-2build1 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 adduser@3.118ubuntu5 @@ -1457,31 +1510,31 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 - krb5/libkrb5-3@1.19.2-2ubuntu0.2 + krb5/libkrb5-3@1.19.2-2ubuntu0.1 - openssl/libssl3@3.0.2-0ubuntu1.10 + openssl/libssl3@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - openssl@3.0.2-0ubuntu1.10 + openssl@3.0.2-0ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - ca-certificates@20230311ubuntu0.22.04.1 + ca-certificates@20211016ubuntu0.22.04.1 - openssl@3.0.2-0ubuntu1.10 + openssl@3.0.2-0ubuntu1.8 @@ -1495,45 +1548,25 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                NVD Description

                                                                                                                                                                                                                                Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the -policy&#39; argument to the command line utilities or by calling either X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                There is no fixed version for Ubuntu:22.04 openssl.

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                CVE-2023-28531

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Improper Privilege Management

                                                                                                                                                                                                                                @@ -1554,7 +1587,7 @@

                                                                                                                                                                                                                                CVE-2023-28531

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and openssh/openssh-client@1:8.9p1-3ubuntu0.3 + docker-image|quay.io/argoproj/argocd@v2.6.6 and openssh/openssh-client@1:8.9p1-3ubuntu0.1
                                                                                                                                                                                                                              @@ -1567,9 +1600,9 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - openssh/openssh-client@1:8.9p1-3ubuntu0.3 + openssh/openssh-client@1:8.9p1-3ubuntu0.1 @@ -1583,26 +1616,35 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                NVD Description

                                                                                                                                                                                                                                Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                There is no fixed version for Ubuntu:22.04 openssh.

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                NULL Pointer Dereference

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Information Exposure

                                                                                                                                                                                                                                @@ -1618,13 +1660,13 @@

                                                                                                                                                                                                                                NULL Pointer Dereference

                                                                                                                                                                                                                              • Vulnerable module: - openldap/libldap-2.5-0 + openssh/openssh-client
                                                                                                                                                                                                                              • Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 and openssh/openssh-client@1:8.9p1-3ubuntu0.1 - docker-image|quay.io/argoproj/argocd@v2.7.11, gnupg2/dirmngr@2.2.27-3ubuntu2.1 and others
                                                                                                                                                                                                                              @@ -1636,33 +1678,9 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - gnupg2/dirmngr@2.2.27-3ubuntu2.1 - - openldap/libldap-2.5-0@2.5.15+dfsg-0ubuntu0.22.04.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - openldap/libldap-2.5-0@2.5.15+dfsg-0ubuntu0.22.04.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - openldap/libldap-common@2.5.15+dfsg-0ubuntu0.22.04.1 + openssh/openssh-client@1:8.9p1-3ubuntu0.1 @@ -1674,34 +1692,33 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                NVD Description

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Ubuntu:22.04. +

                                                                                                                                                                                                                                Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                There is no fixed version for Ubuntu:22.04 openldap.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                There is no fixed version for Ubuntu:22.04 openssh.

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Resource Exhaustion

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Out-of-bounds Read

                                                                                                                                                                                                                                @@ -1717,13 +1734,13 @@

                                                                                                                                                                                                                                Resource Exhaustion

                                                                                                                                                                                                                              • Vulnerable module: - libzstd/libzstd1 + ncurses/libtinfo6
                                                                                                                                                                                                                              • Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 and ncurses/libtinfo6@6.3-2 - docker-image|quay.io/argoproj/argocd@v2.7.11, meta-common-packages@meta and others
                                                                                                                                                                                                                              @@ -1735,11 +1752,200 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - meta-common-packages@meta + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + bash@5.1-6ubuntu1 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + ncurses/libncursesw6@6.3-2 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + less@590-1ubuntu0.22.04.1 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + libedit/libedit2@3.1-20210910-1build1 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + ncurses/libncurses6@6.3-2 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + ncurses/ncurses-bin@6.3-2 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + procps@2:3.3.17-6ubuntu2 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + util-linux@2.37.2-4ubuntu3 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + gnupg2/gpg@2.2.27-3ubuntu2.1 + + gnupg2/gpgconf@2.2.27-3ubuntu2.1 + + readline/libreadline8@8.1.2-1 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + gnupg2/gnupg@2.2.27-3ubuntu2.1 + + gnupg2/gpg-agent@2.2.27-3ubuntu2.1 + + pinentry/pinentry-curses@1.1.1-1build2 + + ncurses/libtinfo6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + ncurses/libncursesw6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + procps@2:3.3.17-6ubuntu2 + + ncurses/libncursesw6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + gnupg2/gnupg@2.2.27-3ubuntu2.1 + + gnupg2/gpg-agent@2.2.27-3ubuntu2.1 + + pinentry/pinentry-curses@1.1.1-1build2 + + ncurses/libncursesw6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + ncurses/libncurses6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + procps@2:3.3.17-6ubuntu2 + + ncurses/libncurses6@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 + + ncurses/ncurses-base@6.3-2 + + + +
                                                                                                                                                                                                                                • +
                                                                                                                                                                                                                              • + Introduced through: + docker-image|quay.io/argoproj/argocd@v2.6.6 - libzstd/libzstd1@1.4.8+dfsg-3build1 + ncurses/ncurses-bin@6.3-2 @@ -1751,22 +1957,25 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                NVD Description

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                Note: Versions mentioned in the description apply only to the upstream libzstd package and not the libzstd package as distributed by Ubuntu:22.04. +

                                                                                                                                                                                                                                Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Ubuntu:22.04. See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.

                                                                                                                                                                                                                                Remediation

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                There is no fixed version for Ubuntu:22.04 libzstd.

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                There is no fixed version for Ubuntu:22.04 ncurses.

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                                -

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                More about this vulnerability

                                                                                                                                                                                                                                @@ -1792,7 +2001,7 @@

                                                                                                                                                                                                                                Integer Overflow or Wraparound

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and krb5/libk5crypto3@1.19.2-2ubuntu0.2 + docker-image|quay.io/argoproj/argocd@v2.6.6 and krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              @@ -1805,16 +2014,16 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - krb5/libk5crypto3@1.19.2-2ubuntu0.2 + krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 adduser@3.118ubuntu5 @@ -1826,16 +2035,16 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 - krb5/libk5crypto3@1.19.2-2ubuntu0.2 + krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 adduser@3.118ubuntu5 @@ -1847,27 +2056,27 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 - krb5/libkrb5-3@1.19.2-2ubuntu0.2 + krb5/libkrb5-3@1.19.2-2ubuntu0.1 - krb5/libk5crypto3@1.19.2-2ubuntu0.2 + krb5/libk5crypto3@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - krb5/libkrb5-3@1.19.2-2ubuntu0.2 + krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 adduser@3.118ubuntu5 @@ -1879,64 +2088,64 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1 - krb5/libkrb5-3@1.19.2-2ubuntu0.2 + krb5/libkrb5-3@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - openssh/openssh-client@1:8.9p1-3ubuntu0.3 + openssh/openssh-client@1:8.9p1-3ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.8 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 + curl/libcurl3-gnutls@7.81.0-1ubuntu1.8 - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 + libssh/libssh-4@0.9.6-2build1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 adduser@3.118ubuntu5 @@ -1948,18 +2157,18 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                                libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 + krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.1
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 meta-common-packages@meta - krb5/libkrb5support0@1.19.2-2ubuntu0.2 + krb5/libkrb5support0@1.19.2-2ubuntu0.1 @@ -2014,7 +2223,7 @@

                                                                                                                                                                                                                                Out-of-bounds Write

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and gnupg2/gpgv@2.2.27-3ubuntu2.1 + docker-image|quay.io/argoproj/argocd@v2.6.6 and gnupg2/gpgv@2.2.27-3ubuntu2.1
                                                                                                                                                                                                                              @@ -2027,7 +2236,7 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gpgv@2.2.27-3ubuntu2.1 @@ -2036,9 +2245,9 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - apt@2.4.9 + apt@2.4.8 gnupg2/gpgv@2.2.27-3ubuntu2.1 @@ -2047,7 +2256,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2058,7 +2267,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -2069,7 +2278,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -2080,7 +2289,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2093,7 +2302,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2106,7 +2315,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/dirmngr@2.2.27-3ubuntu2.1 @@ -2115,7 +2324,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2126,7 +2335,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2139,7 +2348,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1 @@ -2148,7 +2357,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2159,7 +2368,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg-utils@2.2.27-3ubuntu2.1 @@ -2168,7 +2377,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2179,7 +2388,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gpg@2.2.27-3ubuntu2.1 @@ -2188,7 +2397,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2199,7 +2408,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2212,7 +2421,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2225,7 +2434,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gpg-agent@2.2.27-3ubuntu2.1 @@ -2234,7 +2443,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2245,7 +2454,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2258,7 +2467,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2271,7 +2480,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 @@ -2280,7 +2489,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2291,7 +2500,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 @@ -2300,7 +2509,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2311,7 +2520,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gpgsm@2.2.27-3ubuntu2.1 @@ -2320,7 +2529,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2331,7 +2540,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 gnupg2/gnupg@2.2.27-3ubuntu2.1 @@ -2358,7 +2567,6 @@

                                                                                                                                                                                                                                References

                                                                                                                                                                                                                              • secalert@redhat.com
                                                                                                                                                                                                                              • secalert@redhat.com
                                                                                                                                                                                                                              • secalert@redhat.com
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • secalert@redhat.com
                                                                                                                                                                                                                              @@ -2390,7 +2598,7 @@

                                                                                                                                                                                                                              Allocation of Resources Without Limits or Throttling

                                                                                                                                                                                                                              Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and glibc/libc-bin@2.35-0ubuntu3.1 + docker-image|quay.io/argoproj/argocd@v2.6.6 and glibc/libc-bin@2.35-0ubuntu3.1 @@ -2403,7 +2611,7 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 glibc/libc-bin@2.35-0ubuntu3.1 @@ -2412,7 +2620,7 @@

                                                                                                                                                                                                                                Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 meta-common-packages@meta @@ -2471,7 +2679,7 @@

                                                                                                                                                                                                                                Improper Input Validation

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11, git@1:2.34.1-1ubuntu1.9 and others + docker-image|quay.io/argoproj/argocd@v2.6.6, git@1:2.34.1-1ubuntu1.8 and others
                                                                                                                                                                                                                              @@ -2483,31 +2691,31 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 - git/git-man@1:2.34.1-1ubuntu1.9 + git/git-man@1:2.34.1-1ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8
                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 - git-lfs@3.0.2-1ubuntu0.2 + git-lfs@3.0.2-1ubuntu0.1 - git@1:2.34.1-1ubuntu1.9 + git@1:2.34.1-1ubuntu1.8 @@ -2560,7 +2768,7 @@

                                                                                                                                                                                                                                Improper Input Validation

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and coreutils@8.32-4.1ubuntu1 + docker-image|quay.io/argoproj/argocd@v2.6.6 and coreutils@8.32-4.1ubuntu1
                                                                                                                                                                                                                              @@ -2573,7 +2781,7 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 coreutils@8.32-4.1ubuntu1 @@ -2630,7 +2838,7 @@

                                                                                                                                                                                                                                Out-of-bounds Write

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 and bash@5.1-6ubuntu1 + docker-image|quay.io/argoproj/argocd@v2.6.6 and bash@5.1-6ubuntu1
                                                                                                                                                                                                                              @@ -2643,7 +2851,7 @@

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              • Introduced through: - docker-image|quay.io/argoproj/argocd@v2.7.11 + docker-image|quay.io/argoproj/argocd@v2.6.6 bash@5.1-6ubuntu1 diff --git a/docs/snyk/v2.6.6/redis_7.0.8-alpine.html b/docs/snyk/v2.6.6/redis_7.0.8-alpine.html new file mode 100644 index 0000000000000..df4e867a6e4a3 --- /dev/null +++ b/docs/snyk/v2.6.6/redis_7.0.8-alpine.html @@ -0,0 +1,492 @@ + + + + + + + + + Snyk test report + + + + + + + + + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                + + + Snyk - Open Source Security + + + + + + + +
                                                                                                                                                                                                                                +

                                                                                                                                                                                                                                Snyk test report

                                                                                                                                                                                                                                + +

                                                                                                                                                                                                                                March 19th 2023, 12:19:42 am

                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                + Scanned the following path: +
                                                                                                                                                                                                                                  +
                                                                                                                                                                                                                                • redis:7.0.8-alpine (apk)
                                                                                                                                                                                                                                  • +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                + +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                0 known vulnerabilities
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                0 vulnerable dependency paths
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                18 dependencies
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                                +
                                                                                                                                                                                                                              Project docker-image|haproxy
                                                                                                                                                                                                                              Path haproxy:2.6.14-alpine
                                                                                                                                                                                                                              Path haproxy:2.6.9-alpine
                                                                                                                                                                                                                              Package Manager apk
                                                                                                                                                                                                                              + + + + + + +
                                                                                                                                                                                                                              Project docker-image|redis
                                                                                                                                                                                                                              Path redis:7.0.8-alpine
                                                                                                                                                                                                                              Package Manager apk
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              + No known vulnerabilities detected. +
                                                                                                                                                                                                                              + + + + diff --git a/docs/snyk/v2.7.11/argocd-test.html b/docs/snyk/v2.7.11/argocd-test.html deleted file mode 100644 index 7174bc93fd654..0000000000000 --- a/docs/snyk/v2.7.11/argocd-test.html +++ /dev/null @@ -1,636 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:19:25 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following paths: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • /argo-cd/argoproj/argo-cd/v2 (gomodules)
                                                                                                                                                                                                                              • /argo-cd (yarn)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              1 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              1 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              1748 dependencies
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Regular Expression Denial of Service (ReDoS)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - high severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: npm -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - semver -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - - argo-cd-ui@1.0.0, superagent@8.0.9 and others -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - argo-cd-ui@1.0.0 - - superagent@8.0.9 - - semver@7.3.8 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              semver is a semantic version parser used by npm.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              PoC

                                                                                                                                                                                                                              - 
                                                                                                                                                                                                                              
-        const semver = require('semver')
-        const lengths_2 = [2000, 4000, 8000, 16000, 32000, 64000, 128000]
-        
-        console.log("n[+] Valid range - Test payloads")
-        for (let i = 0; i =1.2.3' + ' '.repeat(lengths_2[i]) + '<1.3.0';
-        const start = Date.now()
-        semver.validRange(value)
-        // semver.minVersion(value)
-        // semver.maxSatisfying(["1.2.3"], value)
-        // semver.minSatisfying(["1.2.3"], value)
-        // new semver.Range(value, {})
-        
-        const end = Date.now();
-        console.log('length=%d, time=%d ms', value.length, end - start);
-        }
-
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Details

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its original and legitimate users. There are many types of DoS attacks, ranging from trying to clog the network pipes to the system by generating a large volume of traffic from many machines (a Distributed Denial of Service - DDoS - attack) to sending crafted requests that cause a system to crash or take a disproportional amount of time to process.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The Regular expression Denial of Service (ReDoS) is a type of Denial of Service attack. Regular expressions are incredibly powerful, but they aren't very intuitive and can ultimately end up making it easy for attackers to take your site down.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Let’s take the following regular expression as an example:

                                                                                                                                                                                                                              - 
                                                                                                                                                                                                                              regex = /A(B|C+)+D/
-
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              This regular expression accomplishes the following:

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • A The string must start with the letter 'A'
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • (B|C+)+ The string must then follow the letter A with either the letter 'B' or some number of occurrences of the letter 'C' (the + matches one or more times). The + at the end of this section states that we can look for one or more matches of this section.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • D Finally, we ensure this section of the string ends with a 'D'
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The expression would match inputs such as ABBD, ABCCCCD, ABCBCCCD and ACCCCCD

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              It most cases, it doesn't take very long for a regex engine to find a match:

                                                                                                                                                                                                                              - 
                                                                                                                                                                                                                              $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCD")'
-        0.04s user 0.01s system 95% cpu 0.052 total
-        
-        $ time node -e '/A(B|C+)+D/.test("ACCCCCCCCCCCCCCCCCCCCCCCCCCCCX")'
-        1.79s user 0.02s system 99% cpu 1.812 total
-
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The entire process of testing it against a 30 characters long string takes around ~52ms. But when given an invalid string, it takes nearly two seconds to complete the test, over ten times as long as it took to test a valid string. The dramatic difference is due to the way regular expressions get evaluated.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Most Regex engines will work very similarly (with minor differences). The engine will match the first possible way to accept the current character and proceed to the next one. If it then fails to match the next one, it will backtrack and see if there was another way to digest the previous character. If it goes too far down the rabbit hole only to find out the string doesn’t match in the end, and if many characters have multiple valid regex paths, the number of backtracking steps can become very large, resulting in what is known as catastrophic backtracking.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Let's look at how our expression runs into this problem, using a shorter string: "ACCCX". While it seems fairly straightforward, there are still four different ways that the engine could match those three C's:

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              1. CCC
                                                                                                                                                                                                                                2. -
                                                                                                                                                                                                                              2. CC+C
                                                                                                                                                                                                                                3. -
                                                                                                                                                                                                                              3. C+CC
                                                                                                                                                                                                                                4. -
                                                                                                                                                                                                                              4. C+C+C.
                                                                                                                                                                                                                                5. -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The engine has to try each of those combinations to see if any of them potentially match against the expression. When you combine that with the other steps the engine must take, we can use RegEx 101 debugger to see the engine has to take a total of 38 steps before it can determine the string doesn't match.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              From there, the number of steps the engine must use to validate a string just continues to grow.

                                                                                                                                                                                                                              - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                                                                                                                                                                                              StringNumber of C'sNumber of steps
                                                                                                                                                                                                                              ACCCX338
                                                                                                                                                                                                                              ACCCCX471
                                                                                                                                                                                                                              ACCCCCX5136
                                                                                                                                                                                                                              ACCCCCCCCCCCCCCX1465,553
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              By the time the string includes 14 C's, the engine has to take over 65,000 steps just to see if the string is valid. These extreme situations can cause them to work very slowly (exponentially related to input size, as shown above), allowing an attacker to exploit this and can cause the service to excessively consume CPU, resulting in a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade semver to version 5.7.2, 6.3.1, 7.5.2 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.7.11/ghcr.io_dexidp_dex_v2.37.0.html b/docs/snyk/v2.7.11/ghcr.io_dexidp_dex_v2.37.0.html deleted file mode 100644 index 28383604de810..0000000000000 --- a/docs/snyk/v2.7.11/ghcr.io_dexidp_dex_v2.37.0.html +++ /dev/null @@ -1,1079 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:19:36 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following paths: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (apk)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/hairyhenderson/gomplate/v3 (gomodules)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              4 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              22 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              786 dependencies
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Improper Authentication

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Inefficient Regular Expression Complexity

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Excessive Iteration

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Cross-site Scripting (XSS)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: golang -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - golang.org/x/net/html -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - github.com/dexidp/dex@* and golang.org/x/net/html@v0.11.0 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - github.com/dexidp/dex@* - - golang.org/x/net/html@v0.11.0 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the render1() function in render.go. Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Details

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              A cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              This is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser’s Same Origin Policy.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Injecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Escaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, < can be coded as &lt; and > can be coded as &gt; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses < and > as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they’ve been correctly escaped in the application code and in this way the attempted attack is diverted.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Types of attacks

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There are a few methods by which XSS can be manipulated:

                                                                                                                                                                                                                              - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                                                                                                                                                                                              TypeOriginDescription
                                                                                                                                                                                                                              StoredServerThe malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.
                                                                                                                                                                                                                              ReflectedServerThe attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user’s browser.
                                                                                                                                                                                                                              DOM-basedClientThe attacker forces the user’s browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.
                                                                                                                                                                                                                              MutatedThe attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Affected environments

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The following environments are susceptible to an XSS attack:

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • Web servers
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Application servers
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Web application environments
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              How to prevent

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              This section describes the top best practices designed to specifically protect your code:

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Give users the option to disable client-side scripts.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Redirect invalid requests.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade golang.org/x/net/html to version 0.13.0 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.7.11/redis_7.0.11-alpine.html b/docs/snyk/v2.7.11/redis_7.0.11-alpine.html deleted file mode 100644 index d667d6ed816db..0000000000000 --- a/docs/snyk/v2.7.11/redis_7.0.11-alpine.html +++ /dev/null @@ -1,1031 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:20:17 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following path: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • redis:7.0.11-alpine (apk)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              3 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              27 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              18 dependencies
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - - - - - -
                                                                                                                                                                                                                              Project docker-image|redis
                                                                                                                                                                                                                              Path redis:7.0.11-alpine
                                                                                                                                                                                                                              Package Manager apk
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Improper Authentication

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Inefficient Regular Expression Complexity

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Excessive Iteration

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.8.0-rc7/argocd-iac-install.html b/docs/snyk/v2.8.0-rc7/argocd-iac-install.html deleted file mode 100644 index 15df1e7e70c21..0000000000000 --- a/docs/snyk/v2.8.0-rc7/argocd-iac-install.html +++ /dev/null @@ -1,2679 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:18:53 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following path: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • /argo-cd/manifests/install.yaml (Kubernetes)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              40 total issues
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - - - - - -
                                                                                                                                                                                                                              Project manifests/install.yaml
                                                                                                                                                                                                                              Path /argo-cd/manifests/install.yaml
                                                                                                                                                                                                                              Project Type Kubernetes
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 10] - - rules[0] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 18466 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 11] - - rules[4] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 18543 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 12] - - rules[0] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 18571 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 13] - - rules[3] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 18619 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 13] - - rules[1] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 18601 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 14] - - rules[0] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 18635 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container could be running with outdated image

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-42 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 45] - - spec - - template - - spec - - initContainers[copyutil] - - imagePullPolicy - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19731 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The container may run with outdated or unauthorized image

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `imagePullPolicy` attribute to `Always`

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 41] - - input - - spec - - template - - spec - - containers[argocd-applicationset-controller] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19106 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - input - - spec - - template - - spec - - initContainers[copyutil] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19339 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - input - - spec - - template - - spec - - containers[dex] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19305 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 43] - - input - - spec - - template - - spec - - containers[argocd-notifications-controller] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19399 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 44] - - input - - spec - - template - - spec - - containers[redis] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19486 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 45] - - input - - spec - - template - - spec - - initContainers[copyutil] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19731 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 45] - - input - - spec - - template - - spec - - containers[argocd-repo-server] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19543 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 46] - - input - - spec - - template - - spec - - containers[argocd-server] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19816 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 47] - - input - - spec - - template - - spec - - containers[argocd-application-controller] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 20132 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running with multiple open ports

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-36 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - spec - - template - - spec - - containers[dex] - - ports - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19319 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Increases the attack surface of the application and the container.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Reduce `ports` count to 2

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 41] - - spec - - template - - spec - - containers[argocd-applicationset-controller] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19106 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - spec - - template - - spec - - containers[dex] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19305 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - spec - - template - - spec - - initContainers[copyutil] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19339 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 44] - - spec - - template - - spec - - containers[redis] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19486 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 45] - - spec - - template - - spec - - initContainers[copyutil] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19731 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 41] - - input - - spec - - template - - spec - - containers[argocd-applicationset-controller] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19106 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - input - - spec - - template - - spec - - containers[dex] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19305 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - input - - spec - - template - - spec - - initContainers[copyutil] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19339 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 43] - - input - - spec - - template - - spec - - containers[argocd-notifications-controller] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19399 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 44] - - input - - spec - - template - - spec - - containers[redis] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19486 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 45] - - input - - spec - - template - - spec - - initContainers[copyutil] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19731 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 45] - - input - - spec - - template - - spec - - containers[argocd-repo-server] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19543 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 46] - - input - - spec - - template - - spec - - containers[argocd-server] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19816 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 47] - - input - - spec - - template - - spec - - containers[argocd-application-controller] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 20132 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 41] - - input - - spec - - template - - spec - - containers[argocd-applicationset-controller] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19229 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - input - - spec - - template - - spec - - initContainers[copyutil] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19347 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 42] - - input - - spec - - template - - spec - - containers[dex] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19322 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 43] - - input - - spec - - template - - spec - - containers[argocd-notifications-controller] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19420 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 44] - - input - - spec - - template - - spec - - containers[redis] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19496 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 45] - - input - - spec - - template - - spec - - initContainers[copyutil] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19738 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 45] - - input - - spec - - template - - spec - - containers[argocd-repo-server] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 19704 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 46] - - input - - spec - - template - - spec - - containers[argocd-server] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 20042 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 47] - - input - - spec - - template - - spec - - containers[argocd-application-controller] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 20280 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.8.0-rc7/argocd-iac-namespace-install.html b/docs/snyk/v2.8.0-rc7/argocd-iac-namespace-install.html deleted file mode 100644 index 48793bb6c3e54..0000000000000 --- a/docs/snyk/v2.8.0-rc7/argocd-iac-namespace-install.html +++ /dev/null @@ -1,2679 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:19:05 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following path: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • /argo-cd/manifests/namespace-install.yaml (Kubernetes)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              40 total issues
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - - - - - -
                                                                                                                                                                                                                              Project manifests/namespace-install.yaml
                                                                                                                                                                                                                              Path /argo-cd/manifests/namespace-install.yaml
                                                                                                                                                                                                                              Project Type Kubernetes
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 7] - - rules[0] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 77 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 8] - - rules[4] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 154 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 9] - - rules[0] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 182 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 10] - - rules[3] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 230 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 10] - - rules[1] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 212 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Role with dangerous permissions

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-47 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 11] - - rules[0] - - resources - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 246 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Using this role grants dangerous permissions

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Consider removing this permissions

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container could be running with outdated image

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-42 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - spec - - template - - spec - - initContainers[copyutil] - - imagePullPolicy - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1249 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The container may run with outdated or unauthorized image

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `imagePullPolicy` attribute to `Always`

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 34] - - input - - spec - - template - - spec - - containers[argocd-applicationset-controller] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 624 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - input - - spec - - template - - spec - - initContainers[copyutil] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 857 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - input - - spec - - template - - spec - - containers[dex] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 823 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 36] - - input - - spec - - template - - spec - - containers[argocd-notifications-controller] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 917 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 37] - - input - - spec - - template - - spec - - containers[redis] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1004 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - input - - spec - - template - - spec - - initContainers[copyutil] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1249 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - input - - spec - - template - - spec - - containers[argocd-repo-server] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1061 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 39] - - input - - spec - - template - - spec - - containers[argocd-server] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1334 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container has no CPU limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-5 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 40] - - input - - spec - - template - - spec - - containers[argocd-application-controller] - - resources - - limits - - cpu - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1650 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `resources.limits.cpu` field with required CPU limit value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running with multiple open ports

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-36 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - spec - - template - - spec - - containers[dex] - - ports - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 837 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Increases the attack surface of the application and the container.

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Reduce `ports` count to 2

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 34] - - spec - - template - - spec - - containers[argocd-applicationset-controller] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 624 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - spec - - template - - spec - - containers[dex] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 823 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - spec - - template - - spec - - initContainers[copyutil] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 857 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 37] - - spec - - template - - spec - - containers[redis] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1004 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without liveness probe

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-41 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - spec - - template - - spec - - initContainers[copyutil] - - livenessProbe - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1249 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Add `livenessProbe` attribute

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 34] - - input - - spec - - template - - spec - - containers[argocd-applicationset-controller] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 624 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - input - - spec - - template - - spec - - containers[dex] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 823 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - input - - spec - - template - - spec - - initContainers[copyutil] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 857 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 36] - - input - - spec - - template - - spec - - containers[argocd-notifications-controller] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 917 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 37] - - input - - spec - - template - - spec - - containers[redis] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1004 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - input - - spec - - template - - spec - - initContainers[copyutil] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1249 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - input - - spec - - template - - spec - - containers[argocd-repo-server] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1061 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 39] - - input - - spec - - template - - spec - - containers[argocd-server] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1334 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container is running without memory limit

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-4 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 40] - - input - - spec - - template - - spec - - containers[argocd-application-controller] - - resources - - limits - - memory - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1650 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Containers without memory limits are more likely to be terminated when the node runs out of memory

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `resources.limits.memory` value

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 34] - - input - - spec - - template - - spec - - containers[argocd-applicationset-controller] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 747 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - input - - spec - - template - - spec - - initContainers[copyutil] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 865 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 35] - - input - - spec - - template - - spec - - containers[dex] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 840 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 36] - - input - - spec - - template - - spec - - containers[argocd-notifications-controller] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 938 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 37] - - input - - spec - - template - - spec - - containers[redis] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1014 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - input - - spec - - template - - spec - - initContainers[copyutil] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1256 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 38] - - input - - spec - - template - - spec - - containers[argocd-repo-server] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1222 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 39] - - input - - spec - - template - - spec - - containers[argocd-server] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1560 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Container's or Pod's UID could clash with host's UID

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Public ID: SNYK-CC-K8S-11 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - [DocId: 40] - - input - - spec - - template - - spec - - containers[argocd-application-controller] - - securityContext - - runAsUser - -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • - Line number: 1798 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Impact

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Set `securityContext.runAsUser` value to greater or equal than 10'000. SecurityContext can be set on both `pod` and `container` level. If both are set, then the container level takes precedence

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this issue

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.8.0-rc7/argocd-test.html b/docs/snyk/v2.8.0-rc7/argocd-test.html deleted file mode 100644 index 0f8c20b574591..0000000000000 --- a/docs/snyk/v2.8.0-rc7/argocd-test.html +++ /dev/null @@ -1,566 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:16:34 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following paths: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • /argo-cd/argoproj/argo-cd/v2 (gomodules)
                                                                                                                                                                                                                              • /argo-cd (yarn)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              1 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              1 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              1851 dependencies
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Denial of Service (DoS)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - high severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: golang -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - nhooyr.io/websocket -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - - github.com/argoproj/argo-cd/v2@0.0.0, github.com/improbable-eng/grpc-web/go/grpcweb@0.15.0 and others -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - github.com/argoproj/argo-cd/v2@0.0.0 - - github.com/improbable-eng/grpc-web/go/grpcweb@0.15.0 - - nhooyr.io/websocket@1.8.6 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              nhooyr.io/websocket is a minimal and idiomatic WebSocket library for Go.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Affected versions of this package are vulnerable to Denial of Service (DoS). A double channel close panic is possible if a peer sent back multiple pongs for every ping. - If the second pong arrived before the ping goroutine deleted its channel from the map, the channel would be closed twice and a panic would - occur.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Details

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Two common types of DoS vulnerabilities:

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                -

                                                                                                                                                                                                                              • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                • -

                                                                                                                                                                                                                              • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade nhooyr.io/websocket to version 1.8.7 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.8.0-rc7/ghcr.io_dexidp_dex_v2.37.0.html b/docs/snyk/v2.8.0-rc7/ghcr.io_dexidp_dex_v2.37.0.html deleted file mode 100644 index 084d7911d5698..0000000000000 --- a/docs/snyk/v2.8.0-rc7/ghcr.io_dexidp_dex_v2.37.0.html +++ /dev/null @@ -1,1079 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:16:41 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following paths: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (apk)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/hairyhenderson/gomplate/v3 (gomodules)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
                                                                                                                                                                                                                              • ghcr.io/dexidp/dex:v2.37.0/dexidp/dex (gomodules)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              4 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              22 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              786 dependencies
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Improper Authentication

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Inefficient Regular Expression Complexity

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Excessive Iteration

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|ghcr.io/dexidp/dex@v2.37.0 and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|ghcr.io/dexidp/dex@v2.37.0 - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Cross-site Scripting (XSS)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: golang -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - golang.org/x/net/html -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - github.com/dexidp/dex@* and golang.org/x/net/html@v0.11.0 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - github.com/dexidp/dex@* - - golang.org/x/net/html@v0.11.0 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              golang.org/x/net/html is a package that implements an HTML5-compliant tokenizer and parser.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the render1() function in render.go. Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Details

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              A cross-site scripting attack occurs when the attacker tricks a legitimate web-based application or site to accept a request as originating from a trusted source.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              This is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser’s Same Origin Policy.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Injecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Escaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, < can be coded as &lt; and > can be coded as &gt; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses < and > as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they’ve been correctly escaped in the application code and in this way the attempted attack is diverted.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Types of attacks

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There are a few methods by which XSS can be manipulated:

                                                                                                                                                                                                                              - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                                                                                                                                                                                              TypeOriginDescription
                                                                                                                                                                                                                              StoredServerThe malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.
                                                                                                                                                                                                                              ReflectedServerThe attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user’s browser.
                                                                                                                                                                                                                              DOM-basedClientThe attacker forces the user’s browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.
                                                                                                                                                                                                                              MutatedThe attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Affected environments

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The following environments are susceptible to an XSS attack:

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • Web servers
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Application servers
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Web application environments
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              How to prevent

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              This section describes the top best practices designed to specifically protect your code:

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Give users the option to disable client-side scripts.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Redirect invalid requests.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade golang.org/x/net/html to version 0.13.0 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.8.0-rc7/haproxy_2.6.14-alpine.html b/docs/snyk/v2.8.0-rc7/haproxy_2.6.14-alpine.html deleted file mode 100644 index 16cd038ee44b3..0000000000000 --- a/docs/snyk/v2.8.0-rc7/haproxy_2.6.14-alpine.html +++ /dev/null @@ -1,492 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:16:45 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following path: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • haproxy:2.6.14-alpine (apk)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              0 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              0 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              18 dependencies
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - - - - - -
                                                                                                                                                                                                                              Project docker-image|haproxy
                                                                                                                                                                                                                              Path haproxy:2.6.14-alpine
                                                                                                                                                                                                                              Package Manager apk
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - No known vulnerabilities detected. -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.8.0-rc7/quay.io_argoproj_argocd_v2.8.0-rc7.html b/docs/snyk/v2.8.0-rc7/quay.io_argoproj_argocd_v2.8.0-rc7.html deleted file mode 100644 index 4e00c0a021d27..0000000000000 --- a/docs/snyk/v2.8.0-rc7/quay.io_argoproj_argocd_v2.8.0-rc7.html +++ /dev/null @@ -1,2604 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:17:14 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following paths: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.8.0-rc7/argoproj/argocd (deb)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.8.0-rc7/argoproj/argo-cd/v2 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.8.0-rc7/kustomize/kustomize/v5 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.8.0-rc7/helm/v3 (gomodules)
                                                                                                                                                                                                                              • quay.io/argoproj/argocd:v2.8.0-rc7/git-lfs/git-lfs (gomodules)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              18 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              85 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              2117 dependencies
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Denial of Service (DoS)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - high severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: golang -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - nhooyr.io/websocket -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - github.com/argoproj/argo-cd/v2@* and nhooyr.io/websocket@v1.8.6 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - github.com/argoproj/argo-cd/v2@* - - nhooyr.io/websocket@v1.8.6 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              Overview

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              nhooyr.io/websocket is a minimal and idiomatic WebSocket library for Go.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Affected versions of this package are vulnerable to Denial of Service (DoS). A double channel close panic is possible if a peer sent back multiple pongs for every ping. - If the second pong arrived before the ping goroutine deleted its channel from the map, the channel would be closed twice and a panic would - occur.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Details

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Two common types of DoS vulnerabilities:

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                                -

                                                                                                                                                                                                                              • High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.

                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                • -

                                                                                                                                                                                                                              • Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

                                                                                                                                                                                                                                -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade nhooyr.io/websocket to version 1.8.7 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Out-of-bounds Write

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - procps/libprocps8 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and procps/libprocps8@2:3.3.17-6ubuntu2 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - procps/libprocps8@2:3.3.17-6ubuntu2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - procps@2:3.3.17-6ubuntu2 - - procps/libprocps8@2:3.3.17-6ubuntu2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - procps@2:3.3.17-6ubuntu2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream procps package and not the procps package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 procps.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CVE-2023-36054

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - krb5/libk5crypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and krb5/libk5crypto3@1.19.2-2ubuntu0.2 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - meta-common-packages@meta - - krb5/libkrb5support0@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 krb5.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CVE-2022-46908

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - sqlite3/libsqlite3-0 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7, gnupg2/gpg@2.2.27-3ubuntu2.1 and others -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gpg@2.2.27-3ubuntu2.1 - - sqlite3/libsqlite3-0@3.37.2-2ubuntu0.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 sqlite3.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Arbitrary Code Injection

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - shadow/passwd -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and shadow/passwd@1:4.8.1-2ubuntu2.1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - shadow/login@1:4.8.1-2ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 shadow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Uncontrolled Recursion

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - pcre3/libpcre3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - grep@3.7-1build1 - - pcre3/libpcre3@2:8.39-13ubuntu0.22.04.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream pcre3 package and not the pcre3 package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 pcre3.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Release of Invalid Pointer or Reference

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - patch -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and patch@2.7.6-7build2 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - patch@2.7.6-7build2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 patch.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Double Free

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - patch -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and patch@2.7.6-7build2 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - patch@2.7.6-7build2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 patch.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Improper Authentication

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libssl3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and openssl/libssl3@3.0.2-0ubuntu1.10 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - openssl/libssl3@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - cyrus-sasl2/libsasl2-modules@2.1.27+dfsg2-3ubuntu1.2 - - openssl/libssl3@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - libfido2/libfido2-1@1.10.0-1 - - openssl/libssl3@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 - - openssl/libssl3@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - ca-certificates@20230311ubuntu0.22.04.1 - - openssl@3.0.2-0ubuntu1.10 - - openssl/libssl3@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 - - openssl/libssl3@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - openssl/libssl3@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - openssl@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - ca-certificates@20230311ubuntu0.22.04.1 - - openssl@3.0.2-0ubuntu1.10 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 openssl.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              CVE-2023-28531

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssh/openssh-client -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and openssh/openssh-client@1:8.9p1-3ubuntu0.3 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 openssh.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              NULL Pointer Dereference

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openldap/libldap-2.5-0 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7, gnupg2/dirmngr@2.2.27-3ubuntu2.1 and others -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/dirmngr@2.2.27-3ubuntu2.1 - - openldap/libldap-2.5-0@2.5.15+dfsg-0ubuntu0.22.04.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - openldap/libldap-2.5-0@2.5.15+dfsg-0ubuntu0.22.04.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - openldap/libldap-common@2.5.15+dfsg-0ubuntu0.22.04.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 openldap.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Resource Exhaustion

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - libzstd/libzstd1 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7, meta-common-packages@meta and others -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - meta-common-packages@meta - - libzstd/libzstd1@1.4.8+dfsg-3build1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream libzstd package and not the libzstd package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 libzstd.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Integer Overflow or Wraparound

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - krb5/libk5crypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and krb5/libk5crypto3@1.19.2-2ubuntu0.2 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - krb5/libk5crypto3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - krb5/libkrb5-3@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - openssh/openssh-client@1:8.9p1-3ubuntu0.3 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git@1:2.34.1-1ubuntu1.9 - - curl/libcurl3-gnutls@7.81.0-1ubuntu1.13 - - libssh/libssh-4@0.9.6-2ubuntu0.22.04.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - adduser@3.118ubuntu5 - - shadow/passwd@1:4.8.1-2ubuntu2.1 - - pam/libpam-modules@1.4.0-11ubuntu2.3 - - libnsl/libnsl2@1.3.0-2build2 - - libtirpc/libtirpc3@1.3.2-2ubuntu0.1 - - krb5/libgssapi-krb5-2@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - meta-common-packages@meta - - krb5/libkrb5support0@1.19.2-2ubuntu0.2 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 krb5.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Out-of-bounds Write

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - gnupg2/gpgv -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and gnupg2/gpgv@2.2.27-3ubuntu2.1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gpgv@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - apt@2.4.9 - - gnupg2/gpgv@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpgv@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/dirmngr@2.2.27-3ubuntu2.1 - - gnupg2/gpgconf@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gpg@2.2.27-3ubuntu2.1 - - gnupg2/gpgconf@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-agent@2.2.27-3ubuntu2.1 - - gnupg2/gpgconf@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpgsm@2.2.27-3ubuntu2.1 - - gnupg2/gpgconf@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/dirmngr@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/dirmngr@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 - - gnupg2/dirmngr@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gnupg-l10n@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg-utils@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gnupg-utils@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gpg@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 - - gnupg2/gpg@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 - - gnupg2/gpg@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gpg-agent@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-agent@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 - - gnupg2/gpg-agent@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 - - gnupg2/gpg-agent@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-wks-client@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpg-wks-server@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gpgsm@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - gnupg2/gpgsm@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - gnupg2/gnupg@2.2.27-3ubuntu2.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream gnupg2 package and not the gnupg2 package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 gnupg2.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Allocation of Resources Without Limits or Throttling

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - glibc/libc-bin -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and glibc/libc-bin@2.35-0ubuntu3.1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - glibc/libc-bin@2.35-0ubuntu3.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - meta-common-packages@meta - - glibc/libc6@2.35-0ubuntu3.1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 glibc.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Improper Input Validation

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - git/git-man -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7, git@1:2.34.1-1ubuntu1.9 and others -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git@1:2.34.1-1ubuntu1.9 - - git/git-man@1:2.34.1-1ubuntu1.9 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git@1:2.34.1-1ubuntu1.9 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - git-lfs@3.0.2-1ubuntu0.2 - - git@1:2.34.1-1ubuntu1.9 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream git package and not the git package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 git.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Improper Input Validation

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - coreutils -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and coreutils@8.32-4.1ubuntu1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - coreutils@8.32-4.1ubuntu1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 coreutils.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Out-of-bounds Write

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - low severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: ubuntu:22.04 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - bash -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 and bash@5.1-6ubuntu1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|quay.io/argoproj/argocd@v2.8.0-rc7 - - bash@5.1-6ubuntu1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream bash package and not the bash package as distributed by Ubuntu:22.04. - See How to fix? for Ubuntu:22.04 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              There is no fixed version for Ubuntu:22.04 bash.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - diff --git a/docs/snyk/v2.8.0-rc7/redis_7.0.11-alpine.html b/docs/snyk/v2.8.0-rc7/redis_7.0.11-alpine.html deleted file mode 100644 index 1293d04e5adf8..0000000000000 --- a/docs/snyk/v2.8.0-rc7/redis_7.0.11-alpine.html +++ /dev/null @@ -1,1031 +0,0 @@ - - - - - - - - - Snyk test report - - - - - - - - - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - Snyk - Open Source Security - - - - - - - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Snyk test report

                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              August 13th 2023, 12:17:20 am (UTC+00:00)

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Scanned the following path: -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • redis:7.0.11-alpine (apk)
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              3 known vulnerabilities
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              27 vulnerable dependency paths
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              18 dependencies
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - - - - - -
                                                                                                                                                                                                                              Project docker-image|redis
                                                                                                                                                                                                                              Path redis:7.0.11-alpine
                                                                                                                                                                                                                              Package Manager apk
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Improper Authentication

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: The AES-SIV cipher implementation contains a bug that causes - it to ignore empty associated data entries which are unauthenticated as - a consequence.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the AES-SIV algorithm and want to - authenticate empty data entries as associated data can be mislead by removing - adding or reordering such empty entries as these are ignored by the OpenSSL - implementation. We are currently unaware of any such applications.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The AES-SIV algorithm allows for authentication of multiple associated - data entries along with the encryption. To authenticate empty data the - application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with - NULL pointer as the output buffer and 0 as the input buffer length. - The AES-SIV implementation in OpenSSL just returns success for such a call - instead of performing the associated data authentication operation. - The empty data thus will not be authenticated.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              As this issue does not affect non-empty associated data authentication and - we expect it to be rare for an application to use empty associated data - entries this is qualified as Low severity issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r2 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Inefficient Regular Expression Complexity

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() performs various checks on DH parameters. One of those - checks confirms that the modulus ('p' parameter) is not too large. Trying to use - a very large modulus is slow and OpenSSL will not normally use a modulus which - is over 10,000 bits in length.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              However the DH_check() function checks numerous aspects of the key or parameters - that have been supplied. Some of those checks use the supplied modulus value - even if it has already been found to be too large.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulernable to a Denial of Service attack.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the '-check' option.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue. - The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.1-r3 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Excessive Iteration

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - medium severity -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Package Manager: alpine:3.18 -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Vulnerable module: - - openssl/libcrypto3 -
                                                                                                                                                                                                                                • - -
                                                                                                                                                                                                                              • Introduced through: - - docker-image|redis@7.0.11-alpine and openssl/libcrypto3@3.1.1-r1 - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - - -

                                                                                                                                                                                                                              Detailed paths

                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                                -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - openssl/libcrypto3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - .redis-rundeps@20230614.215749 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - apk-tools/apk-tools@2.14.0-r2 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              • - Introduced through: - docker-image|redis@7.0.11-alpine - - busybox/ssl_client@1.36.1-r0 - - openssl/libssl3@3.1.1-r1 - - - -
                                                                                                                                                                                                                                • -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              - -

                                                                                                                                                                                                                              NVD Description

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Alpine:3.18. - See How to fix? for Alpine:3.18 relevant fixed versions and status.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Issue summary: Checking excessively long DH keys or parameters may be very slow.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Impact summary: Applications that use the functions DH_check(), DH_check_ex() - or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long - delays. Where the key or parameters that are being checked have been obtained - from an untrusted source this may lead to a Denial of Service.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() performs various checks on DH parameters. After fixing - CVE-2023-3446 it was discovered that a large q parameter value can also trigger - an overly long computation during some of these checks. A correct q value, - if present, cannot be larger than the modulus p parameter, thus it is - unnecessary to perform these checks if q is larger than p.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              An application that calls DH_check() and supplies a key or parameters obtained - from an untrusted source could be vulnerable to a Denial of Service attack.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The function DH_check() is itself called by a number of other OpenSSL functions. - An application calling any of those other functions may similarly be affected. - The other functions affected by this are DH_check_ex() and - EVP_PKEY_param_check().

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications - when using the "-check" option.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL SSL/TLS implementation is not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Remediation

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              Upgrade Alpine:3.18 openssl to version 3.1.2-r0 or higher.

                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              References

                                                                                                                                                                                                                              - - -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -

                                                                                                                                                                                                                              More about this vulnerability

                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - - diff --git a/docs/user-guide/app_deletion.md b/docs/user-guide/app_deletion.md index a1eaedf41cd04..65a17e7eb53ff 100644 --- a/docs/user-guide/app_deletion.md +++ b/docs/user-guide/app_deletion.md @@ -54,7 +54,7 @@ When deleting an Application with this finalizer, the Argo CD application contro Adding the finalizer enables cascading deletes when implementing [the App of Apps pattern](../operator-manual/cluster-bootstrapping.md#cascading-deletion). The default propagation policy for cascading deletion is [foreground cascading deletion](https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion). -Argo CD performs [background cascading deletion](https://kubernetes.io/docs/concepts/architecture/garbage-collection/#background-deletion) when `resources-finalizer.argocd.argoproj.io/background` is set. +ArgoCD performs [background cascading deletion](https://kubernetes.io/docs/concepts/architecture/garbage-collection/#background-deletion) when `resources-finalizer.argocd.argoproj.io/background` is set. When you invoke `argocd app delete` with `--cascade`, the finalizer is added automatically. You can set the propagation policy with `--propagation-policy `. diff --git a/docs/user-guide/application-specification.md b/docs/user-guide/application-specification.md deleted file mode 100644 index 4f581b19a47fa..0000000000000 --- a/docs/user-guide/application-specification.md +++ /dev/null @@ -1,7 +0,0 @@ -# Application Specification - -The following describes all the available fields of an Application: - -```yaml -{!docs/operator-manual/application.yaml!} -``` diff --git a/docs/user-guide/build-environment.md b/docs/user-guide/build-environment.md index 8e2448f4f9e7f..56f6e6b436463 100644 --- a/docs/user-guide/build-environment.md +++ b/docs/user-guide/build-environment.md @@ -3,11 +3,10 @@ [Custom tools](../operator-manual/config-management-plugins.md), [Helm](helm.md), [Jsonnet](jsonnet.md), and [Kustomize](kustomize.md) support the following build env vars: | Variable | Description | -|-------------------------------------|-------------------------------------------------------------------------| +| ----------------------------------- | ----------------------------------------------------------------------- | | `ARGOCD_APP_NAME` | The name of the application. | | `ARGOCD_APP_NAMESPACE` | The destination namespace of the application. | | `ARGOCD_APP_REVISION` | The resolved revision, e.g. `f913b6cbf58aa5ae5ca1f8a2b149477aebcbd9d8`. | -| `ARGOCD_APP_REVISION_SHORT` | The resolved short revision, e.g. `f913b6c`. | | `ARGOCD_APP_SOURCE_PATH` | The path of the app within the source repo. | | `ARGOCD_APP_SOURCE_REPO_URL` | The source repo URL. | | `ARGOCD_APP_SOURCE_TARGET_REVISION` | The target revision from the spec, e.g. `master`. | diff --git a/docs/user-guide/commands/argocd.md b/docs/user-guide/commands/argocd.md index 61798763dfaf6..86cc01d9443fa 100644 --- a/docs/user-guide/commands/argocd.md +++ b/docs/user-guide/commands/argocd.md @@ -13,7 +13,6 @@ argocd [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -27,12 +26,8 @@ argocd [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account.md b/docs/user-guide/commands/argocd_account.md index e23d36893fe35..3880bdb6fffc4 100644 --- a/docs/user-guide/commands/argocd_account.md +++ b/docs/user-guide/commands/argocd_account.md @@ -37,7 +37,6 @@ argocd account [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -50,12 +49,8 @@ argocd account [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account_bcrypt.md b/docs/user-guide/commands/argocd_account_bcrypt.md index 5c18d89f0013e..0e7d1a13a1735 100644 --- a/docs/user-guide/commands/argocd_account_bcrypt.md +++ b/docs/user-guide/commands/argocd_account_bcrypt.md @@ -20,7 +20,6 @@ argocd account bcrypt [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd account bcrypt [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account_can-i.md b/docs/user-guide/commands/argocd_account_can-i.md index 1ada49559061f..799d3be70da51 100644 --- a/docs/user-guide/commands/argocd_account_can-i.md +++ b/docs/user-guide/commands/argocd_account_can-i.md @@ -37,7 +37,6 @@ Resources: [clusters projects applications applicationsets repositories certific --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -50,12 +49,8 @@ Resources: [clusters projects applications applicationsets repositories certific --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account_delete-token.md b/docs/user-guide/commands/argocd_account_delete-token.md index c453c73c0a51a..1223b91c037e5 100644 --- a/docs/user-guide/commands/argocd_account_delete-token.md +++ b/docs/user-guide/commands/argocd_account_delete-token.md @@ -30,7 +30,6 @@ argocd account delete-token --account ID --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -43,12 +42,8 @@ argocd account delete-token --account ID --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account_generate-token.md b/docs/user-guide/commands/argocd_account_generate-token.md index 06fffd21b1d73..34ecdc7704c33 100644 --- a/docs/user-guide/commands/argocd_account_generate-token.md +++ b/docs/user-guide/commands/argocd_account_generate-token.md @@ -32,7 +32,6 @@ argocd account generate-token --account --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -45,12 +44,8 @@ argocd account generate-token --account --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account_get-user-info.md b/docs/user-guide/commands/argocd_account_get-user-info.md index e440b3596ae92..9f15863916cdd 100644 --- a/docs/user-guide/commands/argocd_account_get-user-info.md +++ b/docs/user-guide/commands/argocd_account_get-user-info.md @@ -20,7 +20,6 @@ argocd account get-user-info [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd account get-user-info [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account_get.md b/docs/user-guide/commands/argocd_account_get.md index cfa48aed523cb..f1149ad1c80fc 100644 --- a/docs/user-guide/commands/argocd_account_get.md +++ b/docs/user-guide/commands/argocd_account_get.md @@ -31,7 +31,6 @@ argocd account get --account --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -44,12 +43,8 @@ argocd account get --account --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account_list.md b/docs/user-guide/commands/argocd_account_list.md index 9b481eb097a6f..0604b6fb535db 100644 --- a/docs/user-guide/commands/argocd_account_list.md +++ b/docs/user-guide/commands/argocd_account_list.md @@ -26,7 +26,6 @@ argocd account list --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -39,12 +38,8 @@ argocd account list --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_account_update-password.md b/docs/user-guide/commands/argocd_account_update-password.md index 8fe2b62726e2c..e386e7b69f20a 100644 --- a/docs/user-guide/commands/argocd_account_update-password.md +++ b/docs/user-guide/commands/argocd_account_update-password.md @@ -29,10 +29,10 @@ argocd account update-password [flags] ### Options ``` - --account string An account name that should be updated. Defaults to current user account - --current-password string Password of the currently logged on user + --account string an account name that should be updated. Defaults to current user account + --current-password string password of the currently logged on user -h, --help help for update-password - --new-password string New password you want to update to + --new-password string new password you want to update to ``` ### Options inherited from parent commands @@ -42,7 +42,6 @@ argocd account update-password [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -55,12 +54,8 @@ argocd account update-password [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin.md b/docs/user-guide/commands/argocd_admin.md index c3e81d0f38cc7..aff92561bdf7f 100644 --- a/docs/user-guide/commands/argocd_admin.md +++ b/docs/user-guide/commands/argocd_admin.md @@ -21,7 +21,6 @@ argocd admin [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd admin [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_app.md b/docs/user-guide/commands/argocd_admin_app.md index eebb38486db7c..70a548c0e9947 100644 --- a/docs/user-guide/commands/argocd_admin_app.md +++ b/docs/user-guide/commands/argocd_admin_app.md @@ -19,7 +19,6 @@ argocd admin app [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd admin app [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_app_diff-reconcile-results.md b/docs/user-guide/commands/argocd_admin_app_diff-reconcile-results.md index 68bf466f8ed03..02ddbee5ac8cb 100644 --- a/docs/user-guide/commands/argocd_admin_app_diff-reconcile-results.md +++ b/docs/user-guide/commands/argocd_admin_app_diff-reconcile-results.md @@ -19,7 +19,6 @@ argocd admin app diff-reconcile-results PATH1 PATH2 [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd admin app diff-reconcile-results PATH1 PATH2 [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_app_generate-spec.md b/docs/user-guide/commands/argocd_admin_app_generate-spec.md index f280375ea7fc9..c5130d43f1a33 100644 --- a/docs/user-guide/commands/argocd_admin_app_generate-spec.md +++ b/docs/user-guide/commands/argocd_admin_app_generate-spec.md @@ -100,7 +100,6 @@ argocd admin app generate-spec APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -113,12 +112,8 @@ argocd admin app generate-spec APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_app_get-reconcile-results.md b/docs/user-guide/commands/argocd_admin_app_get-reconcile-results.md index 0222c0c88d76d..37aacbdfc65df 100644 --- a/docs/user-guide/commands/argocd_admin_app_get-reconcile-results.md +++ b/docs/user-guide/commands/argocd_admin_app_get-reconcile-results.md @@ -42,7 +42,6 @@ argocd admin app get-reconcile-results PATH [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -55,11 +54,7 @@ argocd admin app get-reconcile-results PATH [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_cluster.md b/docs/user-guide/commands/argocd_admin_cluster.md index 1b557c3c11e55..3ad9abadcbf9b 100644 --- a/docs/user-guide/commands/argocd_admin_cluster.md +++ b/docs/user-guide/commands/argocd_admin_cluster.md @@ -19,7 +19,6 @@ argocd admin cluster [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd admin cluster [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_cluster_generate-spec.md b/docs/user-guide/commands/argocd_admin_cluster_generate-spec.md index 2f3d9f5556d3e..8ba24b10a9058 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_generate-spec.md +++ b/docs/user-guide/commands/argocd_admin_cluster_generate-spec.md @@ -41,7 +41,6 @@ argocd admin cluster generate-spec CONTEXT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -54,12 +53,8 @@ argocd admin cluster generate-spec CONTEXT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md b/docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md index c5d8951fe5a83..f1a8455af3256 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md +++ b/docs/user-guide/commands/argocd_admin_cluster_kubeconfig.md @@ -38,7 +38,6 @@ argocd admin cluster kubeconfig CLUSTER_URL OUTPUT_PATH [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -51,11 +50,7 @@ argocd admin cluster kubeconfig CLUSTER_URL OUTPUT_PATH [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_cluster_namespaces.md b/docs/user-guide/commands/argocd_admin_cluster_namespaces.md index 0a5ca1e9e8679..f302f14ff8a90 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_namespaces.md +++ b/docs/user-guide/commands/argocd_admin_cluster_namespaces.md @@ -38,7 +38,6 @@ argocd admin cluster namespaces [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -51,11 +50,7 @@ argocd admin cluster namespaces [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_cluster_namespaces_disable-namespaced-mode.md b/docs/user-guide/commands/argocd_admin_cluster_namespaces_disable-namespaced-mode.md index 20e85826a8af8..17b66a06d65a0 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_namespaces_disable-namespaced-mode.md +++ b/docs/user-guide/commands/argocd_admin_cluster_namespaces_disable-namespaced-mode.md @@ -39,7 +39,6 @@ argocd admin cluster namespaces disable-namespaced-mode PATTERN [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -52,11 +51,7 @@ argocd admin cluster namespaces disable-namespaced-mode PATTERN [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_cluster_namespaces_enable-namespaced-mode.md b/docs/user-guide/commands/argocd_admin_cluster_namespaces_enable-namespaced-mode.md index 9c8222719a003..b4a3f63c0d821 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_namespaces_enable-namespaced-mode.md +++ b/docs/user-guide/commands/argocd_admin_cluster_namespaces_enable-namespaced-mode.md @@ -41,7 +41,6 @@ argocd admin cluster namespaces enable-namespaced-mode PATTERN [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -54,11 +53,7 @@ argocd admin cluster namespaces enable-namespaced-mode PATTERN [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_cluster_shards.md b/docs/user-guide/commands/argocd_admin_cluster_shards.md index 8dc2aa9f02f45..be7cc36ccd662 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_shards.md +++ b/docs/user-guide/commands/argocd_admin_cluster_shards.md @@ -30,7 +30,7 @@ argocd admin cluster shards [flags] --redis-ca-certificate string Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation. --redis-client-certificate string Path to Redis client certificate (e.g. /etc/certs/redis/client.crt). --redis-client-key string Path to Redis client key (e.g. /etc/certs/redis/client.crt). - --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none) (default "gzip") + --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: none, gzip) (default "none") --redis-insecure-skip-tls-verify Skip Redis server certificate validation. --redis-use-tls Use TLS when connecting to Redis. --redisdb int Redis database. @@ -53,7 +53,6 @@ argocd admin cluster shards [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -66,11 +65,7 @@ argocd admin cluster shards [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_cluster_stats.md b/docs/user-guide/commands/argocd_admin_cluster_stats.md index 2c180376852c5..586069e08e688 100644 --- a/docs/user-guide/commands/argocd_admin_cluster_stats.md +++ b/docs/user-guide/commands/argocd_admin_cluster_stats.md @@ -30,7 +30,7 @@ argocd admin cluster stats [flags] --redis-ca-certificate string Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation. --redis-client-certificate string Path to Redis client certificate (e.g. /etc/certs/redis/client.crt). --redis-client-key string Path to Redis client key (e.g. /etc/certs/redis/client.crt). - --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none) (default "gzip") + --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: none, gzip) (default "none") --redis-insecure-skip-tls-verify Skip Redis server certificate validation. --redis-use-tls Use TLS when connecting to Redis. --redisdb int Redis database. @@ -53,7 +53,6 @@ argocd admin cluster stats [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -66,11 +65,7 @@ argocd admin cluster stats [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_dashboard.md b/docs/user-guide/commands/argocd_admin_dashboard.md index fdd09f25d0bb8..89683c9e5a2c5 100644 --- a/docs/user-guide/commands/argocd_admin_dashboard.md +++ b/docs/user-guide/commands/argocd_admin_dashboard.md @@ -25,7 +25,7 @@ argocd admin dashboard [flags] --password string Password for basic authentication to the API server --port int Listen on given port (default 8080) --proxy-url string If provided, this URL will be used to connect via proxy - --redis-compress string Enable this if the application controller is configured with redis compression enabled. (possible values: gzip, none) (default "gzip") + --redis-compress string Enable this if the application controller is configured with redis compression enabled. (possible values: none, gzip) (default "none") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server @@ -40,7 +40,6 @@ argocd admin dashboard [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -53,12 +52,8 @@ argocd admin dashboard [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_export.md b/docs/user-guide/commands/argocd_admin_export.md index f0ac03b9b7554..27ff5ad1f9369 100644 --- a/docs/user-guide/commands/argocd_admin_export.md +++ b/docs/user-guide/commands/argocd_admin_export.md @@ -39,7 +39,6 @@ argocd admin export [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -52,11 +51,7 @@ argocd admin export [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_import.md b/docs/user-guide/commands/argocd_admin_import.md index 5f8c4e55a9b60..62c9c9443e2e6 100644 --- a/docs/user-guide/commands/argocd_admin_import.md +++ b/docs/user-guide/commands/argocd_admin_import.md @@ -42,7 +42,6 @@ argocd admin import SOURCE [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -55,11 +54,7 @@ argocd admin import SOURCE [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_initial-password.md b/docs/user-guide/commands/argocd_admin_initial-password.md index 086daee6f1597..2f997d25d46d1 100644 --- a/docs/user-guide/commands/argocd_admin_initial-password.md +++ b/docs/user-guide/commands/argocd_admin_initial-password.md @@ -38,7 +38,6 @@ argocd admin initial-password [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -51,11 +50,7 @@ argocd admin initial-password [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_notifications.md b/docs/user-guide/commands/argocd_admin_notifications.md index 2baa19fa1060e..f2bb15b50d306 100644 --- a/docs/user-guide/commands/argocd_admin_notifications.md +++ b/docs/user-guide/commands/argocd_admin_notifications.md @@ -43,7 +43,6 @@ argocd admin notifications [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -56,11 +55,7 @@ argocd admin notifications [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_notifications_template.md b/docs/user-guide/commands/argocd_admin_notifications_template.md index cbb9caec38f2b..472651a267cf7 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_template.md +++ b/docs/user-guide/commands/argocd_admin_notifications_template.md @@ -31,7 +31,6 @@ argocd admin notifications template [flags] --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --config-map string argocd-notifications-cm.yaml file path --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -49,14 +48,10 @@ argocd admin notifications template [flags] --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --secret string argocd-notifications-secret.yaml file path. Use empty secret if provided value is ':empty' --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_notifications_template_get.md b/docs/user-guide/commands/argocd_admin_notifications_template_get.md index aa2a456d4c82f..58993c1abc80f 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_template_get.md +++ b/docs/user-guide/commands/argocd_admin_notifications_template_get.md @@ -43,7 +43,6 @@ argocd admin notifications template get app-sync-succeeded -o=yaml --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --config-map string argocd-notifications-cm.yaml file path --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -61,14 +60,10 @@ argocd admin notifications template get app-sync-succeeded -o=yaml --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --secret string argocd-notifications-secret.yaml file path. Use empty secret if provided value is ':empty' --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_notifications_template_notify.md b/docs/user-guide/commands/argocd_admin_notifications_template_notify.md index fc5b11e00ddae..c9098e594ab22 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_template_notify.md +++ b/docs/user-guide/commands/argocd_admin_notifications_template_notify.md @@ -44,7 +44,6 @@ argocd admin notifications template notify app-sync-succeeded guestbook --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --config-map string argocd-notifications-cm.yaml file path --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -62,14 +61,10 @@ argocd admin notifications template notify app-sync-succeeded guestbook --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --secret string argocd-notifications-secret.yaml file path. Use empty secret if provided value is ':empty' --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_notifications_trigger.md b/docs/user-guide/commands/argocd_admin_notifications_trigger.md index 265133ce193f1..bc4f82c9393a3 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_trigger.md +++ b/docs/user-guide/commands/argocd_admin_notifications_trigger.md @@ -31,7 +31,6 @@ argocd admin notifications trigger [flags] --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --config-map string argocd-notifications-cm.yaml file path --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -49,14 +48,10 @@ argocd admin notifications trigger [flags] --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --secret string argocd-notifications-secret.yaml file path. Use empty secret if provided value is ':empty' --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_notifications_trigger_get.md b/docs/user-guide/commands/argocd_admin_notifications_trigger_get.md index eb8c483f26b94..625d71bd5de1e 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_trigger_get.md +++ b/docs/user-guide/commands/argocd_admin_notifications_trigger_get.md @@ -43,7 +43,6 @@ argocd admin notifications trigger get on-sync-failed -o=yaml --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --config-map string argocd-notifications-cm.yaml file path --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -61,14 +60,10 @@ argocd admin notifications trigger get on-sync-failed -o=yaml --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --secret string argocd-notifications-secret.yaml file path. Use empty secret if provided value is ':empty' --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_notifications_trigger_run.md b/docs/user-guide/commands/argocd_admin_notifications_trigger_run.md index e0c0654dc527e..92f60bdcb8d1e 100644 --- a/docs/user-guide/commands/argocd_admin_notifications_trigger_run.md +++ b/docs/user-guide/commands/argocd_admin_notifications_trigger_run.md @@ -43,7 +43,6 @@ argocd admin notifications trigger run on-sync-status-unknown ./sample-app.yaml --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --config-map string argocd-notifications-cm.yaml file path --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -61,14 +60,10 @@ argocd admin notifications trigger run on-sync-status-unknown ./sample-app.yaml --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --secret string argocd-notifications-secret.yaml file path. Use empty secret if provided value is ':empty' --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_proj.md b/docs/user-guide/commands/argocd_admin_proj.md index 3abc1369b8be7..c78f74159b865 100644 --- a/docs/user-guide/commands/argocd_admin_proj.md +++ b/docs/user-guide/commands/argocd_admin_proj.md @@ -19,7 +19,6 @@ argocd admin proj [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd admin proj [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_proj_generate-allow-list.md b/docs/user-guide/commands/argocd_admin_proj_generate-allow-list.md index 22d5a2cf58700..a16531a200ee4 100644 --- a/docs/user-guide/commands/argocd_admin_proj_generate-allow-list.md +++ b/docs/user-guide/commands/argocd_admin_proj_generate-allow-list.md @@ -39,7 +39,6 @@ argocd admin proj generate-allow-list CLUSTERROLE_PATH PROJ_NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -52,11 +51,7 @@ argocd admin proj generate-allow-list CLUSTERROLE_PATH PROJ_NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_proj_generate-spec.md b/docs/user-guide/commands/argocd_admin_proj_generate-spec.md index 0e225ef5fbe9f..4227f17459c64 100644 --- a/docs/user-guide/commands/argocd_admin_proj_generate-spec.md +++ b/docs/user-guide/commands/argocd_admin_proj_generate-spec.md @@ -33,7 +33,6 @@ argocd admin proj generate-spec PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -46,12 +45,8 @@ argocd admin proj generate-spec PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_proj_update-role-policy.md b/docs/user-guide/commands/argocd_admin_proj_update-role-policy.md index 1ac03022f4160..f26b4c511a39a 100644 --- a/docs/user-guide/commands/argocd_admin_proj_update-role-policy.md +++ b/docs/user-guide/commands/argocd_admin_proj_update-role-policy.md @@ -54,7 +54,6 @@ argocd admin proj update-role-policy PROJECT_GLOB MODIFICATION ACTION [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -67,11 +66,7 @@ argocd admin proj update-role-policy PROJECT_GLOB MODIFICATION ACTION [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_repo.md b/docs/user-guide/commands/argocd_admin_repo.md index 067fd3b039563..ef8566aece9e8 100644 --- a/docs/user-guide/commands/argocd_admin_repo.md +++ b/docs/user-guide/commands/argocd_admin_repo.md @@ -19,7 +19,6 @@ argocd admin repo [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd admin repo [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_repo_generate-spec.md b/docs/user-guide/commands/argocd_admin_repo_generate-spec.md index dc52f3e786281..a2bf0c6972c34 100644 --- a/docs/user-guide/commands/argocd_admin_repo_generate-spec.md +++ b/docs/user-guide/commands/argocd_admin_repo_generate-spec.md @@ -66,7 +66,6 @@ argocd admin repo generate-spec REPOURL [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -79,12 +78,8 @@ argocd admin repo generate-spec REPOURL [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_settings.md b/docs/user-guide/commands/argocd_admin_settings.md index bae3ae57926a2..e1c9d36f28cd0 100644 --- a/docs/user-guide/commands/argocd_admin_settings.md +++ b/docs/user-guide/commands/argocd_admin_settings.md @@ -41,7 +41,6 @@ argocd admin settings [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -54,11 +53,7 @@ argocd admin settings [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_settings_rbac.md b/docs/user-guide/commands/argocd_admin_settings_rbac.md index ff6dae29d4ad2..9a1d5f942e314 100644 --- a/docs/user-guide/commands/argocd_admin_settings_rbac.md +++ b/docs/user-guide/commands/argocd_admin_settings_rbac.md @@ -29,7 +29,6 @@ argocd admin settings rbac [flags] --cluster string The name of the kubeconfig cluster to use --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -48,13 +47,9 @@ argocd admin settings rbac [flags] --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_settings_rbac_can.md b/docs/user-guide/commands/argocd_admin_settings_rbac_can.md index c9e8a4adc4205..560539a5239d6 100644 --- a/docs/user-guide/commands/argocd_admin_settings_rbac_can.md +++ b/docs/user-guide/commands/argocd_admin_settings_rbac_can.md @@ -75,7 +75,6 @@ argocd admin settings rbac can someuser create application 'default/app' --defau --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -89,11 +88,7 @@ argocd admin settings rbac can someuser create application 'default/app' --defau --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_admin_settings_rbac_validate.md b/docs/user-guide/commands/argocd_admin_settings_rbac_validate.md index f431fe1d491cd..c68de9ae7ee61 100644 --- a/docs/user-guide/commands/argocd_admin_settings_rbac_validate.md +++ b/docs/user-guide/commands/argocd_admin_settings_rbac_validate.md @@ -37,7 +37,6 @@ argocd admin settings rbac validate --policy-file=POLICYFILE [flags] --cluster string The name of the kubeconfig cluster to use --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -56,13 +55,9 @@ argocd admin settings rbac validate --policy-file=POLICYFILE [flags] --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides.md index 6b622a909a1d8..95c67e54dd9c9 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides.md @@ -29,7 +29,6 @@ argocd admin settings resource-overrides [flags] --cluster string The name of the kubeconfig cluster to use --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -48,13 +47,9 @@ argocd admin settings resource-overrides [flags] --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use @@ -66,7 +61,6 @@ argocd admin settings resource-overrides [flags] * [argocd admin settings](argocd_admin_settings.md) - Provides set of commands for settings validation and troubleshooting * [argocd admin settings resource-overrides health](argocd_admin_settings_resource-overrides_health.md) - Assess resource health * [argocd admin settings resource-overrides ignore-differences](argocd_admin_settings_resource-overrides_ignore-differences.md) - Renders fields excluded from diffing -* [argocd admin settings resource-overrides ignore-resource-updates](argocd_admin_settings_resource-overrides_ignore-resource-updates.md) - Renders fields excluded from resource updates * [argocd admin settings resource-overrides list-actions](argocd_admin_settings_resource-overrides_list-actions.md) - List available resource actions * [argocd admin settings resource-overrides run-action](argocd_admin_settings_resource-overrides_run-action.md) - Executes resource action diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_health.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_health.md index b7b3c24511bb9..ea98c7badf309 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_health.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_health.md @@ -40,7 +40,6 @@ argocd admin settings resource-overrides health ./deploy.yaml --argocd-cm-path . --cluster string The name of the kubeconfig cluster to use --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -59,13 +58,9 @@ argocd admin settings resource-overrides health ./deploy.yaml --argocd-cm-path . --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-differences.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-differences.md index 336da1c66c904..6d5c3ec262942 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-differences.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-differences.md @@ -40,7 +40,6 @@ argocd admin settings resource-overrides ignore-differences ./deploy.yaml --argo --cluster string The name of the kubeconfig cluster to use --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -59,13 +58,9 @@ argocd admin settings resource-overrides ignore-differences ./deploy.yaml --argo --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-resource-updates.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-resource-updates.md deleted file mode 100644 index 5a82a18c96212..0000000000000 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_ignore-resource-updates.md +++ /dev/null @@ -1,78 +0,0 @@ -## argocd admin settings resource-overrides ignore-resource-updates - -Renders fields excluded from resource updates - -### Synopsis - -Renders ignored fields using the 'ignoreResourceUpdates' setting specified in the 'resource.customizations' field of 'argocd-cm' ConfigMap - -``` -argocd admin settings resource-overrides ignore-resource-updates RESOURCE_YAML_PATH [flags] -``` - -### Examples - -``` - -argocd admin settings resource-overrides ignore-resource-updates ./deploy.yaml --argocd-cm-path ./argocd-cm.yaml -``` - -### Options - -``` - -h, --help help for ignore-resource-updates -``` - -### Options inherited from parent commands - -``` - --argocd-cm-path string Path to local argocd-cm.yaml file - --argocd-secret-path string Path to local argocd-secret.yaml file - --as string Username to impersonate for the operation - --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. - --as-uid string UID to impersonate for the operation - --auth-token string Authentication token - --certificate-authority string Path to a cert file for the certificate authority - --client-certificate string Path to a client certificate file for TLS - --client-crt string Client certificate file - --client-crt-key string Client certificate key file - --client-key string Path to a client key file for TLS - --cluster string The name of the kubeconfig cluster to use - --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") - --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server - --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. - --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. - -H, --header strings Sets additional header to all requests made by Argo CD CLI. (Can be repeated multiple times to add multiple headers, also supports comma separated headers) - --http-retry-max int Maximum number of retries to establish http connection to Argo CD server - --insecure Skip server certificate and domain verification - --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure - --kube-context string Directs the command to the given kube-context - --kubeconfig string Path to a kube config. Only required if out-of-cluster - --load-cluster-settings Indicates that config map and secret should be loaded from cluster unless local file path is provided - --logformat string Set the logging format. One of: text|json (default "text") - --loglevel string Set the logging level. One of: debug|info|warn|error (default "info") - -n, --namespace string If present, the namespace scope for this CLI request - --password string Password for basic authentication to the API server - --plaintext Disable TLS - --port-forward Connect to a random argocd-server port using port forwarding - --port-forward-namespace string Namespace name which should be used for port forwarding - --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") - --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") - --server string The address and port of the Kubernetes API server - --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") - --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. - --token string Bearer token for authentication to the API server - --user string The name of the kubeconfig user to use - --username string Username for basic authentication to the API server -``` - -### SEE ALSO - -* [argocd admin settings resource-overrides](argocd_admin_settings_resource-overrides.md) - Troubleshoot resource overrides - diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_list-actions.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_list-actions.md index a032aece40b41..a08acaa1c4ea0 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_list-actions.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_list-actions.md @@ -40,7 +40,6 @@ argocd admin settings resource-overrides action list /tmp/deploy.yaml --argocd-c --cluster string The name of the kubeconfig cluster to use --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -59,13 +58,9 @@ argocd admin settings resource-overrides action list /tmp/deploy.yaml --argocd-c --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_run-action.md b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_run-action.md index 0e8d93b060595..a722fe71eaa87 100644 --- a/docs/user-guide/commands/argocd_admin_settings_resource-overrides_run-action.md +++ b/docs/user-guide/commands/argocd_admin_settings_resource-overrides_run-action.md @@ -40,7 +40,6 @@ argocd admin settings resource-overrides action run /tmp/deploy.yaml restart --a --cluster string The name of the kubeconfig cluster to use --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -59,13 +58,9 @@ argocd admin settings resource-overrides action run /tmp/deploy.yaml restart --a --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_admin_settings_validate.md b/docs/user-guide/commands/argocd_admin_settings_validate.md index 5fbec67b22d88..bc839546a1d0b 100644 --- a/docs/user-guide/commands/argocd_admin_settings_validate.md +++ b/docs/user-guide/commands/argocd_admin_settings_validate.md @@ -24,7 +24,7 @@ argocd admin settings validate --group accounts --group plugins --load-cluster-s ### Options ``` - --group stringArray Optional list of setting groups that have to be validated ( one of: accounts, general, kustomize, repositories, resource-overrides) + --group stringArray Optional list of setting groups that have to be validated ( one of: accounts, general, kustomize, plugins, repositories, resource-overrides) -h, --help help for validate ``` @@ -45,7 +45,6 @@ argocd admin settings validate --group accounts --group plugins --load-cluster-s --cluster string The name of the kubeconfig cluster to use --config string Path to Argo CD config (default "/home/user/.config/argocd/config") --context string The name of the kubeconfig context to use - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -64,13 +63,9 @@ argocd admin settings validate --group accounts --group plugins --load-cluster-s --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding --proxy-url string If provided, this URL will be used to connect via proxy - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") --server string The address and port of the Kubernetes API server --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. --token string Bearer token for authentication to the API server --user string The name of the kubeconfig user to use diff --git a/docs/user-guide/commands/argocd_app.md b/docs/user-guide/commands/argocd_app.md index e9b4d5edebbab..fb421a89527dd 100644 --- a/docs/user-guide/commands/argocd_app.md +++ b/docs/user-guide/commands/argocd_app.md @@ -50,7 +50,6 @@ argocd app [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -63,12 +62,8 @@ argocd app [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_actions.md b/docs/user-guide/commands/argocd_app_actions.md index a6b4e723e4d32..a2357b2bbf87e 100644 --- a/docs/user-guide/commands/argocd_app_actions.md +++ b/docs/user-guide/commands/argocd_app_actions.md @@ -19,7 +19,6 @@ argocd app actions [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd app actions [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_actions_list.md b/docs/user-guide/commands/argocd_app_actions_list.md index b85082ff623bf..627c33a865544 100644 --- a/docs/user-guide/commands/argocd_app_actions_list.md +++ b/docs/user-guide/commands/argocd_app_actions_list.md @@ -24,7 +24,6 @@ argocd app actions list APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -37,12 +36,8 @@ argocd app actions list APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_actions_run.md b/docs/user-guide/commands/argocd_app_actions_run.md index 04d919006ce33..8832c1eeb06ea 100644 --- a/docs/user-guide/commands/argocd_app_actions_run.md +++ b/docs/user-guide/commands/argocd_app_actions_run.md @@ -24,7 +24,6 @@ argocd app actions run APPNAME ACTION [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -37,12 +36,8 @@ argocd app actions run APPNAME ACTION [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_create.md b/docs/user-guide/commands/argocd_app_create.md index de5bf2757080f..c4b5690a158f9 100644 --- a/docs/user-guide/commands/argocd_app_create.md +++ b/docs/user-guide/commands/argocd_app_create.md @@ -99,7 +99,6 @@ argocd app create APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -112,12 +111,8 @@ argocd app create APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_delete-resource.md b/docs/user-guide/commands/argocd_app_delete-resource.md index 988b97f67bae2..5d3192694a45b 100644 --- a/docs/user-guide/commands/argocd_app_delete-resource.md +++ b/docs/user-guide/commands/argocd_app_delete-resource.md @@ -26,7 +26,6 @@ argocd app delete-resource APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -39,12 +38,8 @@ argocd app delete-resource APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_delete.md b/docs/user-guide/commands/argocd_app_delete.md index 43612304880cf..33c5d6c0ee38f 100644 --- a/docs/user-guide/commands/argocd_app_delete.md +++ b/docs/user-guide/commands/argocd_app_delete.md @@ -40,7 +40,6 @@ argocd app delete APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -53,12 +52,8 @@ argocd app delete APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_diff.md b/docs/user-guide/commands/argocd_app_diff.md index 37c71d595a9a0..6af07a0b08b0f 100644 --- a/docs/user-guide/commands/argocd_app_diff.md +++ b/docs/user-guide/commands/argocd_app_diff.md @@ -33,7 +33,6 @@ argocd app diff APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -46,12 +45,8 @@ argocd app diff APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_edit.md b/docs/user-guide/commands/argocd_app_edit.md index 6069793b1c9a8..2f051ab186656 100644 --- a/docs/user-guide/commands/argocd_app_edit.md +++ b/docs/user-guide/commands/argocd_app_edit.md @@ -19,7 +19,6 @@ argocd app edit APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd app edit APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_get.md b/docs/user-guide/commands/argocd_app_get.md index ac027526072bd..3434d20cb8214 100644 --- a/docs/user-guide/commands/argocd_app_get.md +++ b/docs/user-guide/commands/argocd_app_get.md @@ -24,7 +24,6 @@ argocd app get APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -37,12 +36,8 @@ argocd app get APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_history.md b/docs/user-guide/commands/argocd_app_history.md index fc686db0a6068..7c6a122fad82b 100644 --- a/docs/user-guide/commands/argocd_app_history.md +++ b/docs/user-guide/commands/argocd_app_history.md @@ -20,7 +20,6 @@ argocd app history APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd app history APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_list.md b/docs/user-guide/commands/argocd_app_list.md index fb98358ec4062..5d85f926815d1 100644 --- a/docs/user-guide/commands/argocd_app_list.md +++ b/docs/user-guide/commands/argocd_app_list.md @@ -39,7 +39,6 @@ argocd app list [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -52,12 +51,8 @@ argocd app list [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_logs.md b/docs/user-guide/commands/argocd_app_logs.md index ae2c2d5ff0286..473b95a338bfb 100644 --- a/docs/user-guide/commands/argocd_app_logs.md +++ b/docs/user-guide/commands/argocd_app_logs.md @@ -30,7 +30,6 @@ argocd app logs APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -43,12 +42,8 @@ argocd app logs APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_manifests.md b/docs/user-guide/commands/argocd_app_manifests.md index d4425e38f2af6..f73cfc5b9dd29 100644 --- a/docs/user-guide/commands/argocd_app_manifests.md +++ b/docs/user-guide/commands/argocd_app_manifests.md @@ -23,7 +23,6 @@ argocd app manifests APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -36,12 +35,8 @@ argocd app manifests APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_patch-resource.md b/docs/user-guide/commands/argocd_app_patch-resource.md index 103aef744ce52..95dd5de6cc19b 100644 --- a/docs/user-guide/commands/argocd_app_patch-resource.md +++ b/docs/user-guide/commands/argocd_app_patch-resource.md @@ -26,7 +26,6 @@ argocd app patch-resource APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -39,12 +38,8 @@ argocd app patch-resource APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_patch.md b/docs/user-guide/commands/argocd_app_patch.md index 80fdc0ca000e5..c0396605cf98e 100644 --- a/docs/user-guide/commands/argocd_app_patch.md +++ b/docs/user-guide/commands/argocd_app_patch.md @@ -31,7 +31,6 @@ argocd app patch APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -44,12 +43,8 @@ argocd app patch APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_resources.md b/docs/user-guide/commands/argocd_app_resources.md index 936fe61229897..8edb3093f9dd1 100644 --- a/docs/user-guide/commands/argocd_app_resources.md +++ b/docs/user-guide/commands/argocd_app_resources.md @@ -20,7 +20,6 @@ argocd app resources APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd app resources APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_rollback.md b/docs/user-guide/commands/argocd_app_rollback.md index 332da9b23b2d4..80f1d39407dc4 100644 --- a/docs/user-guide/commands/argocd_app_rollback.md +++ b/docs/user-guide/commands/argocd_app_rollback.md @@ -21,7 +21,6 @@ argocd app rollback APPNAME [ID] [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -34,12 +33,8 @@ argocd app rollback APPNAME [ID] [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_set.md b/docs/user-guide/commands/argocd_app_set.md index f641ab1759297..ebbf0f0f23ea3 100644 --- a/docs/user-guide/commands/argocd_app_set.md +++ b/docs/user-guide/commands/argocd_app_set.md @@ -70,7 +70,6 @@ argocd app set APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -83,12 +82,8 @@ argocd app set APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_sync.md b/docs/user-guide/commands/argocd_app_sync.md index 47703b69fafeb..798fcecdd8a03 100644 --- a/docs/user-guide/commands/argocd_app_sync.md +++ b/docs/user-guide/commands/argocd_app_sync.md @@ -36,7 +36,6 @@ argocd app sync [APPNAME... | -l selector | --project project-name] [flags] ### Options ``` - --apply-out-of-sync-only Sync only out-of-sync resources --assumeYes Assume yes as answer for all user queries or prompts --async Do not wait for application to sync before continuing --dry-run Preview apply without affecting cluster @@ -69,7 +68,6 @@ argocd app sync [APPNAME... | -l selector | --project project-name] [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -82,12 +80,8 @@ argocd app sync [APPNAME... | -l selector | --project project-name] [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_terminate-op.md b/docs/user-guide/commands/argocd_app_terminate-op.md index 6d8b09d9215b8..fe8475e023aa6 100644 --- a/docs/user-guide/commands/argocd_app_terminate-op.md +++ b/docs/user-guide/commands/argocd_app_terminate-op.md @@ -19,7 +19,6 @@ argocd app terminate-op APPNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd app terminate-op APPNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_unset.md b/docs/user-guide/commands/argocd_app_unset.md index 161d965073b1c..d62902125f685 100644 --- a/docs/user-guide/commands/argocd_app_unset.md +++ b/docs/user-guide/commands/argocd_app_unset.md @@ -44,7 +44,6 @@ argocd app unset APPNAME parameters [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -57,12 +56,8 @@ argocd app unset APPNAME parameters [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_app_wait.md b/docs/user-guide/commands/argocd_app_wait.md index fa50793cbd09b..7bf911acde349 100644 --- a/docs/user-guide/commands/argocd_app_wait.md +++ b/docs/user-guide/commands/argocd_app_wait.md @@ -54,7 +54,6 @@ argocd app wait [APPNAME.. | -l selector] [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -67,12 +66,8 @@ argocd app wait [APPNAME.. | -l selector] [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_appset.md b/docs/user-guide/commands/argocd_appset.md index 06e46111ddcee..a3af8b8f50002 100644 --- a/docs/user-guide/commands/argocd_appset.md +++ b/docs/user-guide/commands/argocd_appset.md @@ -53,7 +53,6 @@ argocd appset [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -66,12 +65,8 @@ argocd appset [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_appset_create.md b/docs/user-guide/commands/argocd_appset_create.md index 7b29d231a2325..07666ae70b295 100644 --- a/docs/user-guide/commands/argocd_appset_create.md +++ b/docs/user-guide/commands/argocd_appset_create.md @@ -27,7 +27,6 @@ argocd appset create [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -40,12 +39,8 @@ argocd appset create [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_appset_delete.md b/docs/user-guide/commands/argocd_appset_delete.md index 89070925dd1f1..9c991e9c33f42 100644 --- a/docs/user-guide/commands/argocd_appset_delete.md +++ b/docs/user-guide/commands/argocd_appset_delete.md @@ -27,7 +27,6 @@ argocd appset delete [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -40,12 +39,8 @@ argocd appset delete [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_appset_get.md b/docs/user-guide/commands/argocd_appset_get.md index aa86e0185f13a..4c791524f988a 100644 --- a/docs/user-guide/commands/argocd_appset_get.md +++ b/docs/user-guide/commands/argocd_appset_get.md @@ -21,7 +21,6 @@ argocd appset get APPSETNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -34,12 +33,8 @@ argocd appset get APPSETNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_appset_list.md b/docs/user-guide/commands/argocd_appset_list.md index e7f34a8baf873..1320ccc1b7883 100644 --- a/docs/user-guide/commands/argocd_appset_list.md +++ b/docs/user-guide/commands/argocd_appset_list.md @@ -16,11 +16,10 @@ argocd appset list [flags] ### Options ``` - -N, --appset-namespace string Only list applicationsets in namespace - -h, --help help for list - -o, --output string Output format. One of: wide|name|json|yaml (default "wide") - -p, --project stringArray Filter by project name - -l, --selector string List applicationsets by label + -h, --help help for list + -o, --output string Output format. One of: wide|name|json|yaml (default "wide") + -p, --project stringArray Filter by project name + -l, --selector string List applicationsets by label ``` ### Options inherited from parent commands @@ -30,7 +29,6 @@ argocd appset list [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -43,12 +41,8 @@ argocd appset list [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cert.md b/docs/user-guide/commands/argocd_cert.md index d88d62b852af1..830434528237e 100644 --- a/docs/user-guide/commands/argocd_cert.md +++ b/docs/user-guide/commands/argocd_cert.md @@ -60,7 +60,6 @@ argocd cert [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -73,12 +72,8 @@ argocd cert [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cert_add-ssh.md b/docs/user-guide/commands/argocd_cert_add-ssh.md index e599a0f0ca0e9..8fdd6bf655d63 100644 --- a/docs/user-guide/commands/argocd_cert_add-ssh.md +++ b/docs/user-guide/commands/argocd_cert_add-ssh.md @@ -22,7 +22,6 @@ argocd cert add-ssh --batch [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -35,12 +34,8 @@ argocd cert add-ssh --batch [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cert_add-tls.md b/docs/user-guide/commands/argocd_cert_add-tls.md index 37027ddeebf22..0500e19c071dd 100644 --- a/docs/user-guide/commands/argocd_cert_add-tls.md +++ b/docs/user-guide/commands/argocd_cert_add-tls.md @@ -9,7 +9,7 @@ argocd cert add-tls SERVERNAME [flags] ### Options ``` - --from string Read TLS certificate data from file (default is to read from stdin) + --from string read TLS certificate data from file (default is to read from stdin) -h, --help help for add-tls --upsert Replace existing TLS certificate if certificate is different in input ``` @@ -21,7 +21,6 @@ argocd cert add-tls SERVERNAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -34,12 +33,8 @@ argocd cert add-tls SERVERNAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cert_list.md b/docs/user-guide/commands/argocd_cert_list.md index e4882464f7f58..8aed9cc7ab61f 100644 --- a/docs/user-guide/commands/argocd_cert_list.md +++ b/docs/user-guide/commands/argocd_cert_list.md @@ -9,11 +9,11 @@ argocd cert list [flags] ### Options ``` - --cert-type string Only list certificates of given type, valid: 'ssh','https' + --cert-type string only list certificates of given type, valid: 'ssh','https' -h, --help help for list - --hostname-pattern string Only list certificates for hosts matching given glob-pattern + --hostname-pattern string only list certificates for hosts matching given glob-pattern -o, --output string Output format. One of: json|yaml|wide (default "wide") - --sort string Set display sort order for output format wide. One of: hostname|type + --sort string set display sort order for output format wide. One of: hostname|type ``` ### Options inherited from parent commands @@ -23,7 +23,6 @@ argocd cert list [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -36,12 +35,8 @@ argocd cert list [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cert_rm.md b/docs/user-guide/commands/argocd_cert_rm.md index 03e1100faf1fa..1baad03d7ea3e 100644 --- a/docs/user-guide/commands/argocd_cert_rm.md +++ b/docs/user-guide/commands/argocd_cert_rm.md @@ -21,7 +21,6 @@ argocd cert rm REPOSERVER [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -34,12 +33,8 @@ argocd cert rm REPOSERVER [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cluster.md b/docs/user-guide/commands/argocd_cluster.md index 9ac2a00698ca4..f9c1681a82475 100644 --- a/docs/user-guide/commands/argocd_cluster.md +++ b/docs/user-guide/commands/argocd_cluster.md @@ -57,7 +57,6 @@ argocd cluster [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -70,12 +69,8 @@ argocd cluster [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cluster_add.md b/docs/user-guide/commands/argocd_cluster_add.md index 5686ef2a7bea9..1721dcffea367 100644 --- a/docs/user-guide/commands/argocd_cluster_add.md +++ b/docs/user-guide/commands/argocd_cluster_add.md @@ -40,7 +40,6 @@ argocd cluster add CONTEXT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -53,12 +52,8 @@ argocd cluster add CONTEXT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cluster_get.md b/docs/user-guide/commands/argocd_cluster_get.md index bbe5209494b42..b4e172d511da7 100644 --- a/docs/user-guide/commands/argocd_cluster_get.md +++ b/docs/user-guide/commands/argocd_cluster_get.md @@ -27,7 +27,6 @@ argocd cluster get in-cluster --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -40,12 +39,8 @@ argocd cluster get in-cluster --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cluster_list.md b/docs/user-guide/commands/argocd_cluster_list.md index b64d14a99f0e8..7683c909e59d2 100644 --- a/docs/user-guide/commands/argocd_cluster_list.md +++ b/docs/user-guide/commands/argocd_cluster_list.md @@ -20,7 +20,6 @@ argocd cluster list [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd cluster list [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cluster_rm.md b/docs/user-guide/commands/argocd_cluster_rm.md index d3bf2ca219c10..9c17e3f5f56c5 100644 --- a/docs/user-guide/commands/argocd_cluster_rm.md +++ b/docs/user-guide/commands/argocd_cluster_rm.md @@ -27,7 +27,6 @@ argocd cluster rm cluster-name --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -40,12 +39,8 @@ argocd cluster rm cluster-name --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cluster_rotate-auth.md b/docs/user-guide/commands/argocd_cluster_rotate-auth.md index 7194ca39dbff7..41ca1015bc9c2 100644 --- a/docs/user-guide/commands/argocd_cluster_rotate-auth.md +++ b/docs/user-guide/commands/argocd_cluster_rotate-auth.md @@ -26,7 +26,6 @@ argocd cluster rotate-auth cluster-name --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -39,12 +38,8 @@ argocd cluster rotate-auth cluster-name --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_cluster_set.md b/docs/user-guide/commands/argocd_cluster_set.md index ec7de00960f79..f1099fd6e3cc3 100644 --- a/docs/user-guide/commands/argocd_cluster_set.md +++ b/docs/user-guide/commands/argocd_cluster_set.md @@ -29,7 +29,6 @@ argocd cluster set NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -42,12 +41,8 @@ argocd cluster set NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_completion.md b/docs/user-guide/commands/argocd_completion.md index a23bafc7a4e3d..a040555822268 100644 --- a/docs/user-guide/commands/argocd_completion.md +++ b/docs/user-guide/commands/argocd_completion.md @@ -37,7 +37,6 @@ argocd completion SHELL [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -50,12 +49,8 @@ argocd completion SHELL [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_context.md b/docs/user-guide/commands/argocd_context.md index 762c70489140e..91ff497679855 100644 --- a/docs/user-guide/commands/argocd_context.md +++ b/docs/user-guide/commands/argocd_context.md @@ -20,7 +20,6 @@ argocd context [CONTEXT] [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd context [CONTEXT] [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_gpg.md b/docs/user-guide/commands/argocd_gpg.md index d3917d6778a14..99549701187e6 100644 --- a/docs/user-guide/commands/argocd_gpg.md +++ b/docs/user-guide/commands/argocd_gpg.md @@ -37,7 +37,6 @@ argocd gpg [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -50,12 +49,8 @@ argocd gpg [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_gpg_add.md b/docs/user-guide/commands/argocd_gpg_add.md index 4ad5d5dde0e80..9fb856d150cbc 100644 --- a/docs/user-guide/commands/argocd_gpg_add.md +++ b/docs/user-guide/commands/argocd_gpg_add.md @@ -20,7 +20,6 @@ argocd gpg add [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd gpg add [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_gpg_get.md b/docs/user-guide/commands/argocd_gpg_get.md index 1c2469241925d..4cd1e78f59426 100644 --- a/docs/user-guide/commands/argocd_gpg_get.md +++ b/docs/user-guide/commands/argocd_gpg_get.md @@ -20,7 +20,6 @@ argocd gpg get KEYID [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd gpg get KEYID [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_gpg_list.md b/docs/user-guide/commands/argocd_gpg_list.md index d4ab5f67d974b..0064c780dc652 100644 --- a/docs/user-guide/commands/argocd_gpg_list.md +++ b/docs/user-guide/commands/argocd_gpg_list.md @@ -20,7 +20,6 @@ argocd gpg list [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd gpg list [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_gpg_rm.md b/docs/user-guide/commands/argocd_gpg_rm.md index 0c9658a00fa09..d84def9d2c2fc 100644 --- a/docs/user-guide/commands/argocd_gpg_rm.md +++ b/docs/user-guide/commands/argocd_gpg_rm.md @@ -19,7 +19,6 @@ argocd gpg rm KEYID [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd gpg rm KEYID [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_login.md b/docs/user-guide/commands/argocd_login.md index 7b72b697a4e6d..d99a6b433313a 100644 --- a/docs/user-guide/commands/argocd_login.md +++ b/docs/user-guide/commands/argocd_login.md @@ -27,12 +27,12 @@ argocd login cd.argoproj.io --core ``` -h, --help help for login - --name string Name to use for the context - --password string The password of an account to authenticate + --name string name to use for the context + --password string the password of an account to authenticate --skip-test-tls Skip testing whether the server is configured with TLS (this can help when the command hangs for no apparent reason) - --sso Perform SSO login - --sso-port int Port to run local OAuth2 login application (default 8085) - --username string The username of an account to authenticate + --sso perform SSO login + --sso-port int port to run local OAuth2 login application (default 8085) + --username string the username of an account to authenticate ``` ### Options inherited from parent commands @@ -42,7 +42,6 @@ argocd login cd.argoproj.io --core --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -55,12 +54,8 @@ argocd login cd.argoproj.io --core --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_logout.md b/docs/user-guide/commands/argocd_logout.md index 8c1b961ed5a76..aa8dc75f463d5 100644 --- a/docs/user-guide/commands/argocd_logout.md +++ b/docs/user-guide/commands/argocd_logout.md @@ -23,7 +23,6 @@ argocd logout CONTEXT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -36,12 +35,8 @@ argocd logout CONTEXT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj.md b/docs/user-guide/commands/argocd_proj.md index c637fd3a8bee7..549d08ec8f77b 100644 --- a/docs/user-guide/commands/argocd_proj.md +++ b/docs/user-guide/commands/argocd_proj.md @@ -37,7 +37,6 @@ argocd proj [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -50,12 +49,8 @@ argocd proj [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_add-destination.md b/docs/user-guide/commands/argocd_proj_add-destination.md index afdefac323978..03a287d50886d 100644 --- a/docs/user-guide/commands/argocd_proj_add-destination.md +++ b/docs/user-guide/commands/argocd_proj_add-destination.md @@ -20,7 +20,6 @@ argocd proj add-destination PROJECT SERVER/NAME NAMESPACE [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj add-destination PROJECT SERVER/NAME NAMESPACE [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md b/docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md index 2c8053ac5ad43..ed4b0ca5142cc 100644 --- a/docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md +++ b/docs/user-guide/commands/argocd_proj_add-orphaned-ignore.md @@ -20,7 +20,6 @@ argocd proj add-orphaned-ignore PROJECT GROUP KIND [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj add-orphaned-ignore PROJECT GROUP KIND [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_add-signature-key.md b/docs/user-guide/commands/argocd_proj_add-signature-key.md index d131dc12ef98b..c594fccc1343a 100644 --- a/docs/user-guide/commands/argocd_proj_add-signature-key.md +++ b/docs/user-guide/commands/argocd_proj_add-signature-key.md @@ -19,7 +19,6 @@ argocd proj add-signature-key PROJECT KEY-ID [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj add-signature-key PROJECT KEY-ID [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_add-source.md b/docs/user-guide/commands/argocd_proj_add-source.md index 681b345179fee..c74a056a43654 100644 --- a/docs/user-guide/commands/argocd_proj_add-source.md +++ b/docs/user-guide/commands/argocd_proj_add-source.md @@ -19,7 +19,6 @@ argocd proj add-source PROJECT URL [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj add-source PROJECT URL [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_allow-cluster-resource.md b/docs/user-guide/commands/argocd_proj_allow-cluster-resource.md index 05831c19f347b..ad1c2a641f9a8 100644 --- a/docs/user-guide/commands/argocd_proj_allow-cluster-resource.md +++ b/docs/user-guide/commands/argocd_proj_allow-cluster-resource.md @@ -20,7 +20,6 @@ argocd proj allow-cluster-resource PROJECT GROUP KIND [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj allow-cluster-resource PROJECT GROUP KIND [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_allow-namespace-resource.md b/docs/user-guide/commands/argocd_proj_allow-namespace-resource.md index c31cd10c2753c..bd1783892a751 100644 --- a/docs/user-guide/commands/argocd_proj_allow-namespace-resource.md +++ b/docs/user-guide/commands/argocd_proj_allow-namespace-resource.md @@ -20,7 +20,6 @@ argocd proj allow-namespace-resource PROJECT GROUP KIND [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj allow-namespace-resource PROJECT GROUP KIND [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_create.md b/docs/user-guide/commands/argocd_proj_create.md index 02fa0b9a5fc1f..fa9ac85afe9f5 100644 --- a/docs/user-guide/commands/argocd_proj_create.md +++ b/docs/user-guide/commands/argocd_proj_create.md @@ -32,7 +32,6 @@ argocd proj create PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -45,12 +44,8 @@ argocd proj create PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_delete.md b/docs/user-guide/commands/argocd_proj_delete.md index 0de5adf5fcb8b..a36b57aeb9455 100644 --- a/docs/user-guide/commands/argocd_proj_delete.md +++ b/docs/user-guide/commands/argocd_proj_delete.md @@ -19,7 +19,6 @@ argocd proj delete PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj delete PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_deny-cluster-resource.md b/docs/user-guide/commands/argocd_proj_deny-cluster-resource.md index de395ef7d18c4..25db97712b0db 100644 --- a/docs/user-guide/commands/argocd_proj_deny-cluster-resource.md +++ b/docs/user-guide/commands/argocd_proj_deny-cluster-resource.md @@ -20,7 +20,6 @@ argocd proj deny-cluster-resource PROJECT GROUP KIND [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj deny-cluster-resource PROJECT GROUP KIND [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_deny-namespace-resource.md b/docs/user-guide/commands/argocd_proj_deny-namespace-resource.md index a29fb9cc1124e..bf4fa77797d87 100644 --- a/docs/user-guide/commands/argocd_proj_deny-namespace-resource.md +++ b/docs/user-guide/commands/argocd_proj_deny-namespace-resource.md @@ -20,7 +20,6 @@ argocd proj deny-namespace-resource PROJECT GROUP KIND [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj deny-namespace-resource PROJECT GROUP KIND [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_edit.md b/docs/user-guide/commands/argocd_proj_edit.md index 814062193c87e..170fc5abfa8e0 100644 --- a/docs/user-guide/commands/argocd_proj_edit.md +++ b/docs/user-guide/commands/argocd_proj_edit.md @@ -19,7 +19,6 @@ argocd proj edit PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj edit PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_get.md b/docs/user-guide/commands/argocd_proj_get.md index 133dd0bd060f8..d9feeeffab02d 100644 --- a/docs/user-guide/commands/argocd_proj_get.md +++ b/docs/user-guide/commands/argocd_proj_get.md @@ -20,7 +20,6 @@ argocd proj get PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj get PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_list.md b/docs/user-guide/commands/argocd_proj_list.md index 9038ef500b7c3..a82e1bd3407e4 100644 --- a/docs/user-guide/commands/argocd_proj_list.md +++ b/docs/user-guide/commands/argocd_proj_list.md @@ -20,7 +20,6 @@ argocd proj list [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj list [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_remove-destination.md b/docs/user-guide/commands/argocd_proj_remove-destination.md index ac8cb599335a0..be4ed17477532 100644 --- a/docs/user-guide/commands/argocd_proj_remove-destination.md +++ b/docs/user-guide/commands/argocd_proj_remove-destination.md @@ -19,7 +19,6 @@ argocd proj remove-destination PROJECT SERVER NAMESPACE [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj remove-destination PROJECT SERVER NAMESPACE [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md b/docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md index c3ea26ab3b926..c63d59d6e0fbf 100644 --- a/docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md +++ b/docs/user-guide/commands/argocd_proj_remove-orphaned-ignore.md @@ -20,7 +20,6 @@ argocd proj remove-orphaned-ignore PROJECT GROUP KIND NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj remove-orphaned-ignore PROJECT GROUP KIND NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_remove-signature-key.md b/docs/user-guide/commands/argocd_proj_remove-signature-key.md index 344f5700e443a..9dfa69174fe26 100644 --- a/docs/user-guide/commands/argocd_proj_remove-signature-key.md +++ b/docs/user-guide/commands/argocd_proj_remove-signature-key.md @@ -19,7 +19,6 @@ argocd proj remove-signature-key PROJECT KEY-ID [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj remove-signature-key PROJECT KEY-ID [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_remove-source.md b/docs/user-guide/commands/argocd_proj_remove-source.md index bd0bcc2a3e0a6..37b78d8b87c90 100644 --- a/docs/user-guide/commands/argocd_proj_remove-source.md +++ b/docs/user-guide/commands/argocd_proj_remove-source.md @@ -19,7 +19,6 @@ argocd proj remove-source PROJECT URL [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj remove-source PROJECT URL [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role.md b/docs/user-guide/commands/argocd_proj_role.md index 0dc6141e0a617..a8d1ba5c2ac66 100644 --- a/docs/user-guide/commands/argocd_proj_role.md +++ b/docs/user-guide/commands/argocd_proj_role.md @@ -19,7 +19,6 @@ argocd proj role [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj role [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_add-group.md b/docs/user-guide/commands/argocd_proj_role_add-group.md index 072b4bdf8c55f..c85bc8630fabc 100644 --- a/docs/user-guide/commands/argocd_proj_role_add-group.md +++ b/docs/user-guide/commands/argocd_proj_role_add-group.md @@ -19,7 +19,6 @@ argocd proj role add-group PROJECT ROLE-NAME GROUP-CLAIM [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj role add-group PROJECT ROLE-NAME GROUP-CLAIM [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_add-policy.md b/docs/user-guide/commands/argocd_proj_role_add-policy.md index eec1594917db7..66c6225e0f169 100644 --- a/docs/user-guide/commands/argocd_proj_role_add-policy.md +++ b/docs/user-guide/commands/argocd_proj_role_add-policy.md @@ -22,7 +22,6 @@ argocd proj role add-policy PROJECT ROLE-NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -35,12 +34,8 @@ argocd proj role add-policy PROJECT ROLE-NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_create-token.md b/docs/user-guide/commands/argocd_proj_role_create-token.md index e4c1486f41e5e..f71d005bbb20a 100644 --- a/docs/user-guide/commands/argocd_proj_role_create-token.md +++ b/docs/user-guide/commands/argocd_proj_role_create-token.md @@ -22,7 +22,6 @@ argocd proj role create-token PROJECT ROLE-NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -35,12 +34,8 @@ argocd proj role create-token PROJECT ROLE-NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_create.md b/docs/user-guide/commands/argocd_proj_role_create.md index be2d18ec47f90..7bf2d02b1c70b 100644 --- a/docs/user-guide/commands/argocd_proj_role_create.md +++ b/docs/user-guide/commands/argocd_proj_role_create.md @@ -20,7 +20,6 @@ argocd proj role create PROJECT ROLE-NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj role create PROJECT ROLE-NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_delete-token.md b/docs/user-guide/commands/argocd_proj_role_delete-token.md index f3fdee633037b..0d3e9efab54a5 100644 --- a/docs/user-guide/commands/argocd_proj_role_delete-token.md +++ b/docs/user-guide/commands/argocd_proj_role_delete-token.md @@ -19,7 +19,6 @@ argocd proj role delete-token PROJECT ROLE-NAME ISSUED-AT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj role delete-token PROJECT ROLE-NAME ISSUED-AT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_delete.md b/docs/user-guide/commands/argocd_proj_role_delete.md index 27e7b452f16d0..29a966d0a3842 100644 --- a/docs/user-guide/commands/argocd_proj_role_delete.md +++ b/docs/user-guide/commands/argocd_proj_role_delete.md @@ -19,7 +19,6 @@ argocd proj role delete PROJECT ROLE-NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj role delete PROJECT ROLE-NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_get.md b/docs/user-guide/commands/argocd_proj_role_get.md index 26ac5c881d62e..a610b62af2f1d 100644 --- a/docs/user-guide/commands/argocd_proj_role_get.md +++ b/docs/user-guide/commands/argocd_proj_role_get.md @@ -19,7 +19,6 @@ argocd proj role get PROJECT ROLE-NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj role get PROJECT ROLE-NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_list-tokens.md b/docs/user-guide/commands/argocd_proj_role_list-tokens.md index d8fbe82d33748..e5bfdb941935b 100644 --- a/docs/user-guide/commands/argocd_proj_role_list-tokens.md +++ b/docs/user-guide/commands/argocd_proj_role_list-tokens.md @@ -20,7 +20,6 @@ argocd proj role list-tokens PROJECT ROLE-NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj role list-tokens PROJECT ROLE-NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_list.md b/docs/user-guide/commands/argocd_proj_role_list.md index 2bdac1f945582..3e2928b2ea7de 100644 --- a/docs/user-guide/commands/argocd_proj_role_list.md +++ b/docs/user-guide/commands/argocd_proj_role_list.md @@ -20,7 +20,6 @@ argocd proj role list PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj role list PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_remove-group.md b/docs/user-guide/commands/argocd_proj_role_remove-group.md index 6df335030bbe6..6ca5c8a9f4283 100644 --- a/docs/user-guide/commands/argocd_proj_role_remove-group.md +++ b/docs/user-guide/commands/argocd_proj_role_remove-group.md @@ -19,7 +19,6 @@ argocd proj role remove-group PROJECT ROLE-NAME GROUP-CLAIM [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj role remove-group PROJECT ROLE-NAME GROUP-CLAIM [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_role_remove-policy.md b/docs/user-guide/commands/argocd_proj_role_remove-policy.md index 8db5da0d4e3f9..a7d68cbd30c64 100644 --- a/docs/user-guide/commands/argocd_proj_role_remove-policy.md +++ b/docs/user-guide/commands/argocd_proj_role_remove-policy.md @@ -22,7 +22,6 @@ argocd proj role remove-policy PROJECT ROLE-NAME [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -35,12 +34,8 @@ argocd proj role remove-policy PROJECT ROLE-NAME [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_set.md b/docs/user-guide/commands/argocd_proj_set.md index 3dae2a422c52a..04a87ae2bcf14 100644 --- a/docs/user-guide/commands/argocd_proj_set.md +++ b/docs/user-guide/commands/argocd_proj_set.md @@ -30,7 +30,6 @@ argocd proj set PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -43,12 +42,8 @@ argocd proj set PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_windows.md b/docs/user-guide/commands/argocd_proj_windows.md index bd8618da9ff6e..5dac140a6861c 100644 --- a/docs/user-guide/commands/argocd_proj_windows.md +++ b/docs/user-guide/commands/argocd_proj_windows.md @@ -19,7 +19,6 @@ argocd proj windows [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj windows [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_windows_add.md b/docs/user-guide/commands/argocd_proj_windows_add.md index d34b97e8eced1..de49ef307ab90 100644 --- a/docs/user-guide/commands/argocd_proj_windows_add.md +++ b/docs/user-guide/commands/argocd_proj_windows_add.md @@ -27,7 +27,6 @@ argocd proj windows add PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -40,12 +39,8 @@ argocd proj windows add PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_windows_delete.md b/docs/user-guide/commands/argocd_proj_windows_delete.md index d7e2d163ecf41..2f35f70263b82 100644 --- a/docs/user-guide/commands/argocd_proj_windows_delete.md +++ b/docs/user-guide/commands/argocd_proj_windows_delete.md @@ -19,7 +19,6 @@ argocd proj windows delete PROJECT ID [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd proj windows delete PROJECT ID [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_windows_disable-manual-sync.md b/docs/user-guide/commands/argocd_proj_windows_disable-manual-sync.md index 53423425c4d57..4c3a6e6465318 100644 --- a/docs/user-guide/commands/argocd_proj_windows_disable-manual-sync.md +++ b/docs/user-guide/commands/argocd_proj_windows_disable-manual-sync.md @@ -23,7 +23,6 @@ argocd proj windows disable-manual-sync PROJECT ID [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -36,12 +35,8 @@ argocd proj windows disable-manual-sync PROJECT ID [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_windows_enable-manual-sync.md b/docs/user-guide/commands/argocd_proj_windows_enable-manual-sync.md index ae43edc1b94fe..0ce894322bf1d 100644 --- a/docs/user-guide/commands/argocd_proj_windows_enable-manual-sync.md +++ b/docs/user-guide/commands/argocd_proj_windows_enable-manual-sync.md @@ -23,7 +23,6 @@ argocd proj windows enable-manual-sync PROJECT ID [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -36,12 +35,8 @@ argocd proj windows enable-manual-sync PROJECT ID [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_windows_list.md b/docs/user-guide/commands/argocd_proj_windows_list.md index 6f2daf2be476c..725104f2153f3 100644 --- a/docs/user-guide/commands/argocd_proj_windows_list.md +++ b/docs/user-guide/commands/argocd_proj_windows_list.md @@ -20,7 +20,6 @@ argocd proj windows list PROJECT [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd proj windows list PROJECT [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_proj_windows_update.md b/docs/user-guide/commands/argocd_proj_windows_update.md index c5197009e5a7d..0916042b62bf6 100644 --- a/docs/user-guide/commands/argocd_proj_windows_update.md +++ b/docs/user-guide/commands/argocd_proj_windows_update.md @@ -29,7 +29,6 @@ argocd proj windows update PROJECT ID [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -42,12 +41,8 @@ argocd proj windows update PROJECT ID [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_relogin.md b/docs/user-guide/commands/argocd_relogin.md index 892bb8eac559e..93d848d46b45c 100644 --- a/docs/user-guide/commands/argocd_relogin.md +++ b/docs/user-guide/commands/argocd_relogin.md @@ -14,8 +14,8 @@ argocd relogin [flags] ``` -h, --help help for relogin - --password string The password of an account to authenticate - --sso-port int Port to run local OAuth2 login application (default 8085) + --password string the password of an account to authenticate + --sso-port int port to run local OAuth2 login application (default 8085) ``` ### Options inherited from parent commands @@ -25,7 +25,6 @@ argocd relogin [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -38,12 +37,8 @@ argocd relogin [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repo.md b/docs/user-guide/commands/argocd_repo.md index db0caa8e0ac6b..e6e91d8ae8754 100644 --- a/docs/user-guide/commands/argocd_repo.md +++ b/docs/user-guide/commands/argocd_repo.md @@ -37,7 +37,6 @@ argocd repo [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -50,12 +49,8 @@ argocd repo [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repo_add.md b/docs/user-guide/commands/argocd_repo_add.md index d39dd258eb7f9..21bb371b95a0a 100644 --- a/docs/user-guide/commands/argocd_repo_add.md +++ b/docs/user-guide/commands/argocd_repo_add.md @@ -74,7 +74,6 @@ argocd repo add REPOURL [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -87,12 +86,8 @@ argocd repo add REPOURL [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repo_get.md b/docs/user-guide/commands/argocd_repo_get.md index ff570472db232..784610eb71d12 100644 --- a/docs/user-guide/commands/argocd_repo_get.md +++ b/docs/user-guide/commands/argocd_repo_get.md @@ -21,7 +21,6 @@ argocd repo get [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -34,12 +33,8 @@ argocd repo get [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repo_list.md b/docs/user-guide/commands/argocd_repo_list.md index 9b4dea524358f..b724967a8ce6a 100644 --- a/docs/user-guide/commands/argocd_repo_list.md +++ b/docs/user-guide/commands/argocd_repo_list.md @@ -21,7 +21,6 @@ argocd repo list [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -34,12 +33,8 @@ argocd repo list [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repo_rm.md b/docs/user-guide/commands/argocd_repo_rm.md index 2fb205395bc77..c33ef807bb82e 100644 --- a/docs/user-guide/commands/argocd_repo_rm.md +++ b/docs/user-guide/commands/argocd_repo_rm.md @@ -19,7 +19,6 @@ argocd repo rm REPO [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd repo rm REPO [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repocreds.md b/docs/user-guide/commands/argocd_repocreds.md index 9e6c781f5cd1f..f2a52f42fbb92 100644 --- a/docs/user-guide/commands/argocd_repocreds.md +++ b/docs/user-guide/commands/argocd_repocreds.md @@ -37,7 +37,6 @@ argocd repocreds [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -50,12 +49,8 @@ argocd repocreds [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repocreds_add.md b/docs/user-guide/commands/argocd_repocreds_add.md index ef874fc89ee50..fa277f0cc756d 100644 --- a/docs/user-guide/commands/argocd_repocreds_add.md +++ b/docs/user-guide/commands/argocd_repocreds_add.md @@ -56,7 +56,6 @@ argocd repocreds add REPOURL [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -69,12 +68,8 @@ argocd repocreds add REPOURL [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repocreds_list.md b/docs/user-guide/commands/argocd_repocreds_list.md index c5fbb4d1f4aab..f0d7a6bcae570 100644 --- a/docs/user-guide/commands/argocd_repocreds_list.md +++ b/docs/user-guide/commands/argocd_repocreds_list.md @@ -20,7 +20,6 @@ argocd repocreds list [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -33,12 +32,8 @@ argocd repocreds list [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_repocreds_rm.md b/docs/user-guide/commands/argocd_repocreds_rm.md index 0535211247b0e..678e70afd50c1 100644 --- a/docs/user-guide/commands/argocd_repocreds_rm.md +++ b/docs/user-guide/commands/argocd_repocreds_rm.md @@ -19,7 +19,6 @@ argocd repocreds rm CREDSURL [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -32,12 +31,8 @@ argocd repocreds rm CREDSURL [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/commands/argocd_version.md b/docs/user-guide/commands/argocd_version.md index d0ac0eeb653d4..a8ecfa69ea0f1 100644 --- a/docs/user-guide/commands/argocd_version.md +++ b/docs/user-guide/commands/argocd_version.md @@ -57,7 +57,6 @@ argocd version [flags] --client-crt string Client certificate file --client-crt-key string Client certificate key file --config string Path to Argo CD config (default "/home/user/.config/argocd/config") - --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. @@ -70,12 +69,8 @@ argocd version [flags] --plaintext Disable TLS --port-forward Connect to a random argocd-server port using port forwarding --port-forward-namespace string Namespace name which should be used for port forwarding - --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") - --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") - --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") --server string Argo CD server address --server-crt string Server certificate file - --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") ``` ### SEE ALSO diff --git a/docs/user-guide/diffing.md b/docs/user-guide/diffing.md index 5a056b9c3769b..3daa006370f73 100644 --- a/docs/user-guide/diffing.md +++ b/docs/user-guide/diffing.md @@ -68,15 +68,6 @@ spec: The above configuration will ignore differences from all fields owned by `kube-controller-manager` for all resources belonging to this application. -If you have a slash `/` in your pointer path, you can use the `~1` character. For example: - -```yaml -spec: - ignoreDifferences: - - kind: Node - jsonPointers: /metadata/labels/node-role.kubernetes.io~1worker -``` - ## System-Level Configuration The comparison of resources with well-known issues can be customized at a system level. Ignored differences can be configured for a specified group and kind diff --git a/docs/user-guide/environment-variables.md b/docs/user-guide/environment-variables.md index 238db85b5c718..ceea5798e83a3 100644 --- a/docs/user-guide/environment-variables.md +++ b/docs/user-guide/environment-variables.md @@ -2,13 +2,8 @@ The following environment variables can be used with `argocd` CLI: -| Environment Variable | Description | -|--------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `ARGOCD_SERVER` | the address of the Argo CD server without `https://` prefix
                                                                                                                                                                                                                              (instead of specifying `--server` for every command)
                                                                                                                                                                                                                              eg. `ARGOCD_SERVER=argocd.mycompany.com` if served through an ingress with DNS | -| `ARGOCD_AUTH_TOKEN` | the Argo CD `apiKey` for your Argo CD user to be able to authenticate | -| `ARGOCD_OPTS` | command-line options to pass to `argocd` CLI
                                                                                                                                                                                                                              eg. `ARGOCD_OPTS="--grpc-web"` | -| `ARGOCD_SERVER_NAME` | the Argo CD API Server name (default "argocd-server") | -| `ARGOCD_REPO_SERVER_NAME` | the Argo CD Repository Server name (default "argocd-repo-server") | -| `ARGOCD_APPLICATION_CONTROLLER_NAME` | the Argo CD Application Controller name (default "argocd-application-controller") | -| `ARGOCD_REDIS_NAME` | the Argo CD Redis name (default "argocd-redis") | -| `ARGOCD_REDIS_HAPROXY_NAME` | the Argo CD Redis HA Proxy name (default "argocd-redis-ha-haproxy") | +| Environment Variable | Description | +| --- | --- | +| `ARGOCD_SERVER` | the address of the ArgoCD server without `https://` prefix
                                                                                                                                                                                                                              (instead of specifying `--server` for every command)
                                                                                                                                                                                                                              eg. `ARGOCD_SERVER=argocd.mycompany.com` if served through an ingress with DNS | +| `ARGOCD_AUTH_TOKEN` | the ArgoCD `apiKey` for your ArgoCD user to be able to authenticate | +| `ARGOCD_OPTS` | command-line options to pass to `argocd` CLI
                                                                                                                                                                                                                              eg. `ARGOCD_OPTS="--grpc-web"` | diff --git a/docs/user-guide/external-url.md b/docs/user-guide/external-url.md index 792b8465b233b..173a8724c5fea 100644 --- a/docs/user-guide/external-url.md +++ b/docs/user-guide/external-url.md @@ -1,6 +1,6 @@ # Add external URL -You can add additional external links to Argo CD dashboard. For example +You can add additional external links to ArgoCD dashboard. For example links monitoring pages or documentation instead of just ingress hosts or other apps. ArgoCD generates a clickable links to external pages for a resource based on per resource annotation. diff --git a/docs/user-guide/extra_info.md b/docs/user-guide/extra_info.md index 298b457a81bd4..0a27e497ec46d 100644 --- a/docs/user-guide/extra_info.md +++ b/docs/user-guide/extra_info.md @@ -1,6 +1,6 @@ # Add extra Application info -You can add additional information to an Application on your Argo CD dashboard. +You can add additional information to an Application on your ArgoCD dashboard. If you wish to add clickable links, see [Add external URL](https://argo-cd.readthedocs.io/en/stable/user-guide/external-url/). This is done by providing the 'info' field a key-value in your Application manifest. @@ -21,7 +21,7 @@ info: ``` ![External link](../assets/extra_info-1.png) -The additional information will be visible on the Argo CD Application details page. +The additional information will be visible on the ArgoCD Application details page. ![External link](../assets/extra_info.png) diff --git a/docs/user-guide/helm.md b/docs/user-guide/helm.md index b4681a169b181..1481e84a24d40 100644 --- a/docs/user-guide/helm.md +++ b/docs/user-guide/helm.md @@ -52,30 +52,9 @@ source: ## Values -Argo CD supports the equivalent of a values file directly in the Application manifest using the `source.helm.valuesObject` key. +Argo CD supports the equivalent of a values file directly in the Application manifest using the `source.helm.values` key. -```yaml -source: - helm: - valuesObject: - ingress: - enabled: true - path: / - hosts: - - mydomain.example.com - annotations: - kubernetes.io/ingress.class: nginx - kubernetes.io/tls-acme: "true" - labels: {} - tls: - - secretName: mydomain-tls - hosts: - - mydomain.example.com ``` - -Alternatively, values can be passed in as a string using the `source.helm.values` key. - -```yaml source: helm: values: | @@ -122,7 +101,7 @@ source: ## Helm Release Name -By default, the Helm release name is equal to the Application name to which it belongs. Sometimes, especially on a centralised Argo CD, +By default, the Helm release name is equal to the Application name to which it belongs. Sometimes, especially on a centralised ArgoCD, you may want to override that name, and it is possible with the `release-name` flag on the cli: ```bash @@ -138,7 +117,7 @@ source: ``` !!! warning "Important notice on overriding the release name" - Please note that overriding the Helm release name might cause problems when the chart you are deploying is using the `app.kubernetes.io/instance` label. Argo CD injects this label with the value of the Application name for tracking purposes. So when overriding the release name, the Application name will stop being equal to the release name. Because Argo CD will overwrite the label with the Application name it might cause some selectors on the resources to stop working. In order to avoid this we can configure Argo CD to use another label for tracking in the [ArgoCD configmap argocd-cm.yaml](../operator-manual/argocd-cm.yaml) - check the lines describing `application.instanceLabelKey`. + Please note that overriding the Helm release name might cause problems when the chart you are deploying is using the `app.kubernetes.io/instance` label. ArgoCD injects this label with the value of the Application name for tracking purposes. So when overriding the release name, the Application name will stop being equal to the release name. Because ArgoCD will overwrite the label with the Application name it might cause some selectors on the resources to stop working. In order to avoid this we can configure ArgoCD to use another label for tracking in the [ArgoCD configmap argocd-cm.yaml](../operator-manual/argocd-cm.yaml) - check the lines describing `application.instanceLabelKey`. ## Helm Hooks @@ -254,7 +233,7 @@ One way to use this plugin is to prepare your own ArgoCD image where it is inclu Example `Dockerfile`: -```dockerfile +``` FROM argoproj/argocd:v1.5.7 USER root @@ -284,7 +263,7 @@ Some users find this pattern preferable to maintaining their own version of the Below is an example of how to add Helm plugins when installing ArgoCD with the [official ArgoCD helm chart](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd): -```yaml +``` repoServer: volumes: - name: gcp-credentials diff --git a/docs/user-guide/jsonnet.md b/docs/user-guide/jsonnet.md index 194daa06c2591..699cd45335b61 100644 --- a/docs/user-guide/jsonnet.md +++ b/docs/user-guide/jsonnet.md @@ -1,6 +1,6 @@ # Jsonnet -Any file matching `*.jsonnet` in a directory app is treated as a Jsonnet file. Argo CD evaluates the Jsonnet and is able to parse a generated object or array. +Any file matching `*.jsonnet` in a directory app is treated as a Jsonnet file. ArgoCD evaluates the Jsonnet and is able to parse a generated object or array. ## Build Environment diff --git a/docs/user-guide/multiple_sources.md b/docs/user-guide/multiple_sources.md index 2547a4af7bf4a..5aef3825389f7 100644 --- a/docs/user-guide/multiple_sources.md +++ b/docs/user-guide/multiple_sources.md @@ -56,7 +56,7 @@ spec: helm: valueFiles: - $values/charts/prometheus/values.yaml - - repoURL: 'https://git.example.com/org/value-files.git' + - repoURL: 'https://git.example.gom/org/value-files.git' targetRevision: dev ref: values ``` diff --git a/docs/user-guide/private-repositories.md b/docs/user-guide/private-repositories.md index 074e5caad9e96..3230fcd6767cc 100644 --- a/docs/user-guide/private-repositories.md +++ b/docs/user-guide/private-repositories.md @@ -3,7 +3,7 @@ !!!note Some Git hosters - notably GitLab and possibly on-premise GitLab instances as well - require you to specify the `.git` suffix in the repository URL, otherwise they will send a HTTP 301 redirect to the - repository URL suffixed with `.git`. Argo CD will **not** follow these redirects, so you have to + repository URL suffixed with `.git`. ArgoCD will **not** follow these redirects, so you have to adapt your repository URL to be suffixed with `.git`. ## Credentials @@ -26,13 +26,13 @@ or UI: ![connect repo overview](../assets/repo-add-overview.png) -2. Click `Connect Repo using HTTPS` button and enter credentials +1. Click `Connect Repo using HTTPS` button and enter credentials ![connect repo](../assets/repo-add-https.png) *Note: username in screenshot is for illustration purposes only , we have no relationship to this GitHub account should it exist.* -3. Click `Connect` to test the connection and have the repository added +1. Click `Connect` to test the connection and have the repository added ![connect repo](../assets/connect-repo.png) @@ -52,7 +52,7 @@ Then, connect the repository using any non-empty string as username and the acce ### TLS Client Certificates for HTTPS repositories -If your repository server requires you to use TLS client certificates for authentication, you can configure Argo CD repositories to make use of them. For this purpose, `--tls-client-cert-path` and `--tls-client-cert-key-path` switches to the `argocd repo add` command can be used to specify the files on your local system containing client certificate and the corresponding key, respectively: +If your repository server requires you to use TLS client certificates for authentication, you can configure ArgoCD repositories to make use of them. For this purpose, `--tls-client-cert-path` and `--tls-client-cert-key-path` switches to the `argocd repo add` command can be used to specify the files on your local system containing client certificate and the corresponding key, respectively: ``` argocd repo add https://repo.example.com/repo.git --tls-client-cert-path ~/mycert.crt --tls-client-cert-key-path ~/mycert.key @@ -63,7 +63,7 @@ Of course, you can also use this in combination with the `--username` and `--pas Your TLS client certificate and corresponding key can also be configured using the UI, see instructions for adding Git repos using HTTPS. !!! note - Your client certificate and key data must be in PEM format, other formats (such as PKCS12) are not understood. Also make sure that your certificate's key is not password protected, otherwise it cannot be used by Argo CD. + Your client certificate and key data must be in PEM format, other formats (such as PKCS12) are not understood. Also make sure that your certificate's key is not password protected, otherwise it cannot be used by ArgoCD. !!! note When pasting TLS client certificate and key in the text areas in the web UI, make sure they contain no unintended line breaks or additional characters. @@ -92,11 +92,11 @@ Using the UI: ![connect repo overview](../assets/repo-add-overview.png) -2. Click `Connect Repo using SSH` button, enter the URL and paste the SSH private key +1. Click `Connect Repo using SSH` button, enter the URL and paste the SSH private key ![connect repo](../assets/repo-add-ssh.png) -3. Click `Connect` to test the connection and have the repository added +1. Click `Connect` to test the connection and have the repository added !!!note When pasting SSH private key in the UI, make sure there are no unintended line breaks or additional characters in the text area @@ -125,11 +125,11 @@ Using the UI: ![connect repo overview](../assets/repo-add-overview.png) -2. Click `Connect Repo using GitHub App` button, enter the URL, App Id, Installation Id, and the app's private key. +1. Click `Connect Repo using GitHub App` button, enter the URL, App Id, Installation Id, and the app's private key. ![connect repo](../assets/repo-add-github-app.png) -3. Click `Connect` to test the connection and have the repository added +1. Click `Connect` to test the connection and have the repository added !!!note When pasting GitHub App private key in the UI, make sure there are no unintended line breaks or additional characters in the text area @@ -155,11 +155,11 @@ Using the UI: ![connect repo overview](../assets/repo-add-overview.png) -2. Click `Connect Repo using Google Cloud Source` button, enter the URL and the Google Cloud service account in JSON format. +1. Click `Connect Repo using Google Cloud Source` button, enter the URL and the Google Cloud service account in JSON format. ![connect repo](../assets/repo-add-google-cloud-source.png) -3. Click `Connect` to test the connection and have the repository added +1. Click `Connect` to test the connection and have the repository added ## Credential templates @@ -169,7 +169,7 @@ To set up a credential template using the Web UI, simply fill in all relevant cr To manage credential templates using the CLI, use the `repocreds` sub-command, for example `argocd repocreds add https://github.com/argoproj --username youruser --password yourpass` would setup a credential template for the URL prefix `https://github.com/argoproj` using the specified username/password combination. Similar to the `repo` sub-command, you can also list and remove repository credentials using the `argocd repocreds list` and `argocd repocreds rm` commands, respectively. -In order for Argo CD to use a credential template for any given repository, the following conditions must be met: +In order for ArgoCD to use a credential template for any given repository, the following conditions must be met: * The repository must either not be configured at all, or if configured, must not contain any credential information * The URL configured for a credential template (e.g. `https://github.com/argoproj`) must match as prefix for the repository URL (e.g. `https://github.com/argoproj/argocd-example-apps`). @@ -204,7 +204,7 @@ FATA[0000] rpc error: code = Unknown desc = authentication required ## Self-signed & Untrusted TLS Certificates -If you are connecting a repository on a HTTPS server using a self-signed certificate, or a certificate signed by a custom Certificate Authority (CA) which are not known to Argo CD, the repository will not be added due to security reasons. This is indicated by an error message such as `x509: certificate signed by unknown authority`. +If you are connecting a repository on a HTTPS server using a self-signed certificate, or a certificate signed by a custom Certificate Authority (CA) which are not known to ArgoCD, the repository will not be added due to security reasons. This is indicated by an error message such as `x509: certificate signed by unknown authority`. 1. You can let ArgoCD connect the repository in an insecure way, without verifying the server's certificate at all. This can be accomplished by using the `--insecure-skip-server-verification` flag when adding the repository with the `argocd` CLI utility. However, this should be done only for non-production setups, as it imposes a serious security issue through possible man-in-the-middle attacks. @@ -265,15 +265,15 @@ It is possible to add and remove TLS certificates using the ArgoCD web UI: 1. In the navigation pane to the left, click on "Settings" and choose "Certificates" from the settings menu -2. The following page lists all currently configured certificates and provides you with the option to add either a new TLS certificate or SSH known entries: +1. The following page lists all currently configured certificates and provides you with the option to add either a new TLS certificate or SSH known entries: ![manage certificates](../assets/cert-management-overview.png) -3. Click on "Add TLS certificate", fill in relevant data and click on "Create". Take care to specify only the FQDN of your repository server (not the URL) and that you C&P the complete PEM of your TLS certificate into the text area field, including the `----BEGIN CERTIFICATE----` and `----END CERTIFICATE----` lines: +1. Click on "Add TLS certificate", fill in relevant data and click on "Create". Take care to specify only the FQDN of your repository server (not the URL) and that you C&P the complete PEM of your TLS certificate into the text area field, including the `----BEGIN CERTIFICATE----` and `----END CERTIFICATE----` lines: ![add tls certificate](../assets/cert-management-add-tls.png) -4. To remove a certificate, click on the small three-dotted button next to the certificate entry, select "Remove" from the pop-up menu and confirm the removal in the following dialogue. +1. To remove a certificate, click on the small three-dotted button next to the certificate entry, select "Remove" from the pop-up menu and confirm the removal in the following dialogue. ![remove certificate](../assets/cert-management-remove.png) @@ -345,15 +345,15 @@ It is possible to add and remove SSH known hosts entries using the ArgoCD web UI 1. In the navigation pane to the left, click on "Settings" and choose "Certificates" from the settings menu -2. The following page lists all currently configured certificates and provides you with the option to add either a new TLS certificate or SSH known entries: +1. The following page lists all currently configured certificates and provides you with the option to add either a new TLS certificate or SSH known entries: ![manage certificates](../assets/cert-management-overview.png) -3. Click on "Add SSH known hosts" and paste your SSH known hosts data in the following mask. **Important**: Make sure there are no line breaks in the entries (key data) when you paste the data. Afterwards, click on "Create". +1. Click on "Add SSH known hosts" and paste your SSH known hosts data in the following mask. **Important**: Make sure there are no line breaks in the entries (key data) when you paste the data. Afterwards, click on "Create". ![manage ssh known hosts](../assets/cert-management-add-ssh.png) -4. To remove a certificate, click on the small three-dotted button next to the certificate entry, select "Remove" from the pop-up menu and confirm the removal in the following dialogue. +1. To remove a certificate, click on the small three-dotted button next to the certificate entry, select "Remove" from the pop-up menu and confirm the removal in the following dialogue. ![remove certificate](../assets/cert-management-remove.png) diff --git a/docs/user-guide/projects.md b/docs/user-guide/projects.md index 0ed79ede623d5..666534975a854 100644 --- a/docs/user-guide/projects.md +++ b/docs/user-guide/projects.md @@ -271,15 +271,15 @@ projectName: `proj-global-test` should be replaced with your own global project ## Project scoped Repositories and Clusters -Normally, an Argo CD admin creates a project and decides in advance which clusters and Git repositories +Normally, an ArgoCD admin creates a project and decides in advance which clusters and Git repositories it defines. However, this creates a problem in scenarios where a developer wants to add a repository or cluster -after the initial creation of the project. This forces the developer to contact their Argo CD admin again to update the project definition. +after the initial creation of the project. This forces the developer to contact their ArgoCD admin again to update the project definition. It is possible to offer a self-service process for developers so that they can add a repository and/or cluster in a project on their own even after the initial creation of the project. -For this purpose Argo CD supports project-scoped repositories and clusters. +For this purpose ArgoCD supports project-scoped repositories and clusters. -To begin the process, Argo CD admins must configure RBAC security to allow this self-service behavior. +To begin the process, ArgoCD admins must configure RBAC security to allow this self-service behavior. For example, to allow users to add project scoped repositories and admin would have to add the following RBAC rules: diff --git a/docs/user-guide/resource_hooks.md b/docs/user-guide/resource_hooks.md index d705f8d21423d..9f8f98e033a20 100644 --- a/docs/user-guide/resource_hooks.md +++ b/docs/user-guide/resource_hooks.md @@ -69,7 +69,7 @@ The following policies define when the hook will be deleted. | `HookFailed` | The hook resource is deleted after the hook failed. | | `BeforeHookCreation` | Any existing hook resource is deleted before the new one is created (since v1.3). It is meant to be used with `/metadata/name`. | -Note that if no deletion policy is specified, Argo CD will automatically assume `BeforeHookCreation` rules. +Note that if no deletion policy is specified, ArgoCD will automatically assume `BeforeHookCreation` rules. ### Sync Status with Jobs/Workflows with Time to Live (ttl) diff --git a/docs/user-guide/resource_tracking.md b/docs/user-guide/resource_tracking.md index cdc23552c3b37..cb69ef143d7a2 100644 --- a/docs/user-guide/resource_tracking.md +++ b/docs/user-guide/resource_tracking.md @@ -55,17 +55,12 @@ To actually select your preferred tracking method edit the `resourceTrackingMeth ```yaml apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cm - labels: - app.kubernetes.io/name: argocd-cm - app.kubernetes.io/part-of: argocd data: application.resourceTrackingMethod: annotation +kind: ConfigMap ``` Possible values are `label`, `annotation+label` and `annotation` as described in the previous section. Note that once you change the value you need to sync your applications again (or wait for the sync mechanism to kick-in) in order to apply your changes. -You can revert to a previous choice, by changing again the configmap. +You can revert to a previous choice, by changing again the configmap. \ No newline at end of file diff --git a/docs/user-guide/sync-options.md b/docs/user-guide/sync-options.md index 9afe031ba7469..688e1800bf406 100644 --- a/docs/user-guide/sync-options.md +++ b/docs/user-guide/sync-options.md @@ -316,10 +316,10 @@ spec: - CreateNamespace=true ``` -In order for Argo CD to manage the labels and annotations on the namespace, `CreateNamespace=true` needs to be set as a +In order for ArgoCD to manage the labels and annotations on the namespace, `CreateNamespace=true` needs to be set as a sync option, otherwise nothing will happen. If the namespace doesn't already exist, or if it already exists and doesn't already have labels and/or annotations set on it, you're good to go. Using `managedNamespaceMetadata` will also set the -resource tracking label (or annotation) on the namespace, so you can easily track which namespaces are managed by Argo CD. +resource tracking label (or annotation) on the namespace, so you can easily track which namespaces are managed by ArgoCD. In the case you do not have any custom annotations or labels but would nonetheless want to have resource tracking set on your namespace, that can be done by setting `managedNamespaceMetadata` with an empty `labels` and/or `annotations` map, @@ -339,7 +339,7 @@ spec: - CreateNamespace=true ``` -In the case where Argo CD is "adopting" an existing namespace which already has metadata set on it, we rely on using +In the case where ArgoCD is "adopting" an existing namespace which already has metadata set on it, we rely on using Server Side Apply in order not to lose metadata which has already been set. The main implication here is that it takes a few extra steps to get rid of an already preexisting field. @@ -355,7 +355,7 @@ metadata: abc: "123" ``` -If we want to manage the `foobar` namespace with Argo CD and to then also remove the `foo: bar` annotation, in +If we want to manage the `foobar` namespace with ArgoCD and to then also remove the `foo: bar` annotation, in `managedNamespaceMetadata` we'd need to first rename the `foo` value: ```yaml @@ -385,7 +385,7 @@ spec: - CreateNamespace=true ``` -Another thing to keep mind of is that if you have a k8s manifest for the same namespace in your Argo CD application, that +Another thing to keep mind of is that if you have a k8s manifest for the same namespace in your ArgoCD application, that will take precedence and *overwrite whatever values that have been set in `managedNamespaceMetadata`*. In other words, if you have an application that sets `managedNamespaceMetadata` diff --git a/docs/user-guide/sync_windows.md b/docs/user-guide/sync_windows.md index 031d8e6d67b30..8129e78c27062 100644 --- a/docs/user-guide/sync_windows.md +++ b/docs/user-guide/sync_windows.md @@ -7,7 +7,7 @@ of both manual and automated syncs but allow an override for manual syncs which in preventing automated syncs or if you need to temporarily override a window to perform a sync. The windows work in the following way. If there are no windows matching an application then all syncs are allowed. If there -are any `allow` windows matching an application then syncs will only be allowed when there is an active `allow` window. If there +are any `allow` windows matching an application then syncs will only be allowed when there is an active `allow` windows. If there are any `deny` windows matching an application then all syncs will be denied when the `deny` windows are active. If there is an active matching `allow` and an active matching `deny` then syncs will be denied as `deny` windows override `allow` windows. The UI and the CLI will both display the state of the sync windows. The UI has a panel which will display different colours depending diff --git a/docs/user-guide/tracking_strategies.md b/docs/user-guide/tracking_strategies.md index 57dfc5f907b65..e1abe85717724 100644 --- a/docs/user-guide/tracking_strategies.md +++ b/docs/user-guide/tracking_strategies.md @@ -11,7 +11,7 @@ is detected. ## Helm -Helm chart versions are [Semantic Versions](https://semver.org/). As a result, you can use any of the following version ranges: +For Helm, all versions are [Semantic Versions](https://semver.org/). As a result, you can either version ranges: | Use Case | How | Examples | |-|-|-| @@ -19,7 +19,6 @@ Helm chart versions are [Semantic Versions](https://semver.org/). As a result, y | Track patches (e.g. in pre-production) | Use a range | `1.2.*` or `>=1.2.0 <1.3.0` | | Track minor releases (e.g. in QA) | Use a range | `1.*` or `>=1.0.0 <2.0.0` | | Use the latest (e.g. in local development) | Use star range | `*` or `>=0.0.0` | -| Use the latest including pre-releases | Use star range with `-0` suffix | `*-0` or `>=0.0.0-0` | [Read about version ranges](https://www.telerik.com/blogs/the-mystical-magical-semver-ranges-used-by-npm-bower) diff --git a/examples/k8s-rbac/argocd-server-applications/kustomization.yaml b/examples/k8s-rbac/argocd-server-applications/kustomization.yaml deleted file mode 100644 index 67d8d57d3f72f..0000000000000 --- a/examples/k8s-rbac/argocd-server-applications/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- argocd-server-rbac-clusterrole.yaml -- argocd-server-rbac-clusterrolebinding.yaml diff --git a/examples/plugins/helm/argocd-repo-server-deployment-patch.yaml b/examples/plugins/helm/argocd-repo-server-deployment-patch.yaml index e933c8021a610..7f23e588c858f 100644 --- a/examples/plugins/helm/argocd-repo-server-deployment-patch.yaml +++ b/examples/plugins/helm/argocd-repo-server-deployment-patch.yaml @@ -12,9 +12,9 @@ spec: - sh - -c - | - wget https://get.helm.sh/helm-v3.10.3-linux-amd64.tar.gz -O - | tar xz && mv linux-amd64/helm /tools/helm && chmod +x /tools/helm + wget https://get.helm.sh/helm-v3.8.2-linux-amd64.tar.gz -O - | tar xz && mv linux-amd64/helm /tools/helm && chmod +x /tools/helm wget https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 -O /tools/jq && chmod +x /tools/jq - wget https://github.com/mikefarah/yq/releases/download/v4.30.6/yq_linux_amd64 -O /tools/yq && chmod +x /tools/yq + wget https://github.com/mikefarah/yq/releases/download/v4.24.5/yq_linux_amd64 -O /tools/yq && chmod +x /tools/yq volumeMounts: - mountPath: /tools name: helm-plugin-tools diff --git a/go.mod b/go.mod index 047c62851a5c4..95a95427cf2a4 100644 --- a/go.mod +++ b/go.mod @@ -4,66 +4,64 @@ go 1.19 require ( code.gitea.io/sdk/gitea v0.15.1 - github.com/Azure/kubelogin v0.0.20 github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible - github.com/Masterminds/semver/v3 v3.2.1 - github.com/Masterminds/sprig/v3 v3.2.3 + github.com/Masterminds/semver/v3 v3.2.0 github.com/TomOnTime/utfutil v0.0.0-20180511104225-09c41003ee1d - github.com/alicebob/miniredis/v2 v2.30.4 - github.com/antonmedv/expr v1.12.7 - github.com/argoproj/gitops-engine v0.7.1-0.20230809134534-ed7c77a9290b - github.com/argoproj/notifications-engine v0.4.1-0.20230620204159-3446d4ae8520 - github.com/argoproj/pkg v0.13.7-0.20230626144333-d56162821bd1 - github.com/aws/aws-sdk-go v1.44.317 - github.com/bmatcuk/doublestar/v4 v4.6.0 + github.com/alicebob/miniredis/v2 v2.23.1 + github.com/antonmedv/expr v1.9.0 + github.com/argoproj/gitops-engine v0.7.1-0.20230526233214-ad9a694fe4bc + github.com/argoproj/notifications-engine v0.4.1-0.20230228182525-f754726f03da + github.com/argoproj/pkg v0.13.7-0.20230627120311-a4dd357b057e + github.com/aws/aws-sdk-go v1.44.290 github.com/bombsimon/logrusr/v2 v2.0.1 - github.com/bradleyfalzon/ghinstallation/v2 v2.6.0 - github.com/casbin/casbin/v2 v2.73.0 - github.com/coreos/go-oidc/v3 v3.6.0 + github.com/bradleyfalzon/ghinstallation/v2 v2.1.0 + github.com/casbin/casbin/v2 v2.60.0 + github.com/chai2010/gettext-go v0.0.0-20170215093142-bf70f2a70fb1 // indirect github.com/cyphar/filepath-securejoin v0.2.3 github.com/dustin/go-humanize v1.0.1 github.com/evanphx/json-patch v5.6.0+incompatible github.com/fsnotify/fsnotify v1.6.0 - github.com/gfleury/go-bitbucket-v1 v0.0.0-20220301131131-8e7ed04b843e - github.com/go-git/go-git/v5 v5.8.1 - github.com/go-logr/logr v1.2.4 + github.com/ghodss/yaml v1.0.0 + github.com/go-git/go-git/v5 v5.6.1 + github.com/go-logr/logr v1.2.3 github.com/go-openapi/loads v0.21.2 - github.com/go-openapi/runtime v0.26.0 - github.com/go-playground/webhooks/v6 v6.2.1-0.20230808162451-10570b0a59e8 - github.com/go-redis/cache/v9 v9.0.0 + github.com/go-openapi/runtime v0.25.0 + github.com/go-openapi/spec v0.20.6 // indirect + github.com/go-openapi/validate v0.21.0 // indirect github.com/gobwas/glob v0.2.3 - github.com/gogits/go-gogs-client v0.0.0-20200905025246-8bb8a50cb355 + github.com/gogits/go-gogs-client v0.0.0-20190616193657-5a05380e4bc2 github.com/gogo/protobuf v1.3.2 - github.com/golang-jwt/jwt/v4 v4.5.0 - github.com/golang/protobuf v1.5.3 + github.com/golang-jwt/jwt/v4 v4.4.3 + github.com/golang/protobuf v1.5.2 github.com/google/go-cmp v0.5.9 github.com/google/go-github/v35 v35.3.0 - github.com/google/go-jsonnet v0.20.0 + github.com/google/go-jsonnet v0.19.1 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 github.com/google/uuid v1.3.0 github.com/gorilla/handlers v1.5.1 github.com/gorilla/mux v1.8.0 - github.com/gorilla/websocket v1.5.0 - github.com/gosimple/slug v1.13.1 - github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 + github.com/gorilla/websocket v1.4.2 + github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect + github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 github.com/grpc-ecosystem/grpc-gateway v1.16.0 - github.com/hashicorp/go-retryablehttp v0.7.4 - github.com/imdario/mergo v0.3.16 - github.com/improbable-eng/grpc-web v0.15.0 - github.com/itchyny/gojq v0.12.13 + github.com/hashicorp/go-retryablehttp v0.7.0 + github.com/imdario/mergo v0.3.13 + github.com/improbable-eng/grpc-web v0.0.0-20181111100011-16092bd1d58a + github.com/itchyny/gojq v0.12.10 github.com/jeremywohl/flatten v1.0.1 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 - github.com/ktrysmt/go-bitbucket v0.9.63 - github.com/mattn/go-isatty v0.0.19 + github.com/ktrysmt/go-bitbucket v0.9.55 + github.com/malexdev/utfutil v0.0.0-20180510171754-00c8d4a8e7a8 // indirect + github.com/mattn/go-isatty v0.0.16 github.com/mattn/go-zglob v0.0.4 - github.com/microsoft/azure-devops-go-api/azuredevops v1.0.0-b5 github.com/olekukonko/tablewriter v0.0.5 github.com/patrickmn/go-cache v2.1.0+incompatible - github.com/prometheus/client_golang v1.16.0 + github.com/pkg/errors v0.9.1 // indirect + github.com/prometheus/client_golang v1.14.0 github.com/r3labs/diff v1.1.0 - github.com/redis/go-redis/v9 v9.0.5 - github.com/robfig/cron/v3 v3.0.1 + github.com/redis/go-redis/v9 v9.0.2 + github.com/rs/cors v1.8.0 // indirect github.com/sirupsen/logrus v1.9.3 github.com/skratchdot/open-golang v0.0.0-20160302144031-75fb7ed4208c github.com/soheilhy/cmux v0.1.5 @@ -71,121 +69,118 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.8.4 github.com/valyala/fasttemplate v1.2.2 - github.com/whilp/git-urls v1.0.0 - github.com/xanzy/go-gitlab v0.89.0 - github.com/yuin/gopher-lua v1.1.0 - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.42.0 - go.opentelemetry.io/otel v1.16.0 - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0 - go.opentelemetry.io/otel/sdk v1.16.0 - golang.org/x/crypto v0.12.0 - golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 - golang.org/x/oauth2 v0.11.0 - golang.org/x/sync v0.3.0 - golang.org/x/term v0.11.0 - google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc - google.golang.org/grpc v1.56.2 - google.golang.org/protobuf v1.31.0 - gopkg.in/square/go-jose.v2 v2.6.0 + github.com/whilp/git-urls v0.0.0-20191001220047-6db9661140c0 + github.com/xanzy/go-gitlab v0.60.0 + github.com/yuin/gopher-lua v0.0.0-20220504180219-658193537a64 + golang.org/x/crypto v0.10.0 + golang.org/x/net v0.11.0 // indirect + golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094 + golang.org/x/sync v0.1.0 + golang.org/x/term v0.9.0 + google.golang.org/genproto v0.0.0-20220616135557-88e70c0c3a90 + google.golang.org/grpc v1.51.0 + google.golang.org/protobuf v1.28.1 + gopkg.in/go-playground/webhooks.v5 v5.17.0 gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.24.2 k8s.io/apiextensions-apiserver v0.24.2 k8s.io/apimachinery v0.24.2 - k8s.io/apiserver v0.24.2 k8s.io/client-go v0.24.2 k8s.io/code-generator v0.24.2 k8s.io/klog/v2 v2.70.1 k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 k8s.io/kubectl v0.24.2 - k8s.io/utils v0.0.0-20220706174534-f6158b442e7c + k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 layeh.com/gopher-json v0.0.0-20190114024228-97fed8db8427 - oras.land/oras-go/v2 v2.2.1 sigs.k8s.io/controller-runtime v0.11.0 - sigs.k8s.io/structured-merge-diff/v4 v4.3.0 + sigs.k8s.io/structured-merge-diff/v4 v4.2.3 sigs.k8s.io/yaml v1.3.0 ) require ( - dario.cat/mergo v1.0.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v0.5.2 // indirect - github.com/golang-jwt/jwt v3.2.2+incompatible // indirect - github.com/kylelemons/godebug v1.1.0 // indirect - github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect - github.com/tidwall/gjson v1.14.4 // indirect - github.com/tidwall/match v1.1.1 // indirect - github.com/tidwall/pretty v1.2.0 // indirect - google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc // indirect - gopkg.in/retry.v1 v1.0.3 // indirect - k8s.io/klog v1.0.0 // indirect - nhooyr.io/websocket v1.8.7 // indirect + github.com/gfleury/go-bitbucket-v1 v0.0.0-20220301131131-8e7ed04b843e + github.com/stretchr/objx v0.5.0 // indirect + gopkg.in/square/go-jose.v2 v2.6.0 + k8s.io/apiserver v0.24.2 ) require ( - cloud.google.com/go/compute v1.20.1 // indirect - cloud.google.com/go/compute/metadata v0.2.3 // indirect + github.com/gosimple/slug v1.13.1 + github.com/microsoft/azure-devops-go-api/azuredevops v1.0.0-b5 + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.31.0 + go.opentelemetry.io/otel v1.11.1 + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.11.1 + go.opentelemetry.io/otel/sdk v1.11.1 +) + +require ( + github.com/Masterminds/sprig/v3 v3.2.3 + github.com/coreos/go-oidc/v3 v3.4.0 + github.com/go-redis/cache/v9 v9.0.0 + github.com/robfig/cron/v3 v3.0.1 +) + +require ( + github.com/emicklei/go-restful/v3 v3.8.0 // indirect + github.com/google/go-github/v45 v45.2.0 // indirect + github.com/rivo/uniseg v0.2.0 // indirect + github.com/shopspring/decimal v1.2.0 // indirect + github.com/spf13/cast v1.4.1 // indirect +) + +require ( + cloud.google.com/go/compute v1.7.0 // indirect github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect - github.com/Azure/go-autorest/autorest v0.11.27 // indirect - github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect + github.com/Azure/go-autorest/autorest v0.11.18 // indirect + github.com/Azure/go-autorest/autorest/adal v0.9.13 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd // indirect github.com/Masterminds/goutils v1.1.1 // indirect - github.com/Microsoft/go-winio v0.6.1 // indirect + github.com/Microsoft/go-winio v0.5.2 // indirect github.com/PagerDuty/go-pagerduty v1.6.0 // indirect - github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect github.com/RocketChat/Rocket.Chat.Go.SDK v0.0.0-20210112200207-10ab4d695d60 // indirect github.com/acomagu/bufpipe v1.0.4 // indirect github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a // indirect - github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect + github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/cenkalti/backoff/v4 v4.2.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 - github.com/chai2010/gettext-go v0.0.0-20170215093142-bf70f2a70fb1 // indirect + github.com/cenkalti/backoff/v4 v4.1.3 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/cloudflare/circl v1.3.3 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/desertbit/timer v0.0.0-20180107155436-c41aec40b27f // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect - github.com/docker/distribution v2.8.2+incompatible // indirect - github.com/emicklei/go-restful/v3 v3.8.0 // indirect + github.com/docker/distribution v2.8.1+incompatible // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/fatih/camelcase v1.0.0 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect + github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect github.com/fvbommel/sortorder v1.0.1 // indirect - github.com/ghodss/yaml v1.0.0 // indirect - github.com/go-errors/errors v1.4.2 // indirect - github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect + github.com/go-errors/errors v1.0.1 // indirect + github.com/go-git/gcfg v1.5.0 // indirect github.com/go-git/go-billy/v5 v5.4.1 // indirect - github.com/go-jose/go-jose/v3 v3.0.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/analysis v0.21.4 // indirect - github.com/go-openapi/errors v0.20.3 // indirect + github.com/go-openapi/errors v0.20.2 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/jsonreference v0.20.0 // indirect - github.com/go-openapi/spec v0.20.8 // indirect - github.com/go-openapi/strfmt v0.21.7 // indirect - github.com/go-openapi/swag v0.22.3 // indirect - github.com/go-openapi/validate v0.22.1 // indirect + github.com/go-openapi/strfmt v0.21.3 // indirect + github.com/go-openapi/swag v0.21.1 // indirect github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1 // indirect - github.com/golang/glog v1.1.0 // indirect + github.com/golang/glog v1.0.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/google/btree v1.1.2 // indirect - github.com/google/gnostic v0.6.9 // indirect + github.com/google/btree v1.0.1 // indirect + github.com/google/gnostic v0.5.7-v3refs // indirect github.com/google/go-github/v41 v41.0.0 // indirect - github.com/google/go-github/v53 v53.2.0 // indirect github.com/google/go-querystring v1.1.0 // indirect - github.com/google/gofuzz v1.2.0 // indirect + github.com/google/gofuzz v1.1.0 // indirect github.com/gosimple/unidecode v1.0.1 // indirect github.com/gregdel/pushover v1.1.0 // indirect - github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect - github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-version v1.2.1 // indirect github.com/huandu/xstrings v1.3.3 // indirect @@ -200,12 +195,11 @@ require ( github.com/klauspost/compress v1.16.5 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/malexdev/utfutil v0.0.0-20180510171754-00c8d4a8e7a8 // indirect github.com/mattn/go-runewidth v0.0.14 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect github.com/mitchellh/copystructure v1.0.0 // indirect github.com/mitchellh/go-wordwrap v1.0.0 // indirect - github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/mitchellh/mapstructure v1.4.3 // indirect github.com/mitchellh/reflectwalk v1.0.0 // indirect github.com/moby/spdystream v0.2.0 // indirect github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect @@ -215,44 +209,35 @@ require ( github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/oklog/ulid v1.3.1 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect - github.com/opencontainers/image-spec v1.1.0-rc4 // indirect github.com/opsgenie/opsgenie-go-sdk-v2 v1.0.5 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pjbgf/sha1cd v0.3.0 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.3.0 // indirect - github.com/prometheus/common v0.42.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect - github.com/rivo/uniseg v0.4.4 // indirect - github.com/rs/cors v1.8.0 // indirect - github.com/russross/blackfriday v1.6.0 // indirect + github.com/prometheus/common v0.37.0 // indirect + github.com/prometheus/procfs v0.8.0 // indirect + github.com/russross/blackfriday v1.5.2 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/sergi/go-diff v1.1.0 // indirect - github.com/shopspring/decimal v1.2.0 // indirect - github.com/skeema/knownhosts v1.2.0 // indirect + github.com/skeema/knownhosts v1.1.0 // indirect github.com/slack-go/slack v0.12.1 // indirect - github.com/spf13/cast v1.5.0 // indirect - github.com/stretchr/objx v0.5.0 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/vmihailenco/go-tinylfu v0.2.2 // indirect github.com/vmihailenco/msgpack/v5 v5.3.4 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect - github.com/xlab/treeprint v1.1.0 // indirect - go.mongodb.org/mongo-driver v1.11.3 // indirect - go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 // indirect - go.opentelemetry.io/otel/metric v1.16.0 // indirect - go.opentelemetry.io/otel/trace v1.16.0 // indirect + github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca // indirect + go.mongodb.org/mongo-driver v1.10.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.11.1 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.11.1 // indirect + go.opentelemetry.io/otel/trace v1.11.1 // indirect go.opentelemetry.io/proto/otlp v0.19.0 // indirect - go.starlark.net v0.0.0-20220328144851-d1966c6b9fcd // indirect - golang.org/x/mod v0.9.0 // indirect - golang.org/x/net v0.14.0 // indirect - golang.org/x/sys v0.11.0 // indirect - golang.org/x/text v0.12.0 // indirect - golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.7.0 // indirect + go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect + golang.org/x/mod v0.8.0 // indirect + golang.org/x/sys v0.9.0 // indirect + golang.org/x/text v0.10.0 // indirect + golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect + golang.org/x/tools v0.6.0 // indirect gomodules.xyz/envconfig v1.3.1-0.20190308184047-426f31af0d45 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect gomodules.xyz/notify v0.1.1 // indirect @@ -268,9 +253,9 @@ require ( k8s.io/gengo v0.0.0-20211129171323-c02415ce4185 // indirect k8s.io/kube-aggregator v0.24.2 // indirect k8s.io/kubernetes v1.24.2 // indirect - sigs.k8s.io/json v0.0.0-20220525155127-227cbc7cc124 // indirect - sigs.k8s.io/kustomize/api v0.11.5 // indirect - sigs.k8s.io/kustomize/kyaml v0.13.7 // indirect + sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect + sigs.k8s.io/kustomize/api v0.11.4 // indirect + sigs.k8s.io/kustomize/kyaml v0.13.6 // indirect ) replace ( @@ -279,6 +264,7 @@ replace ( github.com/golang/protobuf => github.com/golang/protobuf v1.4.2 github.com/grpc-ecosystem/grpc-gateway => github.com/grpc-ecosystem/grpc-gateway v1.16.0 + github.com/improbable-eng/grpc-web => github.com/improbable-eng/grpc-web v0.0.0-20181111100011-16092bd1d58a // Avoid CVE-2022-3064 gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.4.0 diff --git a/go.sum b/go.sum index 51920d6b56f41..6f36408c6e785 100644 --- a/go.sum +++ b/go.sum @@ -5,7 +5,6 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= -cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= @@ -18,7 +17,6 @@ cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOY cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= -cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= @@ -30,665 +28,97 @@ cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+Y cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= -cloud.google.com/go v0.100.1/go.mod h1:fs4QogzfH5n2pBXBP9vRiU+eCny7lD2vmFZy79Iuw1U= cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= cloud.google.com/go v0.102.0/go.mod h1:oWcCzKlqJ5zgHQt9YsaeTY9KzIvjyy0ArmiBUgpQ+nc= -cloud.google.com/go v0.102.1/go.mod h1:XZ77E9qnTEnrgEOvr4xzfdX5TRo7fB4T2F4O6+34hIU= -cloud.google.com/go v0.104.0/go.mod h1:OO6xxXdJyvuJPcEPBLN9BJPD+jep5G1+2U5B5gkRYtA= -cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM= -cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I= -cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY= -cloud.google.com/go v0.110.2/go.mod h1:k04UEeEtb6ZBRTv3dZz4CeJC3jKGxyhl0sAiVVquxiw= -cloud.google.com/go/accessapproval v1.4.0/go.mod h1:zybIuC3KpDOvotz59lFe5qxRZx6C75OtwbisN56xYB4= -cloud.google.com/go/accessapproval v1.5.0/go.mod h1:HFy3tuiGvMdcd/u+Cu5b9NkO1pEICJ46IR82PoUdplw= -cloud.google.com/go/accessapproval v1.6.0/go.mod h1:R0EiYnwV5fsRFiKZkPHr6mwyk2wxUJ30nL4j2pcFY2E= -cloud.google.com/go/accesscontextmanager v1.3.0/go.mod h1:TgCBehyr5gNMz7ZaH9xubp+CE8dkrszb4oK9CWyvD4o= -cloud.google.com/go/accesscontextmanager v1.4.0/go.mod h1:/Kjh7BBu/Gh83sv+K60vN9QE5NJcd80sU33vIe2IFPE= -cloud.google.com/go/accesscontextmanager v1.6.0/go.mod h1:8XCvZWfYw3K/ji0iVnp+6pu7huxoQTLmxAbVjbloTtM= -cloud.google.com/go/accesscontextmanager v1.7.0/go.mod h1:CEGLewx8dwa33aDAZQujl7Dx+uYhS0eay198wB/VumQ= -cloud.google.com/go/aiplatform v1.22.0/go.mod h1:ig5Nct50bZlzV6NvKaTwmplLLddFx0YReh9WfTO5jKw= -cloud.google.com/go/aiplatform v1.24.0/go.mod h1:67UUvRBKG6GTayHKV8DBv2RtR1t93YRu5B1P3x99mYY= -cloud.google.com/go/aiplatform v1.27.0/go.mod h1:Bvxqtl40l0WImSb04d0hXFU7gDOiq9jQmorivIiWcKg= -cloud.google.com/go/aiplatform v1.35.0/go.mod h1:7MFT/vCaOyZT/4IIFfxH4ErVg/4ku6lKv3w0+tFTgXQ= -cloud.google.com/go/aiplatform v1.36.1/go.mod h1:WTm12vJRPARNvJ+v6P52RDHCNe4AhvjcIZ/9/RRHy/k= -cloud.google.com/go/aiplatform v1.37.0/go.mod h1:IU2Cv29Lv9oCn/9LkFiiuKfwrRTq+QQMbW+hPCxJGZw= -cloud.google.com/go/analytics v0.11.0/go.mod h1:DjEWCu41bVbYcKyvlws9Er60YE4a//bK6mnhWvQeFNI= -cloud.google.com/go/analytics v0.12.0/go.mod h1:gkfj9h6XRf9+TS4bmuhPEShsh3hH8PAZzm/41OOhQd4= -cloud.google.com/go/analytics v0.17.0/go.mod h1:WXFa3WSym4IZ+JiKmavYdJwGG/CvpqiqczmL59bTD9M= -cloud.google.com/go/analytics v0.18.0/go.mod h1:ZkeHGQlcIPkw0R/GW+boWHhCOR43xz9RN/jn7WcqfIE= -cloud.google.com/go/analytics v0.19.0/go.mod h1:k8liqf5/HCnOUkbawNtrWWc+UAzyDlW89doe8TtoDsE= -cloud.google.com/go/apigateway v1.3.0/go.mod h1:89Z8Bhpmxu6AmUxuVRg/ECRGReEdiP3vQtk4Z1J9rJk= -cloud.google.com/go/apigateway v1.4.0/go.mod h1:pHVY9MKGaH9PQ3pJ4YLzoj6U5FUDeDFBllIz7WmzJoc= -cloud.google.com/go/apigateway v1.5.0/go.mod h1:GpnZR3Q4rR7LVu5951qfXPJCHquZt02jf7xQx7kpqN8= -cloud.google.com/go/apigeeconnect v1.3.0/go.mod h1:G/AwXFAKo0gIXkPTVfZDd2qA1TxBXJ3MgMRBQkIi9jc= -cloud.google.com/go/apigeeconnect v1.4.0/go.mod h1:kV4NwOKqjvt2JYR0AoIWo2QGfoRtn/pkS3QlHp0Ni04= -cloud.google.com/go/apigeeconnect v1.5.0/go.mod h1:KFaCqvBRU6idyhSNyn3vlHXc8VMDJdRmwDF6JyFRqZ8= -cloud.google.com/go/apigeeregistry v0.4.0/go.mod h1:EUG4PGcsZvxOXAdyEghIdXwAEi/4MEaoqLMLDMIwKXY= -cloud.google.com/go/apigeeregistry v0.5.0/go.mod h1:YR5+s0BVNZfVOUkMa5pAR2xGd0A473vA5M7j247o1wM= -cloud.google.com/go/apigeeregistry v0.6.0/go.mod h1:BFNzW7yQVLZ3yj0TKcwzb8n25CFBri51GVGOEUcgQsc= -cloud.google.com/go/apikeys v0.4.0/go.mod h1:XATS/yqZbaBK0HOssf+ALHp8jAlNHUgyfprvNcBIszU= -cloud.google.com/go/apikeys v0.5.0/go.mod h1:5aQfwY4D+ewMMWScd3hm2en3hCj+BROlyrt3ytS7KLI= -cloud.google.com/go/apikeys v0.6.0/go.mod h1:kbpXu5upyiAlGkKrJgQl8A0rKNNJ7dQ377pdroRSSi8= -cloud.google.com/go/appengine v1.4.0/go.mod h1:CS2NhuBuDXM9f+qscZ6V86m1MIIqPj3WC/UoEuR1Sno= -cloud.google.com/go/appengine v1.5.0/go.mod h1:TfasSozdkFI0zeoxW3PTBLiNqRmzraodCWatWI9Dmak= -cloud.google.com/go/appengine v1.6.0/go.mod h1:hg6i0J/BD2cKmDJbaFSYHFyZkgBEfQrDg/X0V5fJn84= -cloud.google.com/go/appengine v1.7.0/go.mod h1:eZqpbHFCqRGa2aCdope7eC0SWLV1j0neb/QnMJVWx6A= -cloud.google.com/go/appengine v1.7.1/go.mod h1:IHLToyb/3fKutRysUlFO0BPt5j7RiQ45nrzEJmKTo6E= -cloud.google.com/go/area120 v0.5.0/go.mod h1:DE/n4mp+iqVyvxHN41Vf1CR602GiHQjFPusMFW6bGR4= -cloud.google.com/go/area120 v0.6.0/go.mod h1:39yFJqWVgm0UZqWTOdqkLhjoC7uFfgXRC8g/ZegeAh0= -cloud.google.com/go/area120 v0.7.0/go.mod h1:a3+8EUD1SX5RUcCs3MY5YasiO1z6yLiNLRiFrykbynY= -cloud.google.com/go/area120 v0.7.1/go.mod h1:j84i4E1RboTWjKtZVWXPqvK5VHQFJRF2c1Nm69pWm9k= -cloud.google.com/go/artifactregistry v1.6.0/go.mod h1:IYt0oBPSAGYj/kprzsBjZ/4LnG/zOcHyFHjWPCi6SAQ= -cloud.google.com/go/artifactregistry v1.7.0/go.mod h1:mqTOFOnGZx8EtSqK/ZWcsm/4U8B77rbcLP6ruDU2Ixk= -cloud.google.com/go/artifactregistry v1.8.0/go.mod h1:w3GQXkJX8hiKN0v+at4b0qotwijQbYUqF2GWkZzAhC0= -cloud.google.com/go/artifactregistry v1.9.0/go.mod h1:2K2RqvA2CYvAeARHRkLDhMDJ3OXy26h3XW+3/Jh2uYc= -cloud.google.com/go/artifactregistry v1.11.1/go.mod h1:lLYghw+Itq9SONbCa1YWBoWs1nOucMH0pwXN1rOBZFI= -cloud.google.com/go/artifactregistry v1.11.2/go.mod h1:nLZns771ZGAwVLzTX/7Al6R9ehma4WUEhZGWV6CeQNQ= -cloud.google.com/go/artifactregistry v1.12.0/go.mod h1:o6P3MIvtzTOnmvGagO9v/rOjjA0HmhJ+/6KAXrmYDCI= -cloud.google.com/go/artifactregistry v1.13.0/go.mod h1:uy/LNfoOIivepGhooAUpL1i30Hgee3Cu0l4VTWHUC08= -cloud.google.com/go/asset v1.5.0/go.mod h1:5mfs8UvcM5wHhqtSv8J1CtxxaQq3AdBxxQi2jGW/K4o= -cloud.google.com/go/asset v1.7.0/go.mod h1:YbENsRK4+xTiL+Ofoj5Ckf+O17kJtgp3Y3nn4uzZz5s= -cloud.google.com/go/asset v1.8.0/go.mod h1:mUNGKhiqIdbr8X7KNayoYvyc4HbbFO9URsjbytpUaW0= -cloud.google.com/go/asset v1.9.0/go.mod h1:83MOE6jEJBMqFKadM9NLRcs80Gdw76qGuHn8m3h8oHQ= -cloud.google.com/go/asset v1.10.0/go.mod h1:pLz7uokL80qKhzKr4xXGvBQXnzHn5evJAEAtZiIb0wY= -cloud.google.com/go/asset v1.11.1/go.mod h1:fSwLhbRvC9p9CXQHJ3BgFeQNM4c9x10lqlrdEUYXlJo= -cloud.google.com/go/asset v1.12.0/go.mod h1:h9/sFOa4eDIyKmH6QMpm4eUK3pDojWnUhTgJlk762Hg= -cloud.google.com/go/asset v1.13.0/go.mod h1:WQAMyYek/b7NBpYq/K4KJWcRqzoalEsxz/t/dTk4THw= -cloud.google.com/go/assuredworkloads v1.5.0/go.mod h1:n8HOZ6pff6re5KYfBXcFvSViQjDwxFkAkmUFffJRbbY= -cloud.google.com/go/assuredworkloads v1.6.0/go.mod h1:yo2YOk37Yc89Rsd5QMVECvjaMKymF9OP+QXWlKXUkXw= -cloud.google.com/go/assuredworkloads v1.7.0/go.mod h1:z/736/oNmtGAyU47reJgGN+KVoYoxeLBoj4XkKYscNI= -cloud.google.com/go/assuredworkloads v1.8.0/go.mod h1:AsX2cqyNCOvEQC8RMPnoc0yEarXQk6WEKkxYfL6kGIo= -cloud.google.com/go/assuredworkloads v1.9.0/go.mod h1:kFuI1P78bplYtT77Tb1hi0FMxM0vVpRC7VVoJC3ZoT0= -cloud.google.com/go/assuredworkloads v1.10.0/go.mod h1:kwdUQuXcedVdsIaKgKTp9t0UJkE5+PAVNhdQm4ZVq2E= -cloud.google.com/go/automl v1.5.0/go.mod h1:34EjfoFGMZ5sgJ9EoLsRtdPSNZLcfflJR39VbVNS2M0= -cloud.google.com/go/automl v1.6.0/go.mod h1:ugf8a6Fx+zP0D59WLhqgTDsQI9w07o64uf/Is3Nh5p8= -cloud.google.com/go/automl v1.7.0/go.mod h1:RL9MYCCsJEOmt0Wf3z9uzG0a7adTT1fe+aObgSpkCt8= -cloud.google.com/go/automl v1.8.0/go.mod h1:xWx7G/aPEe/NP+qzYXktoBSDfjO+vnKMGgsApGJJquM= -cloud.google.com/go/automl v1.12.0/go.mod h1:tWDcHDp86aMIuHmyvjuKeeHEGq76lD7ZqfGLN6B0NuU= -cloud.google.com/go/baremetalsolution v0.3.0/go.mod h1:XOrocE+pvK1xFfleEnShBlNAXf+j5blPPxrhjKgnIFc= -cloud.google.com/go/baremetalsolution v0.4.0/go.mod h1:BymplhAadOO/eBa7KewQ0Ppg4A4Wplbn+PsFKRLo0uI= -cloud.google.com/go/baremetalsolution v0.5.0/go.mod h1:dXGxEkmR9BMwxhzBhV0AioD0ULBmuLZI8CdwalUxuss= -cloud.google.com/go/batch v0.3.0/go.mod h1:TR18ZoAekj1GuirsUsR1ZTKN3FC/4UDnScjT8NXImFE= -cloud.google.com/go/batch v0.4.0/go.mod h1:WZkHnP43R/QCGQsZ+0JyG4i79ranE2u8xvjq/9+STPE= -cloud.google.com/go/batch v0.7.0/go.mod h1:vLZN95s6teRUqRQ4s3RLDsH8PvboqBK+rn1oevL159g= -cloud.google.com/go/beyondcorp v0.2.0/go.mod h1:TB7Bd+EEtcw9PCPQhCJtJGjk/7TC6ckmnSFS+xwTfm4= -cloud.google.com/go/beyondcorp v0.3.0/go.mod h1:E5U5lcrcXMsCuoDNyGrpyTm/hn7ne941Jz2vmksAxW8= -cloud.google.com/go/beyondcorp v0.4.0/go.mod h1:3ApA0mbhHx6YImmuubf5pyW8srKnCEPON32/5hj+RmM= -cloud.google.com/go/beyondcorp v0.5.0/go.mod h1:uFqj9X+dSfrheVp7ssLTaRHd2EHqSL4QZmH4e8WXGGU= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/bigquery v1.42.0/go.mod h1:8dRTJxhtG+vwBKzE5OseQn/hiydoQN3EedCaOdYmxRA= -cloud.google.com/go/bigquery v1.43.0/go.mod h1:ZMQcXHsl+xmU1z36G2jNGZmKp9zNY5BUua5wDgmNCfw= -cloud.google.com/go/bigquery v1.44.0/go.mod h1:0Y33VqXTEsbamHJvJHdFmtqHvMIY28aK1+dFsvaChGc= -cloud.google.com/go/bigquery v1.47.0/go.mod h1:sA9XOgy0A8vQK9+MWhEQTY6Tix87M/ZurWFIxmF9I/E= -cloud.google.com/go/bigquery v1.48.0/go.mod h1:QAwSz+ipNgfL5jxiaK7weyOhzdoAy1zFm0Nf1fysJac= -cloud.google.com/go/bigquery v1.49.0/go.mod h1:Sv8hMmTFFYBlt/ftw2uN6dFdQPzBlREY9yBh7Oy7/4Q= -cloud.google.com/go/bigquery v1.50.0/go.mod h1:YrleYEh2pSEbgTBZYMJ5SuSr0ML3ypjRB1zgf7pvQLU= -cloud.google.com/go/billing v1.4.0/go.mod h1:g9IdKBEFlItS8bTtlrZdVLWSSdSyFUZKXNS02zKMOZY= -cloud.google.com/go/billing v1.5.0/go.mod h1:mztb1tBc3QekhjSgmpf/CV4LzWXLzCArwpLmP2Gm88s= -cloud.google.com/go/billing v1.6.0/go.mod h1:WoXzguj+BeHXPbKfNWkqVtDdzORazmCjraY+vrxcyvI= -cloud.google.com/go/billing v1.7.0/go.mod h1:q457N3Hbj9lYwwRbnlD7vUpyjq6u5U1RAOArInEiD5Y= -cloud.google.com/go/billing v1.12.0/go.mod h1:yKrZio/eu+okO/2McZEbch17O5CB5NpZhhXG6Z766ss= -cloud.google.com/go/billing v1.13.0/go.mod h1:7kB2W9Xf98hP9Sr12KfECgfGclsH3CQR0R08tnRlRbc= -cloud.google.com/go/binaryauthorization v1.1.0/go.mod h1:xwnoWu3Y84jbuHa0zd526MJYmtnVXn0syOjaJgy4+dM= -cloud.google.com/go/binaryauthorization v1.2.0/go.mod h1:86WKkJHtRcv5ViNABtYMhhNWRrD1Vpi//uKEy7aYEfI= -cloud.google.com/go/binaryauthorization v1.3.0/go.mod h1:lRZbKgjDIIQvzYQS1p99A7/U1JqvqeZg0wiI5tp6tg0= -cloud.google.com/go/binaryauthorization v1.4.0/go.mod h1:tsSPQrBd77VLplV70GUhBf/Zm3FsKmgSqgm4UmiDItk= -cloud.google.com/go/binaryauthorization v1.5.0/go.mod h1:OSe4OU1nN/VswXKRBmciKpo9LulY41gch5c68htf3/Q= -cloud.google.com/go/certificatemanager v1.3.0/go.mod h1:n6twGDvcUBFu9uBgt4eYvvf3sQ6My8jADcOVwHmzadg= -cloud.google.com/go/certificatemanager v1.4.0/go.mod h1:vowpercVFyqs8ABSmrdV+GiFf2H/ch3KyudYQEMM590= -cloud.google.com/go/certificatemanager v1.6.0/go.mod h1:3Hh64rCKjRAX8dXgRAyOcY5vQ/fE1sh8o+Mdd6KPgY8= -cloud.google.com/go/channel v1.8.0/go.mod h1:W5SwCXDJsq/rg3tn3oG0LOxpAo6IMxNa09ngphpSlnk= -cloud.google.com/go/channel v1.9.0/go.mod h1:jcu05W0my9Vx4mt3/rEHpfxc9eKi9XwsdDL8yBMbKUk= -cloud.google.com/go/channel v1.11.0/go.mod h1:IdtI0uWGqhEeatSB62VOoJ8FSUhJ9/+iGkJVqp74CGE= -cloud.google.com/go/channel v1.12.0/go.mod h1:VkxCGKASi4Cq7TbXxlaBezonAYpp1GCnKMY6tnMQnLU= -cloud.google.com/go/cloudbuild v1.3.0/go.mod h1:WequR4ULxlqvMsjDEEEFnOG5ZSRSgWOywXYDb1vPE6U= -cloud.google.com/go/cloudbuild v1.4.0/go.mod h1:5Qwa40LHiOXmz3386FrjrYM93rM/hdRr7b53sySrTqA= -cloud.google.com/go/cloudbuild v1.6.0/go.mod h1:UIbc/w9QCbH12xX+ezUsgblrWv+Cv4Tw83GiSMHOn9M= -cloud.google.com/go/cloudbuild v1.7.0/go.mod h1:zb5tWh2XI6lR9zQmsm1VRA+7OCuve5d8S+zJUul8KTg= -cloud.google.com/go/cloudbuild v1.9.0/go.mod h1:qK1d7s4QlO0VwfYn5YuClDGg2hfmLZEb4wQGAbIgL1s= -cloud.google.com/go/clouddms v1.3.0/go.mod h1:oK6XsCDdW4Ib3jCCBugx+gVjevp2TMXFtgxvPSee3OM= -cloud.google.com/go/clouddms v1.4.0/go.mod h1:Eh7sUGCC+aKry14O1NRljhjyrr0NFC0G2cjwX0cByRk= -cloud.google.com/go/clouddms v1.5.0/go.mod h1:QSxQnhikCLUw13iAbffF2CZxAER3xDGNHjsTAkQJcQA= -cloud.google.com/go/cloudtasks v1.5.0/go.mod h1:fD92REy1x5woxkKEkLdvavGnPJGEn8Uic9nWuLzqCpY= -cloud.google.com/go/cloudtasks v1.6.0/go.mod h1:C6Io+sxuke9/KNRkbQpihnW93SWDU3uXt92nu85HkYI= -cloud.google.com/go/cloudtasks v1.7.0/go.mod h1:ImsfdYWwlWNJbdgPIIGJWC+gemEGTBK/SunNQQNCAb4= -cloud.google.com/go/cloudtasks v1.8.0/go.mod h1:gQXUIwCSOI4yPVK7DgTVFiiP0ZW/eQkydWzwVMdHxrI= -cloud.google.com/go/cloudtasks v1.9.0/go.mod h1:w+EyLsVkLWHcOaqNEyvcKAsWp9p29dL6uL9Nst1cI7Y= -cloud.google.com/go/cloudtasks v1.10.0/go.mod h1:NDSoTLkZ3+vExFEWu2UJV1arUyzVDAiZtdWcsUyNwBs= cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz/FMzPu0s= cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU= +cloud.google.com/go/compute v1.7.0 h1:v/k9Eueb8aAJ0vZuxKMrgm6kPhCLZU9HxFU+AFDs9Uk= cloud.google.com/go/compute v1.7.0/go.mod h1:435lt8av5oL9P3fv1OEzSbSUe+ybHXGMPQHHZWZxy9U= -cloud.google.com/go/compute v1.10.0/go.mod h1:ER5CLbMxl90o2jtNbGSbtfOpQKR0t15FOtRsugnLrlU= -cloud.google.com/go/compute v1.12.0/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= -cloud.google.com/go/compute v1.12.1/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= -cloud.google.com/go/compute v1.13.0/go.mod h1:5aPTS0cUNMIc1CE546K+Th6weJUNQErARyZtRXDJ8GE= -cloud.google.com/go/compute v1.14.0/go.mod h1:YfLtxrj9sU4Yxv+sXzZkyPjEyPBZfXHUvjxega5vAdo= -cloud.google.com/go/compute v1.15.1/go.mod h1:bjjoF/NtFUrkD/urWfdHaKuOPDR5nWIs63rR+SXhcpA= -cloud.google.com/go/compute v1.18.0/go.mod h1:1X7yHxec2Ga+Ss6jPyjxRxpu2uu7PLgsOVXvgU0yacs= -cloud.google.com/go/compute v1.19.0/go.mod h1:rikpw2y+UMidAe9tISo04EHNOIf42RLYF/q8Bs93scU= -cloud.google.com/go/compute v1.19.3/go.mod h1:qxvISKp/gYnXkSAD1ppcSOveRAmzxicEv/JlizULFrI= -cloud.google.com/go/compute v1.20.1 h1:6aKEtlUiwEpJzM001l0yFkpXmUVXaN8W+fbkb2AZNbg= -cloud.google.com/go/compute v1.20.1/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= -cloud.google.com/go/compute/metadata v0.1.0/go.mod h1:Z1VN+bulIf6bt4P/C37K4DyZYZEXYonfTBHHFPO/4UU= -cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= -cloud.google.com/go/compute/metadata v0.2.1/go.mod h1:jgHgmJd2RKBGzXqF5LR2EZMGxBkeanZ9wwa75XHJgOM= -cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= -cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= -cloud.google.com/go/contactcenterinsights v1.3.0/go.mod h1:Eu2oemoePuEFc/xKFPjbTuPSj0fYJcPls9TFlPNnHHY= -cloud.google.com/go/contactcenterinsights v1.4.0/go.mod h1:L2YzkGbPsv+vMQMCADxJoT9YiTTnSEd6fEvCeHTYVck= -cloud.google.com/go/contactcenterinsights v1.6.0/go.mod h1:IIDlT6CLcDoyv79kDv8iWxMSTZhLxSCofVV5W6YFM/w= -cloud.google.com/go/container v1.6.0/go.mod h1:Xazp7GjJSeUYo688S+6J5V+n/t+G5sKBTFkKNudGRxg= -cloud.google.com/go/container v1.7.0/go.mod h1:Dp5AHtmothHGX3DwwIHPgq45Y8KmNsgN3amoYfxVkLo= -cloud.google.com/go/container v1.13.1/go.mod h1:6wgbMPeQRw9rSnKBCAJXnds3Pzj03C4JHamr8asWKy4= -cloud.google.com/go/container v1.14.0/go.mod h1:3AoJMPhHfLDxLvrlVWaK57IXzaPnLaZq63WX59aQBfM= -cloud.google.com/go/container v1.15.0/go.mod h1:ft+9S0WGjAyjDggg5S06DXj+fHJICWg8L7isCQe9pQA= -cloud.google.com/go/containeranalysis v0.5.1/go.mod h1:1D92jd8gRR/c0fGMlymRgxWD3Qw9C1ff6/T7mLgVL8I= -cloud.google.com/go/containeranalysis v0.6.0/go.mod h1:HEJoiEIu+lEXM+k7+qLCci0h33lX3ZqoYFdmPcoO7s4= -cloud.google.com/go/containeranalysis v0.7.0/go.mod h1:9aUL+/vZ55P2CXfuZjS4UjQ9AgXoSw8Ts6lemfmxBxI= -cloud.google.com/go/containeranalysis v0.9.0/go.mod h1:orbOANbwk5Ejoom+s+DUCTTJ7IBdBQJDcSylAx/on9s= -cloud.google.com/go/datacatalog v1.3.0/go.mod h1:g9svFY6tuR+j+hrTw3J2dNcmI0dzmSiyOzm8kpLq0a0= -cloud.google.com/go/datacatalog v1.5.0/go.mod h1:M7GPLNQeLfWqeIm3iuiruhPzkt65+Bx8dAKvScX8jvs= -cloud.google.com/go/datacatalog v1.6.0/go.mod h1:+aEyF8JKg+uXcIdAmmaMUmZ3q1b/lKLtXCmXdnc0lbc= -cloud.google.com/go/datacatalog v1.7.0/go.mod h1:9mEl4AuDYWw81UGc41HonIHH7/sn52H0/tc8f8ZbZIE= -cloud.google.com/go/datacatalog v1.8.0/go.mod h1:KYuoVOv9BM8EYz/4eMFxrr4DUKhGIOXxZoKYF5wdISM= -cloud.google.com/go/datacatalog v1.8.1/go.mod h1:RJ58z4rMp3gvETA465Vg+ag8BGgBdnRPEMMSTr5Uv+M= -cloud.google.com/go/datacatalog v1.12.0/go.mod h1:CWae8rFkfp6LzLumKOnmVh4+Zle4A3NXLzVJ1d1mRm0= -cloud.google.com/go/datacatalog v1.13.0/go.mod h1:E4Rj9a5ZtAxcQJlEBTLgMTphfP11/lNaAshpoBgemX8= -cloud.google.com/go/dataflow v0.6.0/go.mod h1:9QwV89cGoxjjSR9/r7eFDqqjtvbKxAK2BaYU6PVk9UM= -cloud.google.com/go/dataflow v0.7.0/go.mod h1:PX526vb4ijFMesO1o202EaUmouZKBpjHsTlCtB4parQ= -cloud.google.com/go/dataflow v0.8.0/go.mod h1:Rcf5YgTKPtQyYz8bLYhFoIV/vP39eL7fWNcSOyFfLJE= -cloud.google.com/go/dataform v0.3.0/go.mod h1:cj8uNliRlHpa6L3yVhDOBrUXH+BPAO1+KFMQQNSThKo= -cloud.google.com/go/dataform v0.4.0/go.mod h1:fwV6Y4Ty2yIFL89huYlEkwUPtS7YZinZbzzj5S9FzCE= -cloud.google.com/go/dataform v0.5.0/go.mod h1:GFUYRe8IBa2hcomWplodVmUx/iTL0FrsauObOM3Ipr0= -cloud.google.com/go/dataform v0.6.0/go.mod h1:QPflImQy33e29VuapFdf19oPbE4aYTJxr31OAPV+ulA= -cloud.google.com/go/dataform v0.7.0/go.mod h1:7NulqnVozfHvWUBpMDfKMUESr+85aJsC/2O0o3jWPDE= -cloud.google.com/go/datafusion v1.4.0/go.mod h1:1Zb6VN+W6ALo85cXnM1IKiPw+yQMKMhB9TsTSRDo/38= -cloud.google.com/go/datafusion v1.5.0/go.mod h1:Kz+l1FGHB0J+4XF2fud96WMmRiq/wj8N9u007vyXZ2w= -cloud.google.com/go/datafusion v1.6.0/go.mod h1:WBsMF8F1RhSXvVM8rCV3AeyWVxcC2xY6vith3iw3S+8= -cloud.google.com/go/datalabeling v0.5.0/go.mod h1:TGcJ0G2NzcsXSE/97yWjIZO0bXj0KbVlINXMG9ud42I= -cloud.google.com/go/datalabeling v0.6.0/go.mod h1:WqdISuk/+WIGeMkpw/1q7bK/tFEZxsrFJOJdY2bXvTQ= -cloud.google.com/go/datalabeling v0.7.0/go.mod h1:WPQb1y08RJbmpM3ww0CSUAGweL0SxByuW2E+FU+wXcM= -cloud.google.com/go/dataplex v1.3.0/go.mod h1:hQuRtDg+fCiFgC8j0zV222HvzFQdRd+SVX8gdmFcZzA= -cloud.google.com/go/dataplex v1.4.0/go.mod h1:X51GfLXEMVJ6UN47ESVqvlsRplbLhcsAt0kZCCKsU0A= -cloud.google.com/go/dataplex v1.5.2/go.mod h1:cVMgQHsmfRoI5KFYq4JtIBEUbYwc3c7tXmIDhRmNNVQ= -cloud.google.com/go/dataplex v1.6.0/go.mod h1:bMsomC/aEJOSpHXdFKFGQ1b0TDPIeL28nJObeO1ppRs= -cloud.google.com/go/dataproc v1.7.0/go.mod h1:CKAlMjII9H90RXaMpSxQ8EU6dQx6iAYNPcYPOkSbi8s= -cloud.google.com/go/dataproc v1.8.0/go.mod h1:5OW+zNAH0pMpw14JVrPONsxMQYMBqJuzORhIBfBn9uI= -cloud.google.com/go/dataproc v1.12.0/go.mod h1:zrF3aX0uV3ikkMz6z4uBbIKyhRITnxvr4i3IjKsKrw4= -cloud.google.com/go/dataqna v0.5.0/go.mod h1:90Hyk596ft3zUQ8NkFfvICSIfHFh1Bc7C4cK3vbhkeo= -cloud.google.com/go/dataqna v0.6.0/go.mod h1:1lqNpM7rqNLVgWBJyk5NF6Uen2PHym0jtVJonplVsDA= -cloud.google.com/go/dataqna v0.7.0/go.mod h1:Lx9OcIIeqCrw1a6KdO3/5KMP1wAmTc0slZWwP12Qq3c= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= -cloud.google.com/go/datastore v1.10.0/go.mod h1:PC5UzAmDEkAmkfaknstTYbNpgE49HAgW2J1gcgUfmdM= -cloud.google.com/go/datastore v1.11.0/go.mod h1:TvGxBIHCS50u8jzG+AW/ppf87v1of8nwzFNgEZU1D3c= -cloud.google.com/go/datastream v1.2.0/go.mod h1:i/uTP8/fZwgATHS/XFu0TcNUhuA0twZxxQ3EyCUQMwo= -cloud.google.com/go/datastream v1.3.0/go.mod h1:cqlOX8xlyYF/uxhiKn6Hbv6WjwPPuI9W2M9SAXwaLLQ= -cloud.google.com/go/datastream v1.4.0/go.mod h1:h9dpzScPhDTs5noEMQVWP8Wx8AFBRyS0s8KWPx/9r0g= -cloud.google.com/go/datastream v1.5.0/go.mod h1:6TZMMNPwjUqZHBKPQ1wwXpb0d5VDVPl2/XoS5yi88q4= -cloud.google.com/go/datastream v1.6.0/go.mod h1:6LQSuswqLa7S4rPAOZFVjHIG3wJIjZcZrw8JDEDJuIs= -cloud.google.com/go/datastream v1.7.0/go.mod h1:uxVRMm2elUSPuh65IbZpzJNMbuzkcvu5CjMqVIUHrww= -cloud.google.com/go/deploy v1.4.0/go.mod h1:5Xghikd4VrmMLNaF6FiRFDlHb59VM59YoDQnOUdsH/c= -cloud.google.com/go/deploy v1.5.0/go.mod h1:ffgdD0B89tToyW/U/D2eL0jN2+IEV/3EMuXHA0l4r+s= -cloud.google.com/go/deploy v1.6.0/go.mod h1:f9PTHehG/DjCom3QH0cntOVRm93uGBDt2vKzAPwpXQI= -cloud.google.com/go/deploy v1.8.0/go.mod h1:z3myEJnA/2wnB4sgjqdMfgxCA0EqC3RBTNcVPs93mtQ= -cloud.google.com/go/dialogflow v1.15.0/go.mod h1:HbHDWs33WOGJgn6rfzBW1Kv807BE3O1+xGbn59zZWI4= -cloud.google.com/go/dialogflow v1.16.1/go.mod h1:po6LlzGfK+smoSmTBnbkIZY2w8ffjz/RcGSS+sh1el0= -cloud.google.com/go/dialogflow v1.17.0/go.mod h1:YNP09C/kXA1aZdBgC/VtXX74G/TKn7XVCcVumTflA+8= -cloud.google.com/go/dialogflow v1.18.0/go.mod h1:trO7Zu5YdyEuR+BhSNOqJezyFQ3aUzz0njv7sMx/iek= -cloud.google.com/go/dialogflow v1.19.0/go.mod h1:JVmlG1TwykZDtxtTXujec4tQ+D8SBFMoosgy+6Gn0s0= -cloud.google.com/go/dialogflow v1.29.0/go.mod h1:b+2bzMe+k1s9V+F2jbJwpHPzrnIyHihAdRFMtn2WXuM= -cloud.google.com/go/dialogflow v1.31.0/go.mod h1:cuoUccuL1Z+HADhyIA7dci3N5zUssgpBJmCzI6fNRB4= -cloud.google.com/go/dialogflow v1.32.0/go.mod h1:jG9TRJl8CKrDhMEcvfcfFkkpp8ZhgPz3sBGmAUYJ2qE= -cloud.google.com/go/dlp v1.6.0/go.mod h1:9eyB2xIhpU0sVwUixfBubDoRwP+GjeUoxxeueZmqvmM= -cloud.google.com/go/dlp v1.7.0/go.mod h1:68ak9vCiMBjbasxeVD17hVPxDEck+ExiHavX8kiHG+Q= -cloud.google.com/go/dlp v1.9.0/go.mod h1:qdgmqgTyReTz5/YNSSuueR8pl7hO0o9bQ39ZhtgkWp4= -cloud.google.com/go/documentai v1.7.0/go.mod h1:lJvftZB5NRiFSX4moiye1SMxHx0Bc3x1+p9e/RfXYiU= -cloud.google.com/go/documentai v1.8.0/go.mod h1:xGHNEB7CtsnySCNrCFdCyyMz44RhFEEX2Q7UD0c5IhU= -cloud.google.com/go/documentai v1.9.0/go.mod h1:FS5485S8R00U10GhgBC0aNGrJxBP8ZVpEeJ7PQDZd6k= -cloud.google.com/go/documentai v1.10.0/go.mod h1:vod47hKQIPeCfN2QS/jULIvQTugbmdc0ZvxxfQY1bg4= -cloud.google.com/go/documentai v1.16.0/go.mod h1:o0o0DLTEZ+YnJZ+J4wNfTxmDVyrkzFvttBXXtYRMHkM= -cloud.google.com/go/documentai v1.18.0/go.mod h1:F6CK6iUH8J81FehpskRmhLq/3VlwQvb7TvwOceQ2tbs= -cloud.google.com/go/domains v0.6.0/go.mod h1:T9Rz3GasrpYk6mEGHh4rymIhjlnIuB4ofT1wTxDeT4Y= -cloud.google.com/go/domains v0.7.0/go.mod h1:PtZeqS1xjnXuRPKE/88Iru/LdfoRyEHYA9nFQf4UKpg= -cloud.google.com/go/domains v0.8.0/go.mod h1:M9i3MMDzGFXsydri9/vW+EWz9sWb4I6WyHqdlAk0idE= -cloud.google.com/go/edgecontainer v0.1.0/go.mod h1:WgkZ9tp10bFxqO8BLPqv2LlfmQF1X8lZqwW4r1BTajk= -cloud.google.com/go/edgecontainer v0.2.0/go.mod h1:RTmLijy+lGpQ7BXuTDa4C4ssxyXT34NIuHIgKuP4s5w= -cloud.google.com/go/edgecontainer v0.3.0/go.mod h1:FLDpP4nykgwwIfcLt6zInhprzw0lEi2P1fjO6Ie0qbc= -cloud.google.com/go/edgecontainer v1.0.0/go.mod h1:cttArqZpBB2q58W/upSG++ooo6EsblxDIolxa3jSjbY= -cloud.google.com/go/errorreporting v0.3.0/go.mod h1:xsP2yaAp+OAW4OIm60An2bbLpqIhKXdWR/tawvl7QzU= -cloud.google.com/go/essentialcontacts v1.3.0/go.mod h1:r+OnHa5jfj90qIfZDO/VztSFqbQan7HV75p8sA+mdGI= -cloud.google.com/go/essentialcontacts v1.4.0/go.mod h1:8tRldvHYsmnBCHdFpvU+GL75oWiBKl80BiqlFh9tp+8= -cloud.google.com/go/essentialcontacts v1.5.0/go.mod h1:ay29Z4zODTuwliK7SnX8E86aUF2CTzdNtvv42niCX0M= -cloud.google.com/go/eventarc v1.7.0/go.mod h1:6ctpF3zTnaQCxUjHUdcfgcA1A2T309+omHZth7gDfmc= -cloud.google.com/go/eventarc v1.8.0/go.mod h1:imbzxkyAU4ubfsaKYdQg04WS1NvncblHEup4kvF+4gw= -cloud.google.com/go/eventarc v1.10.0/go.mod h1:u3R35tmZ9HvswGRBnF48IlYgYeBcPUCjkr4BTdem2Kw= -cloud.google.com/go/eventarc v1.11.0/go.mod h1:PyUjsUKPWoRBCHeOxZd/lbOOjahV41icXyUY5kSTvVY= -cloud.google.com/go/filestore v1.3.0/go.mod h1:+qbvHGvXU1HaKX2nD0WEPo92TP/8AQuCVEBXNY9z0+w= -cloud.google.com/go/filestore v1.4.0/go.mod h1:PaG5oDfo9r224f8OYXURtAsY+Fbyq/bLYoINEK8XQAI= -cloud.google.com/go/filestore v1.5.0/go.mod h1:FqBXDWBp4YLHqRnVGveOkHDf8svj9r5+mUDLupOWEDs= -cloud.google.com/go/filestore v1.6.0/go.mod h1:di5unNuss/qfZTw2U9nhFqo8/ZDSc466dre85Kydllg= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= -cloud.google.com/go/firestore v1.9.0/go.mod h1:HMkjKHNTtRyZNiMzu7YAsLr9K3X2udY2AMwDaMEQiiE= -cloud.google.com/go/functions v1.6.0/go.mod h1:3H1UA3qiIPRWD7PeZKLvHZ9SaQhR26XIJcC0A5GbvAk= -cloud.google.com/go/functions v1.7.0/go.mod h1:+d+QBcWM+RsrgZfV9xo6KfA1GlzJfxcfZcRPEhDDfzg= -cloud.google.com/go/functions v1.8.0/go.mod h1:RTZ4/HsQjIqIYP9a9YPbU+QFoQsAlYgrwOXJWHn1POY= -cloud.google.com/go/functions v1.9.0/go.mod h1:Y+Dz8yGguzO3PpIjhLTbnqV1CWmgQ5UwtlpzoyquQ08= -cloud.google.com/go/functions v1.10.0/go.mod h1:0D3hEOe3DbEvCXtYOZHQZmD+SzYsi1YbI7dGvHfldXw= -cloud.google.com/go/functions v1.12.0/go.mod h1:AXWGrF3e2C/5ehvwYo/GH6O5s09tOPksiKhz+hH8WkA= -cloud.google.com/go/functions v1.13.0/go.mod h1:EU4O007sQm6Ef/PwRsI8N2umygGqPBS/IZQKBQBcJ3c= -cloud.google.com/go/gaming v1.5.0/go.mod h1:ol7rGcxP/qHTRQE/RO4bxkXq+Fix0j6D4LFPzYTIrDM= -cloud.google.com/go/gaming v1.6.0/go.mod h1:YMU1GEvA39Qt3zWGyAVA9bpYz/yAhTvaQ1t2sK4KPUA= -cloud.google.com/go/gaming v1.7.0/go.mod h1:LrB8U7MHdGgFG851iHAfqUdLcKBdQ55hzXy9xBJz0+w= -cloud.google.com/go/gaming v1.8.0/go.mod h1:xAqjS8b7jAVW0KFYeRUxngo9My3f33kFmua++Pi+ggM= -cloud.google.com/go/gaming v1.9.0/go.mod h1:Fc7kEmCObylSWLO334NcO+O9QMDyz+TKC4v1D7X+Bc0= -cloud.google.com/go/gkebackup v0.2.0/go.mod h1:XKvv/4LfG829/B8B7xRkk8zRrOEbKtEam6yNfuQNH60= -cloud.google.com/go/gkebackup v0.3.0/go.mod h1:n/E671i1aOQvUxT541aTkCwExO/bTer2HDlj4TsBRAo= -cloud.google.com/go/gkebackup v0.4.0/go.mod h1:byAyBGUwYGEEww7xsbnUTBHIYcOPy/PgUWUtOeRm9Vg= -cloud.google.com/go/gkeconnect v0.5.0/go.mod h1:c5lsNAg5EwAy7fkqX/+goqFsU1Da/jQFqArp+wGNr/o= -cloud.google.com/go/gkeconnect v0.6.0/go.mod h1:Mln67KyU/sHJEBY8kFZ0xTeyPtzbq9StAVvEULYK16A= -cloud.google.com/go/gkeconnect v0.7.0/go.mod h1:SNfmVqPkaEi3bF/B3CNZOAYPYdg7sU+obZ+QTky2Myw= -cloud.google.com/go/gkehub v0.9.0/go.mod h1:WYHN6WG8w9bXU0hqNxt8rm5uxnk8IH+lPY9J2TV7BK0= -cloud.google.com/go/gkehub v0.10.0/go.mod h1:UIPwxI0DsrpsVoWpLB0stwKCP+WFVG9+y977wO+hBH0= -cloud.google.com/go/gkehub v0.11.0/go.mod h1:JOWHlmN+GHyIbuWQPl47/C2RFhnFKH38jH9Ascu3n0E= -cloud.google.com/go/gkehub v0.12.0/go.mod h1:djiIwwzTTBrF5NaXCGv3mf7klpEMcST17VBTVVDcuaw= -cloud.google.com/go/gkemulticloud v0.3.0/go.mod h1:7orzy7O0S+5kq95e4Hpn7RysVA7dPs8W/GgfUtsPbrA= -cloud.google.com/go/gkemulticloud v0.4.0/go.mod h1:E9gxVBnseLWCk24ch+P9+B2CoDFJZTyIgLKSalC7tuI= -cloud.google.com/go/gkemulticloud v0.5.0/go.mod h1:W0JDkiyi3Tqh0TJr//y19wyb1yf8llHVto2Htf2Ja3Y= -cloud.google.com/go/grafeas v0.2.0/go.mod h1:KhxgtF2hb0P191HlY5besjYm6MqTSTj3LSI+M+ByZHc= -cloud.google.com/go/gsuiteaddons v1.3.0/go.mod h1:EUNK/J1lZEZO8yPtykKxLXI6JSVN2rg9bN8SXOa0bgM= -cloud.google.com/go/gsuiteaddons v1.4.0/go.mod h1:rZK5I8hht7u7HxFQcFei0+AtfS9uSushomRlg+3ua1o= -cloud.google.com/go/gsuiteaddons v1.5.0/go.mod h1:TFCClYLd64Eaa12sFVmUyG62tk4mdIsI7pAnSXRkcFo= -cloud.google.com/go/iam v0.1.0/go.mod h1:vcUNEa0pEm0qRVpmWepWaFMIAI8/hjB9mO8rNCJtF6c= cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= -cloud.google.com/go/iam v0.5.0/go.mod h1:wPU9Vt0P4UmCux7mqtRu6jcpPAb74cP1fh50J3QpkUc= -cloud.google.com/go/iam v0.6.0/go.mod h1:+1AH33ueBne5MzYccyMHtEKqLE4/kJOibtffMHDMFMc= -cloud.google.com/go/iam v0.7.0/go.mod h1:H5Br8wRaDGNc8XP3keLc4unfUUZeyH3Sfl9XpQEYOeg= -cloud.google.com/go/iam v0.8.0/go.mod h1:lga0/y3iH6CX7sYqypWJ33hf7kkfXJag67naqGESjkE= -cloud.google.com/go/iam v0.11.0/go.mod h1:9PiLDanza5D+oWFZiH1uG+RnRCfEGKoyl6yo4cgWZGY= -cloud.google.com/go/iam v0.12.0/go.mod h1:knyHGviacl11zrtZUoDuYpDgLjvr28sLQaG0YB2GYAY= -cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0= -cloud.google.com/go/iap v1.4.0/go.mod h1:RGFwRJdihTINIe4wZ2iCP0zF/qu18ZwyKxrhMhygBEc= -cloud.google.com/go/iap v1.5.0/go.mod h1:UH/CGgKd4KyohZL5Pt0jSKE4m3FR51qg6FKQ/z/Ix9A= -cloud.google.com/go/iap v1.6.0/go.mod h1:NSuvI9C/j7UdjGjIde7t7HBz+QTwBcapPE07+sSRcLk= -cloud.google.com/go/iap v1.7.0/go.mod h1:beqQx56T9O1G1yNPph+spKpNibDlYIiIixiqsQXxLIo= -cloud.google.com/go/iap v1.7.1/go.mod h1:WapEwPc7ZxGt2jFGB/C/bm+hP0Y6NXzOYGjpPnmMS74= -cloud.google.com/go/ids v1.1.0/go.mod h1:WIuwCaYVOzHIj2OhN9HAwvW+DBdmUAdcWlFxRl+KubM= -cloud.google.com/go/ids v1.2.0/go.mod h1:5WXvp4n25S0rA/mQWAg1YEEBBq6/s+7ml1RDCW1IrcY= -cloud.google.com/go/ids v1.3.0/go.mod h1:JBdTYwANikFKaDP6LtW5JAi4gubs57SVNQjemdt6xV4= -cloud.google.com/go/iot v1.3.0/go.mod h1:r7RGh2B61+B8oz0AGE+J72AhA0G7tdXItODWsaA2oLs= -cloud.google.com/go/iot v1.4.0/go.mod h1:dIDxPOn0UvNDUMD8Ger7FIaTuvMkj+aGk94RPP0iV+g= -cloud.google.com/go/iot v1.5.0/go.mod h1:mpz5259PDl3XJthEmh9+ap0affn/MqNSP4My77Qql9o= -cloud.google.com/go/iot v1.6.0/go.mod h1:IqdAsmE2cTYYNO1Fvjfzo9po179rAtJeVGUvkLN3rLE= -cloud.google.com/go/kms v1.4.0/go.mod h1:fajBHndQ+6ubNw6Ss2sSd+SWvjL26RNo/dr7uxsnnOA= -cloud.google.com/go/kms v1.5.0/go.mod h1:QJS2YY0eJGBg3mnDfuaCyLauWwBJiHRboYxJ++1xJNg= -cloud.google.com/go/kms v1.6.0/go.mod h1:Jjy850yySiasBUDi6KFUwUv2n1+o7QZFyuUJg6OgjA0= -cloud.google.com/go/kms v1.8.0/go.mod h1:4xFEhYFqvW+4VMELtZyxomGSYtSQKzM178ylFW4jMAg= -cloud.google.com/go/kms v1.9.0/go.mod h1:qb1tPTgfF9RQP8e1wq4cLFErVuTJv7UsSC915J8dh3w= -cloud.google.com/go/kms v1.10.0/go.mod h1:ng3KTUtQQU9bPX3+QGLsflZIHlkbn8amFAMY63m8d24= -cloud.google.com/go/kms v1.10.1/go.mod h1:rIWk/TryCkR59GMC3YtHtXeLzd634lBbKenvyySAyYI= -cloud.google.com/go/language v1.4.0/go.mod h1:F9dRpNFQmJbkaop6g0JhSBXCNlO90e1KWx5iDdxbWic= -cloud.google.com/go/language v1.6.0/go.mod h1:6dJ8t3B+lUYfStgls25GusK04NLh3eDLQnWM3mdEbhI= -cloud.google.com/go/language v1.7.0/go.mod h1:DJ6dYN/W+SQOjF8e1hLQXMF21AkH2w9wiPzPCJa2MIE= -cloud.google.com/go/language v1.8.0/go.mod h1:qYPVHf7SPoNNiCL2Dr0FfEFNil1qi3pQEyygwpgVKB8= -cloud.google.com/go/language v1.9.0/go.mod h1:Ns15WooPM5Ad/5no/0n81yUetis74g3zrbeJBE+ptUY= -cloud.google.com/go/lifesciences v0.5.0/go.mod h1:3oIKy8ycWGPUyZDR/8RNnTOYevhaMLqh5vLUXs9zvT8= -cloud.google.com/go/lifesciences v0.6.0/go.mod h1:ddj6tSX/7BOnhxCSd3ZcETvtNr8NZ6t/iPhY2Tyfu08= -cloud.google.com/go/lifesciences v0.8.0/go.mod h1:lFxiEOMqII6XggGbOnKiyZ7IBwoIqA84ClvoezaA/bo= -cloud.google.com/go/logging v1.6.1/go.mod h1:5ZO0mHHbvm8gEmeEUHrmDlTDSu5imF6MUP9OfilNXBw= -cloud.google.com/go/logging v1.7.0/go.mod h1:3xjP2CjkM3ZkO73aj4ASA5wRPGGCRrPIAeNqVNkzY8M= -cloud.google.com/go/longrunning v0.1.1/go.mod h1:UUFxuDWkv22EuY93jjmDMFT5GPQKeFVJBIF6QlTqdsE= -cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc= -cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo= -cloud.google.com/go/managedidentities v1.3.0/go.mod h1:UzlW3cBOiPrzucO5qWkNkh0w33KFtBJU281hacNvsdE= -cloud.google.com/go/managedidentities v1.4.0/go.mod h1:NWSBYbEMgqmbZsLIyKvxrYbtqOsxY1ZrGM+9RgDqInM= -cloud.google.com/go/managedidentities v1.5.0/go.mod h1:+dWcZ0JlUmpuxpIDfyP5pP5y0bLdRwOS4Lp7gMni/LA= -cloud.google.com/go/maps v0.1.0/go.mod h1:BQM97WGyfw9FWEmQMpZ5T6cpovXXSd1cGmFma94eubI= -cloud.google.com/go/maps v0.6.0/go.mod h1:o6DAMMfb+aINHz/p/jbcY+mYeXBoZoxTfdSQ8VAJaCw= -cloud.google.com/go/maps v0.7.0/go.mod h1:3GnvVl3cqeSvgMcpRlQidXsPYuDGQ8naBis7MVzpXsY= -cloud.google.com/go/mediatranslation v0.5.0/go.mod h1:jGPUhGTybqsPQn91pNXw0xVHfuJ3leR1wj37oU3y1f4= -cloud.google.com/go/mediatranslation v0.6.0/go.mod h1:hHdBCTYNigsBxshbznuIMFNe5QXEowAuNmmC7h8pu5w= -cloud.google.com/go/mediatranslation v0.7.0/go.mod h1:LCnB/gZr90ONOIQLgSXagp8XUW1ODs2UmUMvcgMfI2I= -cloud.google.com/go/memcache v1.4.0/go.mod h1:rTOfiGZtJX1AaFUrOgsMHX5kAzaTQ8azHiuDoTPzNsE= -cloud.google.com/go/memcache v1.5.0/go.mod h1:dk3fCK7dVo0cUU2c36jKb4VqKPS22BTkf81Xq617aWM= -cloud.google.com/go/memcache v1.6.0/go.mod h1:XS5xB0eQZdHtTuTF9Hf8eJkKtR3pVRCcvJwtm68T3rA= -cloud.google.com/go/memcache v1.7.0/go.mod h1:ywMKfjWhNtkQTxrWxCkCFkoPjLHPW6A7WOTVI8xy3LY= -cloud.google.com/go/memcache v1.9.0/go.mod h1:8oEyzXCu+zo9RzlEaEjHl4KkgjlNDaXbCQeQWlzNFJM= -cloud.google.com/go/metastore v1.5.0/go.mod h1:2ZNrDcQwghfdtCwJ33nM0+GrBGlVuh8rakL3vdPY3XY= -cloud.google.com/go/metastore v1.6.0/go.mod h1:6cyQTls8CWXzk45G55x57DVQ9gWg7RiH65+YgPsNh9s= -cloud.google.com/go/metastore v1.7.0/go.mod h1:s45D0B4IlsINu87/AsWiEVYbLaIMeUSoxlKKDqBGFS8= -cloud.google.com/go/metastore v1.8.0/go.mod h1:zHiMc4ZUpBiM7twCIFQmJ9JMEkDSyZS9U12uf7wHqSI= -cloud.google.com/go/metastore v1.10.0/go.mod h1:fPEnH3g4JJAk+gMRnrAnoqyv2lpUCqJPWOodSaf45Eo= -cloud.google.com/go/monitoring v1.7.0/go.mod h1:HpYse6kkGo//7p6sT0wsIC6IBDET0RhIsnmlA53dvEk= -cloud.google.com/go/monitoring v1.8.0/go.mod h1:E7PtoMJ1kQXWxPjB6mv2fhC5/15jInuulFdYYtlcvT4= -cloud.google.com/go/monitoring v1.12.0/go.mod h1:yx8Jj2fZNEkL/GYZyTLS4ZtZEZN8WtDEiEqG4kLK50w= -cloud.google.com/go/monitoring v1.13.0/go.mod h1:k2yMBAB1H9JT/QETjNkgdCGD9bPF712XiLTVr+cBrpw= -cloud.google.com/go/networkconnectivity v1.4.0/go.mod h1:nOl7YL8odKyAOtzNX73/M5/mGZgqqMeryi6UPZTk/rA= -cloud.google.com/go/networkconnectivity v1.5.0/go.mod h1:3GzqJx7uhtlM3kln0+x5wyFvuVH1pIBJjhCpjzSt75o= -cloud.google.com/go/networkconnectivity v1.6.0/go.mod h1:OJOoEXW+0LAxHh89nXd64uGG+FbQoeH8DtxCHVOMlaM= -cloud.google.com/go/networkconnectivity v1.7.0/go.mod h1:RMuSbkdbPwNMQjB5HBWD5MpTBnNm39iAVpC3TmsExt8= -cloud.google.com/go/networkconnectivity v1.10.0/go.mod h1:UP4O4sWXJG13AqrTdQCD9TnLGEbtNRqjuaaA7bNjF5E= -cloud.google.com/go/networkconnectivity v1.11.0/go.mod h1:iWmDD4QF16VCDLXUqvyspJjIEtBR/4zq5hwnY2X3scM= -cloud.google.com/go/networkmanagement v1.4.0/go.mod h1:Q9mdLLRn60AsOrPc8rs8iNV6OHXaGcDdsIQe1ohekq8= -cloud.google.com/go/networkmanagement v1.5.0/go.mod h1:ZnOeZ/evzUdUsnvRt792H0uYEnHQEMaz+REhhzJRcf4= -cloud.google.com/go/networkmanagement v1.6.0/go.mod h1:5pKPqyXjB/sgtvB5xqOemumoQNB7y95Q7S+4rjSOPYY= -cloud.google.com/go/networksecurity v0.5.0/go.mod h1:xS6fOCoqpVC5zx15Z/MqkfDwH4+m/61A3ODiDV1xmiQ= -cloud.google.com/go/networksecurity v0.6.0/go.mod h1:Q5fjhTr9WMI5mbpRYEbiexTzROf7ZbDzvzCrNl14nyU= -cloud.google.com/go/networksecurity v0.7.0/go.mod h1:mAnzoxx/8TBSyXEeESMy9OOYwo1v+gZ5eMRnsT5bC8k= -cloud.google.com/go/networksecurity v0.8.0/go.mod h1:B78DkqsxFG5zRSVuwYFRZ9Xz8IcQ5iECsNrPn74hKHU= -cloud.google.com/go/notebooks v1.2.0/go.mod h1:9+wtppMfVPUeJ8fIWPOq1UnATHISkGXGqTkxeieQ6UY= -cloud.google.com/go/notebooks v1.3.0/go.mod h1:bFR5lj07DtCPC7YAAJ//vHskFBxA5JzYlH68kXVdk34= -cloud.google.com/go/notebooks v1.4.0/go.mod h1:4QPMngcwmgb6uw7Po99B2xv5ufVoIQ7nOGDyL4P8AgA= -cloud.google.com/go/notebooks v1.5.0/go.mod h1:q8mwhnP9aR8Hpfnrc5iN5IBhrXUy8S2vuYs+kBJ/gu0= -cloud.google.com/go/notebooks v1.7.0/go.mod h1:PVlaDGfJgj1fl1S3dUwhFMXFgfYGhYQt2164xOMONmE= -cloud.google.com/go/notebooks v1.8.0/go.mod h1:Lq6dYKOYOWUCTvw5t2q1gp1lAp0zxAxRycayS0iJcqQ= -cloud.google.com/go/optimization v1.1.0/go.mod h1:5po+wfvX5AQlPznyVEZjGJTMr4+CAkJf2XSTQOOl9l4= -cloud.google.com/go/optimization v1.2.0/go.mod h1:Lr7SOHdRDENsh+WXVmQhQTrzdu9ybg0NecjHidBq6xs= -cloud.google.com/go/optimization v1.3.1/go.mod h1:IvUSefKiwd1a5p0RgHDbWCIbDFgKuEdB+fPPuP0IDLI= -cloud.google.com/go/orchestration v1.3.0/go.mod h1:Sj5tq/JpWiB//X/q3Ngwdl5K7B7Y0KZ7bfv0wL6fqVA= -cloud.google.com/go/orchestration v1.4.0/go.mod h1:6W5NLFWs2TlniBphAViZEVhrXRSMgUGDfW7vrWKvsBk= -cloud.google.com/go/orchestration v1.6.0/go.mod h1:M62Bevp7pkxStDfFfTuCOaXgaaqRAga1yKyoMtEoWPQ= -cloud.google.com/go/orgpolicy v1.4.0/go.mod h1:xrSLIV4RePWmP9P3tBl8S93lTmlAxjm06NSm2UTmKvE= -cloud.google.com/go/orgpolicy v1.5.0/go.mod h1:hZEc5q3wzwXJaKrsx5+Ewg0u1LxJ51nNFlext7Tanwc= -cloud.google.com/go/orgpolicy v1.10.0/go.mod h1:w1fo8b7rRqlXlIJbVhOMPrwVljyuW5mqssvBtU18ONc= -cloud.google.com/go/osconfig v1.7.0/go.mod h1:oVHeCeZELfJP7XLxcBGTMBvRO+1nQ5tFG9VQTmYS2Fs= -cloud.google.com/go/osconfig v1.8.0/go.mod h1:EQqZLu5w5XA7eKizepumcvWx+m8mJUhEwiPqWiZeEdg= -cloud.google.com/go/osconfig v1.9.0/go.mod h1:Yx+IeIZJ3bdWmzbQU4fxNl8xsZ4amB+dygAwFPlvnNo= -cloud.google.com/go/osconfig v1.10.0/go.mod h1:uMhCzqC5I8zfD9zDEAfvgVhDS8oIjySWh+l4WK6GnWw= -cloud.google.com/go/osconfig v1.11.0/go.mod h1:aDICxrur2ogRd9zY5ytBLV89KEgT2MKB2L/n6x1ooPw= -cloud.google.com/go/oslogin v1.4.0/go.mod h1:YdgMXWRaElXz/lDk1Na6Fh5orF7gvmJ0FGLIs9LId4E= -cloud.google.com/go/oslogin v1.5.0/go.mod h1:D260Qj11W2qx/HVF29zBg+0fd6YCSjSqLUkY/qEenQU= -cloud.google.com/go/oslogin v1.6.0/go.mod h1:zOJ1O3+dTU8WPlGEkFSh7qeHPPSoxrcMbbK1Nm2iX70= -cloud.google.com/go/oslogin v1.7.0/go.mod h1:e04SN0xO1UNJ1M5GP0vzVBFicIe4O53FOfcixIqTyXo= -cloud.google.com/go/oslogin v1.9.0/go.mod h1:HNavntnH8nzrn8JCTT5fj18FuJLFJc4NaZJtBnQtKFs= -cloud.google.com/go/phishingprotection v0.5.0/go.mod h1:Y3HZknsK9bc9dMi+oE8Bim0lczMU6hrX0UpADuMefr0= -cloud.google.com/go/phishingprotection v0.6.0/go.mod h1:9Y3LBLgy0kDTcYET8ZH3bq/7qni15yVUoAxiFxnlSUA= -cloud.google.com/go/phishingprotection v0.7.0/go.mod h1:8qJI4QKHoda/sb/7/YmMQ2omRLSLYSu9bU0EKCNI+Lk= -cloud.google.com/go/policytroubleshooter v1.3.0/go.mod h1:qy0+VwANja+kKrjlQuOzmlvscn4RNsAc0e15GGqfMxg= -cloud.google.com/go/policytroubleshooter v1.4.0/go.mod h1:DZT4BcRw3QoO8ota9xw/LKtPa8lKeCByYeKTIf/vxdE= -cloud.google.com/go/policytroubleshooter v1.5.0/go.mod h1:Rz1WfV+1oIpPdN2VvvuboLVRsB1Hclg3CKQ53j9l8vw= -cloud.google.com/go/policytroubleshooter v1.6.0/go.mod h1:zYqaPTsmfvpjm5ULxAyD/lINQxJ0DDsnWOP/GZ7xzBc= -cloud.google.com/go/privatecatalog v0.5.0/go.mod h1:XgosMUvvPyxDjAVNDYxJ7wBW8//hLDDYmnsNcMGq1K0= -cloud.google.com/go/privatecatalog v0.6.0/go.mod h1:i/fbkZR0hLN29eEWiiwue8Pb+GforiEIBnV9yrRUOKI= -cloud.google.com/go/privatecatalog v0.7.0/go.mod h1:2s5ssIFO69F5csTXcwBP7NPFTZvps26xGzvQ2PQaBYg= -cloud.google.com/go/privatecatalog v0.8.0/go.mod h1:nQ6pfaegeDAq/Q5lrfCQzQLhubPiZhSaNhIgfJlnIXs= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= -cloud.google.com/go/pubsub v1.26.0/go.mod h1:QgBH3U/jdJy/ftjPhTkyXNj543Tin1pRYcdcPRnFIRI= -cloud.google.com/go/pubsub v1.27.1/go.mod h1:hQN39ymbV9geqBnfQq6Xf63yNhUAhv9CZhzp5O6qsW0= -cloud.google.com/go/pubsub v1.28.0/go.mod h1:vuXFpwaVoIPQMGXqRyUQigu/AX1S3IWugR9xznmcXX8= -cloud.google.com/go/pubsub v1.30.0/go.mod h1:qWi1OPS0B+b5L+Sg6Gmc9zD1Y+HaM0MdUr7LsupY1P4= -cloud.google.com/go/pubsublite v1.5.0/go.mod h1:xapqNQ1CuLfGi23Yda/9l4bBCKz/wC3KIJ5gKcxveZg= -cloud.google.com/go/pubsublite v1.6.0/go.mod h1:1eFCS0U11xlOuMFV/0iBqw3zP12kddMeCbj/F3FSj9k= -cloud.google.com/go/pubsublite v1.7.0/go.mod h1:8hVMwRXfDfvGm3fahVbtDbiLePT3gpoiJYJY+vxWxVM= -cloud.google.com/go/recaptchaenterprise v1.3.1/go.mod h1:OdD+q+y4XGeAlxRaMn1Y7/GveP6zmq76byL6tjPE7d4= -cloud.google.com/go/recaptchaenterprise/v2 v2.1.0/go.mod h1:w9yVqajwroDNTfGuhmOjPDN//rZGySaf6PtFVcSCa7o= -cloud.google.com/go/recaptchaenterprise/v2 v2.2.0/go.mod h1:/Zu5jisWGeERrd5HnlS3EUGb/D335f9k51B/FVil0jk= -cloud.google.com/go/recaptchaenterprise/v2 v2.3.0/go.mod h1:O9LwGCjrhGHBQET5CA7dd5NwwNQUErSgEDit1DLNTdo= -cloud.google.com/go/recaptchaenterprise/v2 v2.4.0/go.mod h1:Am3LHfOuBstrLrNCBrlI5sbwx9LBg3te2N6hGvHn2mE= -cloud.google.com/go/recaptchaenterprise/v2 v2.5.0/go.mod h1:O8LzcHXN3rz0j+LBC91jrwI3R+1ZSZEWrfL7XHgNo9U= -cloud.google.com/go/recaptchaenterprise/v2 v2.6.0/go.mod h1:RPauz9jeLtB3JVzg6nCbe12qNoaa8pXc4d/YukAmcnA= -cloud.google.com/go/recaptchaenterprise/v2 v2.7.0/go.mod h1:19wVj/fs5RtYtynAPJdDTb69oW0vNHYDBTbB4NvMD9c= -cloud.google.com/go/recommendationengine v0.5.0/go.mod h1:E5756pJcVFeVgaQv3WNpImkFP8a+RptV6dDLGPILjvg= -cloud.google.com/go/recommendationengine v0.6.0/go.mod h1:08mq2umu9oIqc7tDy8sx+MNJdLG0fUi3vaSVbztHgJ4= -cloud.google.com/go/recommendationengine v0.7.0/go.mod h1:1reUcE3GIu6MeBz/h5xZJqNLuuVjNg1lmWMPyjatzac= -cloud.google.com/go/recommender v1.5.0/go.mod h1:jdoeiBIVrJe9gQjwd759ecLJbxCDED4A6p+mqoqDvTg= -cloud.google.com/go/recommender v1.6.0/go.mod h1:+yETpm25mcoiECKh9DEScGzIRyDKpZ0cEhWGo+8bo+c= -cloud.google.com/go/recommender v1.7.0/go.mod h1:XLHs/W+T8olwlGOgfQenXBTbIseGclClff6lhFVe9Bs= -cloud.google.com/go/recommender v1.8.0/go.mod h1:PkjXrTT05BFKwxaUxQmtIlrtj0kph108r02ZZQ5FE70= -cloud.google.com/go/recommender v1.9.0/go.mod h1:PnSsnZY7q+VL1uax2JWkt/UegHssxjUVVCrX52CuEmQ= -cloud.google.com/go/redis v1.7.0/go.mod h1:V3x5Jq1jzUcg+UNsRvdmsfuFnit1cfe3Z/PGyq/lm4Y= -cloud.google.com/go/redis v1.8.0/go.mod h1:Fm2szCDavWzBk2cDKxrkmWBqoCiL1+Ctwq7EyqBCA/A= -cloud.google.com/go/redis v1.9.0/go.mod h1:HMYQuajvb2D0LvMgZmLDZW8V5aOC/WxstZHiy4g8OiA= -cloud.google.com/go/redis v1.10.0/go.mod h1:ThJf3mMBQtW18JzGgh41/Wld6vnDDc/F/F35UolRZPM= -cloud.google.com/go/redis v1.11.0/go.mod h1:/X6eicana+BWcUda5PpwZC48o37SiFVTFSs0fWAJ7uQ= -cloud.google.com/go/resourcemanager v1.3.0/go.mod h1:bAtrTjZQFJkiWTPDb1WBjzvc6/kifjj4QBYuKCCoqKA= -cloud.google.com/go/resourcemanager v1.4.0/go.mod h1:MwxuzkumyTX7/a3n37gmsT3py7LIXwrShilPh3P1tR0= -cloud.google.com/go/resourcemanager v1.5.0/go.mod h1:eQoXNAiAvCf5PXxWxXjhKQoTMaUSNrEfg+6qdf/wots= -cloud.google.com/go/resourcemanager v1.6.0/go.mod h1:YcpXGRs8fDzcUl1Xw8uOVmI8JEadvhRIkoXXUNVYcVo= -cloud.google.com/go/resourcemanager v1.7.0/go.mod h1:HlD3m6+bwhzj9XCouqmeiGuni95NTrExfhoSrkC/3EI= -cloud.google.com/go/resourcesettings v1.3.0/go.mod h1:lzew8VfESA5DQ8gdlHwMrqZs1S9V87v3oCnKCWoOuQU= -cloud.google.com/go/resourcesettings v1.4.0/go.mod h1:ldiH9IJpcrlC3VSuCGvjR5of/ezRrOxFtpJoJo5SmXg= -cloud.google.com/go/resourcesettings v1.5.0/go.mod h1:+xJF7QSG6undsQDfsCJyqWXyBwUoJLhetkRMDRnIoXA= -cloud.google.com/go/retail v1.8.0/go.mod h1:QblKS8waDmNUhghY2TI9O3JLlFk8jybHeV4BF19FrE4= -cloud.google.com/go/retail v1.9.0/go.mod h1:g6jb6mKuCS1QKnH/dpu7isX253absFl6iE92nHwlBUY= -cloud.google.com/go/retail v1.10.0/go.mod h1:2gDk9HsL4HMS4oZwz6daui2/jmKvqShXKQuB2RZ+cCc= -cloud.google.com/go/retail v1.11.0/go.mod h1:MBLk1NaWPmh6iVFSz9MeKG/Psyd7TAgm6y/9L2B4x9Y= -cloud.google.com/go/retail v1.12.0/go.mod h1:UMkelN/0Z8XvKymXFbD4EhFJlYKRx1FGhQkVPU5kF14= -cloud.google.com/go/run v0.2.0/go.mod h1:CNtKsTA1sDcnqqIFR3Pb5Tq0usWxJJvsWOCPldRU3Do= -cloud.google.com/go/run v0.3.0/go.mod h1:TuyY1+taHxTjrD0ZFk2iAR+xyOXEA0ztb7U3UNA0zBo= -cloud.google.com/go/run v0.8.0/go.mod h1:VniEnuBwqjigv0A7ONfQUaEItaiCRVujlMqerPPiktM= -cloud.google.com/go/run v0.9.0/go.mod h1:Wwu+/vvg8Y+JUApMwEDfVfhetv30hCG4ZwDR/IXl2Qg= -cloud.google.com/go/scheduler v1.4.0/go.mod h1:drcJBmxF3aqZJRhmkHQ9b3uSSpQoltBPGPxGAWROx6s= -cloud.google.com/go/scheduler v1.5.0/go.mod h1:ri073ym49NW3AfT6DZi21vLZrG07GXr5p3H1KxN5QlI= -cloud.google.com/go/scheduler v1.6.0/go.mod h1:SgeKVM7MIwPn3BqtcBntpLyrIJftQISRrYB5ZtT+KOk= -cloud.google.com/go/scheduler v1.7.0/go.mod h1:jyCiBqWW956uBjjPMMuX09n3x37mtyPJegEWKxRsn44= -cloud.google.com/go/scheduler v1.8.0/go.mod h1:TCET+Y5Gp1YgHT8py4nlg2Sew8nUHMqcpousDgXJVQc= -cloud.google.com/go/scheduler v1.9.0/go.mod h1:yexg5t+KSmqu+njTIh3b7oYPheFtBWGcbVUYF1GGMIc= -cloud.google.com/go/secretmanager v1.6.0/go.mod h1:awVa/OXF6IiyaU1wQ34inzQNc4ISIDIrId8qE5QGgKA= -cloud.google.com/go/secretmanager v1.8.0/go.mod h1:hnVgi/bN5MYHd3Gt0SPuTPPp5ENina1/LxM+2W9U9J4= -cloud.google.com/go/secretmanager v1.9.0/go.mod h1:b71qH2l1yHmWQHt9LC80akm86mX8AL6X1MA01dW8ht4= -cloud.google.com/go/secretmanager v1.10.0/go.mod h1:MfnrdvKMPNra9aZtQFvBcvRU54hbPD8/HayQdlUgJpU= -cloud.google.com/go/security v1.5.0/go.mod h1:lgxGdyOKKjHL4YG3/YwIL2zLqMFCKs0UbQwgyZmfJl4= -cloud.google.com/go/security v1.7.0/go.mod h1:mZklORHl6Bg7CNnnjLH//0UlAlaXqiG7Lb9PsPXLfD0= -cloud.google.com/go/security v1.8.0/go.mod h1:hAQOwgmaHhztFhiQ41CjDODdWP0+AE1B3sX4OFlq+GU= -cloud.google.com/go/security v1.9.0/go.mod h1:6Ta1bO8LXI89nZnmnsZGp9lVoVWXqsVbIq/t9dzI+2Q= -cloud.google.com/go/security v1.10.0/go.mod h1:QtOMZByJVlibUT2h9afNDWRZ1G96gVywH8T5GUSb9IA= -cloud.google.com/go/security v1.12.0/go.mod h1:rV6EhrpbNHrrxqlvW0BWAIawFWq3X90SduMJdFwtLB8= -cloud.google.com/go/security v1.13.0/go.mod h1:Q1Nvxl1PAgmeW0y3HTt54JYIvUdtcpYKVfIB8AOMZ+0= -cloud.google.com/go/securitycenter v1.13.0/go.mod h1:cv5qNAqjY84FCN6Y9z28WlkKXyWsgLO832YiWwkCWcU= -cloud.google.com/go/securitycenter v1.14.0/go.mod h1:gZLAhtyKv85n52XYWt6RmeBdydyxfPeTrpToDPw4Auc= -cloud.google.com/go/securitycenter v1.15.0/go.mod h1:PeKJ0t8MoFmmXLXWm41JidyzI3PJjd8sXWaVqg43WWk= -cloud.google.com/go/securitycenter v1.16.0/go.mod h1:Q9GMaLQFUD+5ZTabrbujNWLtSLZIZF7SAR0wWECrjdk= -cloud.google.com/go/securitycenter v1.18.1/go.mod h1:0/25gAzCM/9OL9vVx4ChPeM/+DlfGQJDwBy/UC8AKK0= -cloud.google.com/go/securitycenter v1.19.0/go.mod h1:LVLmSg8ZkkyaNy4u7HCIshAngSQ8EcIRREP3xBnyfag= -cloud.google.com/go/servicecontrol v1.4.0/go.mod h1:o0hUSJ1TXJAmi/7fLJAedOovnujSEvjKCAFNXPQ1RaU= -cloud.google.com/go/servicecontrol v1.5.0/go.mod h1:qM0CnXHhyqKVuiZnGKrIurvVImCs8gmqWsDoqe9sU1s= -cloud.google.com/go/servicecontrol v1.10.0/go.mod h1:pQvyvSRh7YzUF2efw7H87V92mxU8FnFDawMClGCNuAA= -cloud.google.com/go/servicecontrol v1.11.0/go.mod h1:kFmTzYzTUIuZs0ycVqRHNaNhgR+UMUpw9n02l/pY+mc= -cloud.google.com/go/servicecontrol v1.11.1/go.mod h1:aSnNNlwEFBY+PWGQ2DoM0JJ/QUXqV5/ZD9DOLB7SnUk= -cloud.google.com/go/servicedirectory v1.4.0/go.mod h1:gH1MUaZCgtP7qQiI+F+A+OpeKF/HQWgtAddhTbhL2bs= -cloud.google.com/go/servicedirectory v1.5.0/go.mod h1:QMKFL0NUySbpZJ1UZs3oFAmdvVxhhxB6eJ/Vlp73dfg= -cloud.google.com/go/servicedirectory v1.6.0/go.mod h1:pUlbnWsLH9c13yGkxCmfumWEPjsRs1RlmJ4pqiNjVL4= -cloud.google.com/go/servicedirectory v1.7.0/go.mod h1:5p/U5oyvgYGYejufvxhgwjL8UVXjkuw7q5XcG10wx1U= -cloud.google.com/go/servicedirectory v1.8.0/go.mod h1:srXodfhY1GFIPvltunswqXpVxFPpZjf8nkKQT7XcXaY= -cloud.google.com/go/servicedirectory v1.9.0/go.mod h1:29je5JjiygNYlmsGz8k6o+OZ8vd4f//bQLtvzkPPT/s= -cloud.google.com/go/servicemanagement v1.4.0/go.mod h1:d8t8MDbezI7Z2R1O/wu8oTggo3BI2GKYbdG4y/SJTco= -cloud.google.com/go/servicemanagement v1.5.0/go.mod h1:XGaCRe57kfqu4+lRxaFEAuqmjzF0r+gWHjWqKqBvKFo= -cloud.google.com/go/servicemanagement v1.6.0/go.mod h1:aWns7EeeCOtGEX4OvZUWCCJONRZeFKiptqKf1D0l/Jc= -cloud.google.com/go/servicemanagement v1.8.0/go.mod h1:MSS2TDlIEQD/fzsSGfCdJItQveu9NXnUniTrq/L8LK4= -cloud.google.com/go/serviceusage v1.3.0/go.mod h1:Hya1cozXM4SeSKTAgGXgj97GlqUvF5JaoXacR1JTP/E= -cloud.google.com/go/serviceusage v1.4.0/go.mod h1:SB4yxXSaYVuUBYUml6qklyONXNLt83U0Rb+CXyhjEeU= -cloud.google.com/go/serviceusage v1.5.0/go.mod h1:w8U1JvqUqwJNPEOTQjrMHkw3IaIFLoLsPLvsE3xueec= -cloud.google.com/go/serviceusage v1.6.0/go.mod h1:R5wwQcbOWsyuOfbP9tGdAnCAc6B9DRwPG1xtWMDeuPA= -cloud.google.com/go/shell v1.3.0/go.mod h1:VZ9HmRjZBsjLGXusm7K5Q5lzzByZmJHf1d0IWHEN5X4= -cloud.google.com/go/shell v1.4.0/go.mod h1:HDxPzZf3GkDdhExzD/gs8Grqk+dmYcEjGShZgYa9URw= -cloud.google.com/go/shell v1.6.0/go.mod h1:oHO8QACS90luWgxP3N9iZVuEiSF84zNyLytb+qE2f9A= -cloud.google.com/go/spanner v1.41.0/go.mod h1:MLYDBJR/dY4Wt7ZaMIQ7rXOTLjYrmxLE/5ve9vFfWos= -cloud.google.com/go/spanner v1.44.0/go.mod h1:G8XIgYdOK+Fbcpbs7p2fiprDw4CaZX63whnSMLVBxjk= -cloud.google.com/go/spanner v1.45.0/go.mod h1:FIws5LowYz8YAE1J8fOS7DJup8ff7xJeetWEo5REA2M= -cloud.google.com/go/speech v1.6.0/go.mod h1:79tcr4FHCimOp56lwC01xnt/WPJZc4v3gzyT7FoBkCM= -cloud.google.com/go/speech v1.7.0/go.mod h1:KptqL+BAQIhMsj1kOP2la5DSEEerPDuOP/2mmkhHhZQ= -cloud.google.com/go/speech v1.8.0/go.mod h1:9bYIl1/tjsAnMgKGHKmBZzXKEkGgtU+MpdDPTE9f7y0= -cloud.google.com/go/speech v1.9.0/go.mod h1:xQ0jTcmnRFFM2RfX/U+rk6FQNUF6DQlydUSyoooSpco= -cloud.google.com/go/speech v1.14.1/go.mod h1:gEosVRPJ9waG7zqqnsHpYTOoAS4KouMRLDFMekpJ0J0= -cloud.google.com/go/speech v1.15.0/go.mod h1:y6oH7GhqCaZANH7+Oe0BhgIogsNInLlz542tg3VqeYI= cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= -cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= cloud.google.com/go/storage v1.22.1/go.mod h1:S8N1cAStu7BOeFfE8KAQzmyyLkK8p/vmRq6kuBTW58Y= -cloud.google.com/go/storage v1.23.0/go.mod h1:vOEEDNFnciUMhBeT6hsJIn3ieU5cFRmzeLgDvXzfIXc= -cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s= -cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= -cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= -cloud.google.com/go/storagetransfer v1.5.0/go.mod h1:dxNzUopWy7RQevYFHewchb29POFv3/AaBgnhqzqiK0w= -cloud.google.com/go/storagetransfer v1.6.0/go.mod h1:y77xm4CQV/ZhFZH75PLEXY0ROiS7Gh6pSKrM8dJyg6I= -cloud.google.com/go/storagetransfer v1.7.0/go.mod h1:8Giuj1QNb1kfLAiWM1bN6dHzfdlDAVC9rv9abHot2W4= -cloud.google.com/go/storagetransfer v1.8.0/go.mod h1:JpegsHHU1eXg7lMHkvf+KE5XDJ7EQu0GwNJbbVGanEw= -cloud.google.com/go/talent v1.1.0/go.mod h1:Vl4pt9jiHKvOgF9KoZo6Kob9oV4lwd/ZD5Cto54zDRw= -cloud.google.com/go/talent v1.2.0/go.mod h1:MoNF9bhFQbiJ6eFD3uSsg0uBALw4n4gaCaEjBw9zo8g= -cloud.google.com/go/talent v1.3.0/go.mod h1:CmcxwJ/PKfRgd1pBjQgU6W3YBwiewmUzQYH5HHmSCmM= -cloud.google.com/go/talent v1.4.0/go.mod h1:ezFtAgVuRf8jRsvyE6EwmbTK5LKciD4KVnHuDEFmOOA= -cloud.google.com/go/talent v1.5.0/go.mod h1:G+ODMj9bsasAEJkQSzO2uHQWXHHXUomArjWQQYkqK6c= -cloud.google.com/go/texttospeech v1.4.0/go.mod h1:FX8HQHA6sEpJ7rCMSfXuzBcysDAuWusNNNvN9FELDd8= -cloud.google.com/go/texttospeech v1.5.0/go.mod h1:oKPLhR4n4ZdQqWKURdwxMy0uiTS1xU161C8W57Wkea4= -cloud.google.com/go/texttospeech v1.6.0/go.mod h1:YmwmFT8pj1aBblQOI3TfKmwibnsfvhIBzPXcW4EBovc= -cloud.google.com/go/tpu v1.3.0/go.mod h1:aJIManG0o20tfDQlRIej44FcwGGl/cD0oiRyMKG19IQ= -cloud.google.com/go/tpu v1.4.0/go.mod h1:mjZaX8p0VBgllCzF6wcU2ovUXN9TONFLd7iz227X2Xg= -cloud.google.com/go/tpu v1.5.0/go.mod h1:8zVo1rYDFuW2l4yZVY0R0fb/v44xLh3llq7RuV61fPM= -cloud.google.com/go/trace v1.3.0/go.mod h1:FFUE83d9Ca57C+K8rDl/Ih8LwOzWIV1krKgxg6N0G28= -cloud.google.com/go/trace v1.4.0/go.mod h1:UG0v8UBqzusp+z63o7FK74SdFE+AXpCLdFb1rshXG+Y= -cloud.google.com/go/trace v1.8.0/go.mod h1:zH7vcsbAhklH8hWFig58HvxcxyQbaIqMarMg9hn5ECA= -cloud.google.com/go/trace v1.9.0/go.mod h1:lOQqpE5IaWY0Ixg7/r2SjixMuc6lfTFeO4QGM4dQWOk= -cloud.google.com/go/translate v1.3.0/go.mod h1:gzMUwRjvOqj5i69y/LYLd8RrNQk+hOmIXTi9+nb3Djs= -cloud.google.com/go/translate v1.4.0/go.mod h1:06Dn/ppvLD6WvA5Rhdp029IX2Mi3Mn7fpMRLPvXT5Wg= -cloud.google.com/go/translate v1.5.0/go.mod h1:29YDSYveqqpA1CQFD7NQuP49xymq17RXNaUDdc0mNu0= -cloud.google.com/go/translate v1.6.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= -cloud.google.com/go/translate v1.7.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= -cloud.google.com/go/video v1.8.0/go.mod h1:sTzKFc0bUSByE8Yoh8X0mn8bMymItVGPfTuUBUyRgxk= -cloud.google.com/go/video v1.9.0/go.mod h1:0RhNKFRF5v92f8dQt0yhaHrEuH95m068JYOvLZYnJSw= -cloud.google.com/go/video v1.12.0/go.mod h1:MLQew95eTuaNDEGriQdcYn0dTwf9oWiA4uYebxM5kdg= -cloud.google.com/go/video v1.13.0/go.mod h1:ulzkYlYgCp15N2AokzKjy7MQ9ejuynOJdf1tR5lGthk= -cloud.google.com/go/video v1.14.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= -cloud.google.com/go/video v1.15.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= -cloud.google.com/go/videointelligence v1.6.0/go.mod h1:w0DIDlVRKtwPCn/C4iwZIJdvC69yInhW0cfi+p546uU= -cloud.google.com/go/videointelligence v1.7.0/go.mod h1:k8pI/1wAhjznARtVT9U1llUaFNPh7muw8QyOUpavru4= -cloud.google.com/go/videointelligence v1.8.0/go.mod h1:dIcCn4gVDdS7yte/w+koiXn5dWVplOZkE+xwG9FgK+M= -cloud.google.com/go/videointelligence v1.9.0/go.mod h1:29lVRMPDYHikk3v8EdPSaL8Ku+eMzDljjuvRs105XoU= -cloud.google.com/go/videointelligence v1.10.0/go.mod h1:LHZngX1liVtUhZvi2uNS0VQuOzNi2TkY1OakiuoUOjU= -cloud.google.com/go/vision v1.2.0/go.mod h1:SmNwgObm5DpFBme2xpyOyasvBc1aPdjvMk2bBk0tKD0= -cloud.google.com/go/vision/v2 v2.2.0/go.mod h1:uCdV4PpN1S0jyCyq8sIM42v2Y6zOLkZs+4R9LrGYwFo= -cloud.google.com/go/vision/v2 v2.3.0/go.mod h1:UO61abBx9QRMFkNBbf1D8B1LXdS2cGiiCRx0vSpZoUo= -cloud.google.com/go/vision/v2 v2.4.0/go.mod h1:VtI579ll9RpVTrdKdkMzckdnwMyX2JILb+MhPqRbPsY= -cloud.google.com/go/vision/v2 v2.5.0/go.mod h1:MmaezXOOE+IWa+cS7OhRRLK2cNv1ZL98zhqFFZaaH2E= -cloud.google.com/go/vision/v2 v2.6.0/go.mod h1:158Hes0MvOS9Z/bDMSFpjwsUrZ5fPrdwuyyvKSGAGMY= -cloud.google.com/go/vision/v2 v2.7.0/go.mod h1:H89VysHy21avemp6xcf9b9JvZHVehWbET0uT/bcuY/0= -cloud.google.com/go/vmmigration v1.2.0/go.mod h1:IRf0o7myyWFSmVR1ItrBSFLFD/rJkfDCUTO4vLlJvsE= -cloud.google.com/go/vmmigration v1.3.0/go.mod h1:oGJ6ZgGPQOFdjHuocGcLqX4lc98YQ7Ygq8YQwHh9A7g= -cloud.google.com/go/vmmigration v1.5.0/go.mod h1:E4YQ8q7/4W9gobHjQg4JJSgXXSgY21nA5r8swQV+Xxc= -cloud.google.com/go/vmmigration v1.6.0/go.mod h1:bopQ/g4z+8qXzichC7GW1w2MjbErL54rk3/C843CjfY= -cloud.google.com/go/vmwareengine v0.1.0/go.mod h1:RsdNEf/8UDvKllXhMz5J40XxDrNJNN4sagiox+OI208= -cloud.google.com/go/vmwareengine v0.2.2/go.mod h1:sKdctNJxb3KLZkE/6Oui94iw/xs9PRNC2wnNLXsHvH8= -cloud.google.com/go/vmwareengine v0.3.0/go.mod h1:wvoyMvNWdIzxMYSpH/R7y2h5h3WFkx6d+1TIsP39WGY= -cloud.google.com/go/vpcaccess v1.4.0/go.mod h1:aQHVbTWDYUR1EbTApSVvMq1EnT57ppDmQzZ3imqIk4w= -cloud.google.com/go/vpcaccess v1.5.0/go.mod h1:drmg4HLk9NkZpGfCmZ3Tz0Bwnm2+DKqViEpeEpOq0m8= -cloud.google.com/go/vpcaccess v1.6.0/go.mod h1:wX2ILaNhe7TlVa4vC5xce1bCnqE3AeH27RV31lnmZes= -cloud.google.com/go/webrisk v1.4.0/go.mod h1:Hn8X6Zr+ziE2aNd8SliSDWpEnSS1u4R9+xXZmFiHmGE= -cloud.google.com/go/webrisk v1.5.0/go.mod h1:iPG6fr52Tv7sGk0H6qUFzmL3HHZev1htXuWDEEsqMTg= -cloud.google.com/go/webrisk v1.6.0/go.mod h1:65sW9V9rOosnc9ZY7A7jsy1zoHS5W9IAXv6dGqhMQMc= -cloud.google.com/go/webrisk v1.7.0/go.mod h1:mVMHgEYH0r337nmt1JyLthzMr6YxwN1aAIEc2fTcq7A= -cloud.google.com/go/webrisk v1.8.0/go.mod h1:oJPDuamzHXgUc+b8SiHRcVInZQuybnvEW72PqTc7sSg= -cloud.google.com/go/websecurityscanner v1.3.0/go.mod h1:uImdKm2wyeXQevQJXeh8Uun/Ym1VqworNDlBXQevGMo= -cloud.google.com/go/websecurityscanner v1.4.0/go.mod h1:ebit/Fp0a+FWu5j4JOmJEV8S8CzdTkAS77oDsiSqYWQ= -cloud.google.com/go/websecurityscanner v1.5.0/go.mod h1:Y6xdCPy81yi0SQnDY1xdNTNpfY1oAgXUlcfN3B3eSng= -cloud.google.com/go/workflows v1.6.0/go.mod h1:6t9F5h/unJz41YqfBmqSASJSXccBLtD1Vwf+KmJENM0= -cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoISEXH2bcHC3M= -cloud.google.com/go/workflows v1.8.0/go.mod h1:ysGhmEajwZxGn1OhGOGKsTXc5PyxOc0vfKf5Af+to4M= -cloud.google.com/go/workflows v1.9.0/go.mod h1:ZGkj1aFIOd9c8Gerkjjq7OW7I5+l6cSvT3ujaO/WwSA= -cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw= code.gitea.io/gitea-vet v0.2.1/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFjGGfE= code.gitea.io/sdk/gitea v0.15.1 h1:WJreC7YYuxbn0UDaPuWIe/mtiNKTvLN8MLkaw71yx/M= code.gitea.io/sdk/gitea v0.15.1/go.mod h1:klY2LVI3s3NChzIk/MzMn7G1FHrfU7qd63iSMVoHRBA= -dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= -dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= dmitri.shuralyov.com/gpu/mtl v0.0.0-20201218220906-28db891af037/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8= -git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc= github.com/Azure/azure-sdk-for-go v55.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.1 h1:tz19qLF65vuu2ibfTqGVJxG/zZAI27NEIIbvAOQwYbw= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.1/go.mod h1:uGG2W01BaETf0Ozp+QxxKJdMBNRWPdstHG0Fmdwn1/U= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0 h1:QkAcEIAKbNL4KoFr4SathZPhDhF4mVwpBMFlYjyAqy8= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0/go.mod h1:bhXu1AjYL+wutSL/kpSq6s7733q2Rb0yuot9Zgfqa/0= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0 h1:jp0dGvZ7ZK0mgqnTSClMxa5xuRL7NZgHameVYF6BurY= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0/go.mod h1:eWRD7oawr1Mu1sLCawqVc0CUiF43ia3qQMxLscsKQ9w= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest/autorest v0.11.18 h1:90Y4srNYrwOtAgVo3ndrQkTYn6kf1Eg/AjTFJ8Is2aM= github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= -github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= -github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= +github.com/Azure/go-autorest/autorest/adal v0.9.13 h1:Mp5hbtOePIzM8pJVRa3YLrWWmZtoxRXqUEzCfJt3+/Q= github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= -github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= -github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= +github.com/Azure/go-autorest/autorest/mocks v0.4.1 h1:K0laFcLE6VLTOwNgSxaGbUcLPuGXlNkbVvq4cW4nIHk= github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= -github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= github.com/Azure/go-autorest/autorest/validation v0.1.0/go.mod h1:Ha3z/SqBeaalWQvokg3NZAlQTalVMtOIAs1aGK7G6u8= github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= -github.com/Azure/kubelogin v0.0.20 h1:pDJhxzUWk2f/wjYQJFb0Vet7OYrcg6DLx1qj+sbXY70= -github.com/Azure/kubelogin v0.0.20/go.mod h1:QNuYUuwM2lqho9ovG5U/yv3/ZmFbEru3Jluw2ZeKcSk= -github.com/AzureAD/microsoft-authentication-library-for-go v0.5.2 h1:BGX4OiGP9htYSd6M3pAZctcUUSruhIAUVkv2X0Cn9yE= -github.com/AzureAD/microsoft-authentication-library-for-go v0.5.2/go.mod h1:Vt9sXTKwMyGcOxSmLDMnGPgqsUg7m8pe215qMLrDXw4= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/DATA-DOG/go-sqlmock v1.3.3/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= github.com/GoogleCloudPlatform/k8s-cloud-provider v1.16.1-0.20210702024009-ea6160c1d0e3/go.mod h1:8XasY4ymP2V/tn2OOV9ZadmiTE1FIB/h3W+yNlPttKw= github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab/go.mod h1:3VYc5hodBMJ5+l/7J4xAyMeuM2PNuepvHlGs8yilUCA= github.com/Jeffail/gabs v1.4.0 h1://5fYRRTq1edjfIrQGvdkcd22pkYUrHZ5YC/H2GJVAo= github.com/Jeffail/gabs v1.4.0/go.mod h1:6xMvQMK4k33lb7GUUpaAPh6nKMmemQeg5d4gn7/bOXc= -github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk= github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible h1:1G1pk05UrOh0NlF1oeaaix1x8XzrfjIDK47TY0Zehcw= github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd h1:sjQovDkwrZp8u+gxLtPgKGjk5hCxuy2hrRejBTA9xFU= github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g= github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= -github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= -github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= github.com/Microsoft/go-winio v0.4.15/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= -github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= -github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/Microsoft/hcsshim v0.8.22/go.mod h1:91uVCVzvX2QD16sMCenoxxXo6L1wJnLMX2PSufFMtF0= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/PagerDuty/go-pagerduty v1.6.0 h1:am81SzvG5Pw+s3JZ5yEy6kGvsXXklTNRrGr3d8WKpsU= github.com/PagerDuty/go-pagerduty v1.6.0/go.mod h1:7eaBLzsDpK7VUvU0SJ5mohczQkoWrrr5CjDaw5gh1as= +github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA= github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= -github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95 h1:KLq8BE0KwCL+mmXnjLWEAOYO+2l2AE4YMmqG1ZpZHBs= -github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/RocketChat/Rocket.Chat.Go.SDK v0.0.0-20210112200207-10ab4d695d60 h1:prBTRx78AQnXzivNT9Crhu564W/zPPr3ibSlpT9xKcE= github.com/RocketChat/Rocket.Chat.Go.SDK v0.0.0-20210112200207-10ab4d695d60/go.mod h1:rjP7sIipbZcagro/6TCk6X0ZeFT2eyudH5+fve/cbBA= -github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= -github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/TomOnTime/utfutil v0.0.0-20180511104225-09c41003ee1d h1:WtAMR0fPCOfK7TPGZ8ZpLLY18HRvL7XJ3xcs0wnREgo= github.com/TomOnTime/utfutil v0.0.0-20180511104225-09c41003ee1d/go.mod h1:WML6KOYjeU8N6YyusMjj2qRvaPNUEvrQvaxuFcMRFJY= -github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ= github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= -github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= -github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm/4RlzPXRlREEwqTHAN3T56Bv2ITsFT3gY= -github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk= github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= -github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= @@ -696,46 +126,36 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a h1:HbKu58rmZpUGpz5+4FfNmIU+FmZg2P3Xaj2v2bfNWmk= github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a/go.mod h1:SGnFV6hVsYE877CKEZ6tDNTjaSXYUk6QqoIK6PrAtcc= -github.com/alicebob/miniredis/v2 v2.30.4 h1:8S4/o1/KoUArAGbGwPxcwf0krlzceva2XVOSchFS7Eo= -github.com/alicebob/miniredis/v2 v2.30.4/go.mod h1:b25qWj4fCEsBeAAR2mlb0ufImGC6uH3VlUfb/HS5zKg= -github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= +github.com/alicebob/miniredis/v2 v2.23.1 h1:jR6wZggBxwWygeXcdNyguCOCIjPsZyNUNlAkTx2fu0U= +github.com/alicebob/miniredis/v2 v2.23.1/go.mod h1:84TWKZlxYkfgMucPBf5SOQBYJceZeQRFIaQgNMiCX6Q= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= +github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= -github.com/antonmedv/expr v1.12.7 h1:jfV/l/+dHWAadLwAtESXNxXdfbK9bE4+FNMHYCMntwk= -github.com/antonmedv/expr v1.12.7/go.mod h1:FPC8iWArxls7axbVLsW+kpg1mz29A1b2M6jt+hZfDkU= -github.com/apache/arrow/go/v10 v10.0.1/go.mod h1:YvhnlEePVnBS4+0z3fhPfUy7W1Ikj0Ih0vcRo/gZ1M0= -github.com/apache/arrow/go/v11 v11.0.0/go.mod h1:Eg5OsL5H+e299f7u5ssuXsuHQVEGC4xei5aX110hRiI= -github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= -github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= -github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU= +github.com/antonmedv/expr v1.9.0 h1:j4HI3NHEdgDnN9p6oI6Ndr0G5QryMY0FNxT4ONrFDGU= +github.com/antonmedv/expr v1.9.0/go.mod h1:5qsM3oLGDND7sDmQGDXHkYfkjYMUX14qsgqmHhwGEk8= github.com/appscode/go v0.0.0-20191119085241-0887d8ec2ecc/go.mod h1:OawnOmAL4ZX3YaPdN+8HTNwBveT1jMsqP74moa9XUbE= -github.com/argoproj/gitops-engine v0.7.1-0.20230809134534-ed7c77a9290b h1:0Nttg/giUaT52BticAPRmbEMZWBDxisy+hltb1TglVM= -github.com/argoproj/gitops-engine v0.7.1-0.20230809134534-ed7c77a9290b/go.mod h1:WpA/B7tgwfz+sdNE3LqrTrb7ArEY1FOPI2pAGI0hfPc= -github.com/argoproj/notifications-engine v0.4.1-0.20230620204159-3446d4ae8520 h1:ZCpg1Zk78E8QxMI52w6ZIddxkBHv27YWmfWQdxxWUkw= -github.com/argoproj/notifications-engine v0.4.1-0.20230620204159-3446d4ae8520/go.mod h1:sbhf4EjAUGAqRdHIzifDIiWsjlsTfmytVJJCCiUdyVA= -github.com/argoproj/pkg v0.13.7-0.20230626144333-d56162821bd1 h1:qsHwwOJ21K2Ao0xPju1sNuqphyMnMYkyB3ZLoLtxWpo= -github.com/argoproj/pkg v0.13.7-0.20230626144333-d56162821bd1/go.mod h1:CZHlkyAD1/+FbEn6cB2DQTj48IoLGvEYsWEvtzP3238= +github.com/argoproj/gitops-engine v0.7.1-0.20230526233214-ad9a694fe4bc h1:i6OgOvFFsoWiGBFEhhDNcYoRtxxtrVwcD7wCEeqhct4= +github.com/argoproj/gitops-engine v0.7.1-0.20230526233214-ad9a694fe4bc/go.mod h1:WpA/B7tgwfz+sdNE3LqrTrb7ArEY1FOPI2pAGI0hfPc= +github.com/argoproj/notifications-engine v0.4.1-0.20230228182525-f754726f03da h1:Vf9xvHcXn4TP/nLIfWn+TaC521V9fpz/DwRP6uEeVR8= +github.com/argoproj/notifications-engine v0.4.1-0.20230228182525-f754726f03da/go.mod h1:05koR0gE/O0i5YDbidg1dpr76XitK4DJveh+dIAq6e8= +github.com/argoproj/pkg v0.13.7-0.20230627120311-a4dd357b057e h1:kuLQvJqwwRMQTheT4MFyKVM8Txncu21CHT4yBWUl1Mk= +github.com/argoproj/pkg v0.13.7-0.20230627120311-a4dd357b057e/go.mod h1:xBN5PLx2MoK63dmPfMo/PGBvd77K1Y0m/rzZOe4cs1s= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a/go.mod h1:DAHtR1m6lCRdSC2Tm3DSWRPvIPr6xNKyeHdqDQSQT+A= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= -github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ= +github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/auth0/go-jwt-middleware v1.0.1/go.mod h1:YSeUX3z6+TF2H+7padiEqNJ73Zy9vXW72U//IgN0BIM= -github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= -github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.35.24/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k= github.com/aws/aws-sdk-go v1.38.49/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= -github.com/aws/aws-sdk-go v1.44.289/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= -github.com/aws/aws-sdk-go v1.44.317 h1:+8XWrLmGMwPPXSRSLPzhgcGnzJ2mYkgkrcB9C/GnSOU= -github.com/aws/aws-sdk-go v1.44.317/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= -github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= +github.com/aws/aws-sdk-go v1.44.290 h1:Md4+os9DQtJjow0lWLMzeJljsimD+XS2xwwHDr5Z+Lk= +github.com/aws/aws-sdk-go v1.44.290/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/beevik/ntp v0.2.0/go.mod h1:hIHWr+l3+/clUnF44zdK+CWW7fO8dR5cIylAQ76NRpg= github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= @@ -748,32 +168,21 @@ github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJm github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= -github.com/bmatcuk/doublestar/v4 v4.6.0 h1:HTuxyug8GyFbRkrffIpzNCSK4luc0TY3wzXvzIZhEXc= -github.com/bmatcuk/doublestar/v4 v4.6.0/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps= github.com/bombsimon/logrusr/v2 v2.0.1 h1:1VgxVNQMCvjirZIYaT9JYn6sAVGVEcNtRE0y4mvaOAM= github.com/bombsimon/logrusr/v2 v2.0.1/go.mod h1:ByVAX+vHdLGAfdroiMg6q0zgq2FODY2lc5YJvzmOJio= -github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/bradleyfalzon/ghinstallation/v2 v2.6.0 h1:IRY7Xy588KylkoycsUhFpW7cdGpy5Y5BPsz4IfuJtGk= -github.com/bradleyfalzon/ghinstallation/v2 v2.6.0/go.mod h1:oQ3etOwN3TRH4EwgW5/7MxSVMGlMlzG/O8TU7eYdoSk= -github.com/bsm/ginkgo/v2 v2.7.0 h1:ItPMPH90RbmZJt5GtkcNvIRuGEdwlBItdNVoyzaNQao= -github.com/bsm/gomega v1.26.0 h1:LhQm+AFcgV2M0WyKroMASzAzCAJVpAxQXv4SaI9a69Y= -github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= +github.com/bradleyfalzon/ghinstallation/v2 v2.1.0 h1:5+NghM1Zred9Z078QEZtm28G/kfDfZN/92gkDlLwGVA= +github.com/bradleyfalzon/ghinstallation/v2 v2.1.0/go.mod h1:Xg3xPRN5Mcq6GDqeUVhFbjEWMb4JHCyWEeeBGEYQoTU= +github.com/bsm/ginkgo/v2 v2.5.0 h1:aOAnND1T40wEdAtkGSkvSICWeQ8L3UASX7YVCqQx+eQ= +github.com/bsm/gomega v1.20.0 h1:JhAwLmtRzXFTx2AkALSLa8ijZafntmhSoU63Ok18Uq8= github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= -github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/bwmarrin/discordgo v0.19.0/go.mod h1:O9S4p+ofTFwB02em7jkpkV8M3R0/PUVOwN61zSZ0r4Q= -github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ= -github.com/casbin/casbin/v2 v2.73.0 h1:Qgy70fd90wXrDvSLBAFrDBNYv34lCqppK24vF0OHv/M= -github.com/casbin/casbin/v2 v2.73.0/go.mod h1:mzGx0hYW9/ksOSpw3wNjk3NRAroq5VMFYUQ6G43iGPk= +github.com/casbin/casbin/v2 v2.60.0 h1:ZmC0/t4wolfEsDpDxTEsu2z6dfbMNpc11F52ceLs2Eo= +github.com/casbin/casbin/v2 v2.60.0/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg= github.com/cenkalti/backoff v2.1.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= -github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= -github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= -github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= -github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/cenkalti/backoff/v4 v4.1.3 h1:cFAlzYUlVYDysBEH2T5hyJZMh3+5+WCBvSnK6Q8UtC4= +github.com/cenkalti/backoff/v4 v4.1.3/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= @@ -790,7 +199,6 @@ github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5P github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA= -github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs= @@ -800,21 +208,14 @@ github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGX github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20230310173818-32f1caf87195/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= -github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= -github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI= github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0/go.mod h1:4Zcjuz89kmFXt9morQgcfYZAYZ5n8WHjt81YYWIwtTM= github.com/codeskyblue/go-sh v0.0.0-20190412065543-76bd3d59ff27/go.mod h1:VQx0hjo2oUeQkQUET7wRwradO6f+fN5jzXgB/zROxxE= github.com/container-storage-interface/spec v1.5.0/go.mod h1:8K96oQNkJ7pFcC2R9Z1ynGGBB1I93kcS6PGg3SsOk8s= @@ -835,65 +236,53 @@ github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkE github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-oidc/v3 v3.6.0 h1:AKVxfYw1Gmkn/w96z0DbT/B/xFnzTd3MkZvWLjF4n/o= -github.com/coreos/go-oidc/v3 v3.6.0/go.mod h1:ZpHUsHBucTUj6WOkrP4E20UPynbLZzhTQ1XKCXkxyPc= +github.com/coreos/go-oidc/v3 v3.4.0 h1:xz7elHb/LDwm/ERpwHd+5nb7wFHL32rsr6bBOgaeu6g= +github.com/coreos/go-oidc/v3 v3.4.0/go.mod h1:eHUXhZtXPQLgEaDrOVTgwbgmz1xGOkJNye6h3zkD2Pw= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.11 h1:07n33Z8lZxZ2qwegKbObQohDhXDQxiMMz1NOUGYlesw= github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI= github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= +github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/daviddengcn/go-colortext v0.0.0-20160507010035-511bcaf42ccd/go.mod h1:dv4zxwHi5C/8AeI+4gX4dCWOIvNi7I6JCSX0HvlKPgE= github.com/deckarep/golang-set v1.7.1/go.mod h1:93vsz/8Wt4joVM7c2AVqh+YRMiUSc14yDtF28KmMOgQ= -github.com/desertbit/timer v0.0.0-20180107155436-c41aec40b27f h1:U5y3Y5UE0w7amNe7Z5G/twsBW0KEalRQXZzf8ufSh9I= -github.com/desertbit/timer v0.0.0-20180107155436-c41aec40b27f/go.mod h1:xH/i4TFMt8koVQZ6WFms69WAsDWr2XsYL3Hkl7jkoLE= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/dnaeon/go-vcr v1.1.0 h1:ReYa/UBrRyQdant9B4fNHGoCNKw6qh6P0fsdGmZpR7c= github.com/docker/distribution v2.8.0+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= -github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v20.10.12+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= -github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= -github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= -github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= -github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful/v3 v3.8.0 h1:eCZ8ulSerjdAiaNpF7GxXIE7ZCMo1moN1qX+S609eVw= github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= -github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -903,13 +292,7 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.m github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= -github.com/envoyproxy/go-control-plane v0.10.3/go.mod h1:fJJn/j26vwOu972OllsvAgJJM//w9BV6Fxbg2LuVd34= -github.com/envoyproxy/go-control-plane v0.11.0/go.mod h1:VnHyVMpzcLvCFt9yUz1UnCwHLhwx1WguiVDV7pTG/tI= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo= -github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w= -github.com/envoyproxy/protoc-gen-validate v0.10.0/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss= -github.com/envoyproxy/protoc-gen-validate v0.10.1 h1:c0g45+xCJhdgFGw7a5QAfdS4byAbud7miNWJ1WwEVf8= github.com/euank/go-kmsg-parser v2.0.0+incompatible/go.mod h1:MhmAMZ8V4CYH4ybgdRwPr2TU5ThnS43puaKEMpja1uw= github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= @@ -924,76 +307,64 @@ github.com/facebookgo/subset v0.0.0-20150612182917-8dac2c3c4870/go.mod h1:5tD+ne github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/fatih/color v1.12.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM= github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/flowstack/go-jsonschema v0.1.1/go.mod h1:yL7fNggx1o8rm9RlgXv7hTBWxdBM0rVwpMwimd3F3N0= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= -github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c= github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4= -github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20= -github.com/frankban/quicktest v1.2.2/go.mod h1:Qh/WofXFeiAFII1aEBu529AtJo6Zg2VHscnEsbBnJ20= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= -github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/fvbommel/sortorder v1.0.1 h1:dSnXLt4mJYH25uDDGa3biZNQsozaUWDSWeKJ0qqFfzE= github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= +github.com/gdamore/encoding v1.0.0/go.mod h1:alR0ol34c49FCSBLjhosxzcPHQbf2trDkoo5dl+VrEg= +github.com/gdamore/tcell v1.3.0/go.mod h1:Hjvr+Ofd+gLglo7RYKxxnzCBmev3BzsS67MebKS4zMM= github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/gfleury/go-bitbucket-v1 v0.0.0-20220301131131-8e7ed04b843e h1:C3DkNr9pxqXqCrmRHO7s3XgZS3zpi9GEA01GuWZODfo= github.com/gfleury/go-bitbucket-v1 v0.0.0-20220301131131-8e7ed04b843e/go.mod h1:LB3osS9X2JMYmTzcCArHHLrndBAfcVLQAvUddfs+ONs= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= github.com/gin-gonic/gin v1.5.0/go.mod h1:Nd6IXA8m5kNZdNEHMBd93KT+mdY3+bewLgRvmCsR2Do= -github.com/gin-gonic/gin v1.6.3 h1:ahKqKTFpO5KTPHxWZjEdPScmYaGtLo8Y4DMHoEsnp14= -github.com/gin-gonic/gin v1.6.3/go.mod h1:75u5sXoLsGZoRN5Sgbi1eraJ4GU3++wFwWzhwvtwp4M= github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= +github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= +github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= -github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= -github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g= -github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks= -github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= -github.com/go-fonts/liberation v0.2.0/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= -github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= -github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= -github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= +github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= +github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= +github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= github.com/go-git/go-billy/v5 v5.4.1/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= -github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f h1:Pz0DHeFij3XFhoBRGUDPzSJ+w2UcK5/0JvF8DRI58r8= -github.com/go-git/go-git/v5 v5.8.1 h1:Zo79E4p7TRk0xoRgMq0RShiTHGKcKI4+DI6BfJc/Q+A= -github.com/go-git/go-git/v5 v5.8.1/go.mod h1:FHFuoD6yGz5OSKEBK+aWN9Oah0q54Jxl0abmj6GnqAo= +github.com/go-git/go-git-fixtures/v4 v4.3.1 h1:y5z6dd3qi8Hl+stezc8p3JxDkoTRqMAlKnXHuzrfjTQ= +github.com/go-git/go-git-fixtures/v4 v4.3.1/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= +github.com/go-git/go-git/v5 v5.6.1 h1:q4ZRqQl4pR/ZJHc1L5CFjGA1a10u76aV1iC+nh+bHsk= +github.com/go-git/go-git/v5 v5.6.1/go.mod h1:mvyoL6Unz0PiTQrGQfSfiLFhBH1c1e84ylC2MDs4ee8= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo= -github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U= -github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk= +github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.0.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.0 h1:n4JnPI1T3Qq1SFEi/F8rwLrZERp2bso19PJZDB9dayk= @@ -1003,9 +374,8 @@ github.com/go-openapi/analysis v0.21.4 h1:ZDFLvSNxpDaomuCueM0BlSXxpANBlFYiBvr+GX github.com/go-openapi/analysis v0.21.4/go.mod h1:4zQ35W4neeZTqh3ol0rv/O8JBbka9QyAgQRPp9y3pfo= github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.20.2 h1:dxy7PGTqEh94zj2E3h1cUmQQWiM1+aeCROfAr02EmK8= github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= -github.com/go-openapi/errors v0.20.3 h1:rz6kiC84sqNQoqrtulzaL/VERgkoCyB6WdEkc2ujzUc= -github.com/go-openapi/errors v0.20.3/go.mod h1:Z3FlZ4I8jEGxjUK+bugx3on2mIAk4txuAOhlsB1FSgk= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= @@ -1017,42 +387,27 @@ github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXym github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= github.com/go-openapi/loads v0.21.2 h1:r2a/xFIYeZ4Qd2TnGpWDIQNcP80dIaZgf704za8enro= github.com/go-openapi/loads v0.21.2/go.mod h1:Jq58Os6SSGz0rzh62ptiu8Z31I+OTHqmULx5e/gJbNw= -github.com/go-openapi/runtime v0.26.0 h1:HYOFtG00FM1UvqrcxbEJg/SwvDRvYLQKGhw2zaQjTcc= -github.com/go-openapi/runtime v0.26.0/go.mod h1:QgRGeZwrUcSHdeh4Ka9Glvo0ug1LC5WyE+EV88plZrQ= +github.com/go-openapi/runtime v0.25.0 h1:7yQTCdRbWhX8vnIjdzU8S00tBYf7Sg71EBeorlPHvhc= +github.com/go-openapi/runtime v0.25.0/go.mod h1:Ux6fikcHXyyob6LNWxtE96hWwjBPYF0DXgVFuMTneOs= github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I= +github.com/go-openapi/spec v0.20.6 h1:ich1RQ3WDbfoeTqTAb+5EIxNmpKVJZWBNah9RAT0jIQ= github.com/go-openapi/spec v0.20.6/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= -github.com/go-openapi/spec v0.20.8 h1:ubHmXNY3FCIOinT8RNrrPfGc9t7I1qhPtdOGoG2AxRU= -github.com/go-openapi/spec v0.20.8/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= github.com/go-openapi/strfmt v0.21.0/go.mod h1:ZRQ409bWMj+SOgXofQAGTIo2Ebu72Gs+WaRADcS5iNg= github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= +github.com/go-openapi/strfmt v0.21.3 h1:xwhj5X6CjXEZZHMWy1zKJxvW9AfHC9pkyUjLvHtKG7o= github.com/go-openapi/strfmt v0.21.3/go.mod h1:k+RzNO0Da+k3FrrynSNN8F7n/peCmQQqbbXjtDfvmGg= -github.com/go-openapi/strfmt v0.21.7 h1:rspiXgNWgeUzhjo1YU01do6qsahtJNByjLVbPLNHb8k= -github.com/go-openapi/strfmt v0.21.7/go.mod h1:adeGTkxE44sPyLk0JV235VQAO/ZXUr8KAzYjclFs3ew= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.21.1 h1:wm0rhTb5z7qpJRHBdPOMuY4QjVUMbF6/kwoYeRAOrKU= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/validate v0.22.1 h1:G+c2ub6q47kfX1sOBLwIQwzBVt8qmOAARyo/9Fqs9NU= -github.com/go-openapi/validate v0.22.1/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= +github.com/go-openapi/validate v0.21.0 h1:+Wqk39yKOhfpLqNLEC0/eViCkzM5FVXVqrvt526+wcI= +github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-ozzo/ozzo-validation v3.5.0+incompatible/go.mod h1:gsEKFIVnabGBt6mXmxK0MoFy+cZoTJY6mu5Ll3LVLBU= -github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= -github.com/go-pdf/fpdf v0.6.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= -github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= github.com/go-playground/locales v0.12.1/go.mod h1:IUMDtCfWo/w/mtMfIE/IG2K+Ey3ygWanZIBtBW0W2TM= -github.com/go-playground/locales v0.13.0 h1:HyWk6mgj5qFqCT5fjGBuRArbVDfE4hi8+e8ceBS/t7Q= -github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= github.com/go-playground/universal-translator v0.16.0/go.mod h1:1AnU7NaIRDWWzGEKwgtJRd2xk99HeFyHw3yid4rvQIY= -github.com/go-playground/universal-translator v0.17.0 h1:icxd5fm+REJzpZx7ZfpaD876Lmtgy7VtROAbHHXk8no= -github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= -github.com/go-playground/validator/v10 v10.2.0 h1:KgJ0snyC2R9VXYN2rneOtQcw5aHQB1Vv0sFl1UcHBOY= -github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI= -github.com/go-playground/webhooks/v6 v6.2.1-0.20230808162451-10570b0a59e8 h1:QDFjrpOZagU8KEpSCF0WvBKOGq2GYuVZ4ZDg/gelrEE= -github.com/go-playground/webhooks/v6 v6.2.1-0.20230808162451-10570b0a59e8/go.mod h1:GCocmfMtpJdkEOM1uG9p2nXzg1kY5X/LtvQgtPHUaaA= github.com/go-redis/cache/v9 v9.0.0 h1:0thdtFo0xJi0/WXbRVu8B066z8OvVymXTJGaXrVWnN0= github.com/go-redis/cache/v9 v9.0.0/go.mod h1:cMwi1N8ASBOufbIvk7cdXe2PbPjK/WMRL95FFHWsSgI= -github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1 h1:wG8n/XJQ07TmjbITcGiUaOtXxdrINDz1b0J1w0SzqDc= @@ -1085,39 +440,24 @@ github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/V github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= -github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee h1:s+21KNqlpePfkah2I+gwHF8xmJWRjooY+5248k6m4A0= -github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo= -github.com/gobwas/pool v0.2.0 h1:QEmUOlnSjWtnpRGHF3SauEiOsy82Cup83Vf2LcMlnc8= -github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= -github.com/gobwas/ws v1.0.2 h1:CoAavW/wd/kulfZmSIBt6p24n4j7tHgNVCjsfHVNUbo= -github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/EM= -github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= -github.com/gogits/go-gogs-client v0.0.0-20200905025246-8bb8a50cb355 h1:HTVNOdTWO/gHYeFnr/HwpYwY6tgMcYd+Rgf1XrHnORY= -github.com/gogits/go-gogs-client v0.0.0-20200905025246-8bb8a50cb355/go.mod h1:cY2AIrMgHm6oOHmR7jY+9TtjzSjQ3iG7tURJG3Y6XH0= -github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s= +github.com/gogits/go-gogs-client v0.0.0-20190616193657-5a05380e4bc2 h1:BbwX8wsMRDZRdNYxAna+4ls3wvMKJyn4PT6Zk1CPxP4= +github.com/gogits/go-gogs-client v0.0.0-20190616193657-5a05380e4bc2/go.mod h1:cY2AIrMgHm6oOHmR7jY+9TtjzSjQ3iG7tURJG3Y6XH0= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= -github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= -github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= -github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= -github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.4.3 h1:Hxl6lhQFj4AnOX6MLrsCb/+7tCj7DxP7VA+2rDIq5AU= +github.com/golang-jwt/jwt/v4 v4.4.3/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ= github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= -github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE= -github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ= -github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -1136,25 +476,19 @@ github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golangplus/testing v0.0.0-20180327235837-af21d9c3145e/go.mod h1:0AA//k/eakGydO4jKRoRL2j92ZKSzTgj9tclaCrvXHk= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= -github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= github.com/google/cadvisor v0.44.1/go.mod h1:GQ9KQfz0iNHQk3D6ftzJWK4TXabfIgM10Oy3FkR+Gzg= github.com/google/cel-go v0.10.1/go.mod h1:U7ayypeSkw23szu4GaQTPJGx66c20mx8JklMSxrmI1w= github.com/google/cel-spec v0.6.0/go.mod h1:Nwjgxy5CbjlPrtCWjeDjUyKMl8w41YBYGjsyDdqk0xA= -github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= +github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= -github.com/google/gnostic v0.6.9 h1:ZK/5VhkoX835RikCHpSUJV9a+S3e1zLh59YnyWeBW+0= -github.com/google/gnostic v0.6.9/go.mod h1:Nm8234We1lq6iB9OmlgNv3nH91XLLVZHCDayfA3xq+E= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.2.1-0.20190312032427-6f77996f0c42/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= @@ -1174,22 +508,20 @@ github.com/google/go-github/v35 v35.3.0 h1:fU+WBzuukn0VssbayTT+Zo3/ESKX9JYWjbZTL github.com/google/go-github/v35 v35.3.0/go.mod h1:yWB7uCcVWaUbUP74Aq3whuMySRMatyRmq5U9FTNlbio= github.com/google/go-github/v41 v41.0.0 h1:HseJrM2JFf2vfiZJ8anY2hqBjdfY1Vlj/K27ueww4gg= github.com/google/go-github/v41 v41.0.0/go.mod h1:XgmCA5H323A9rtgExdTcnDkcqp6S30AVACCBDOonIxg= -github.com/google/go-github/v53 v53.2.0 h1:wvz3FyF53v4BK+AsnvCmeNhf8AkTaeh2SoYu/XUvTtI= -github.com/google/go-github/v53 v53.2.0/go.mod h1:XhFRObz+m/l+UCm9b7KSIC3lT3NWSXGt7mOsAWEloao= -github.com/google/go-jsonnet v0.20.0 h1:WG4TTSARuV7bSm4PMB4ohjxe33IHT5WVTrJSU33uT4g= -github.com/google/go-jsonnet v0.20.0/go.mod h1:VbgWF9JX7ztlv770x/TolZNGGFfiHEVx9G6ca2eUmeA= +github.com/google/go-github/v45 v45.2.0 h1:5oRLszbrkvxDDqBCNj2hjDZMKmvexaZ1xw/FCD+K3FI= +github.com/google/go-github/v45 v45.2.0/go.mod h1:FObaZJEDSTa/WGCzZ2Z3eoCDXWJKMenWWTrd8jrta28= +github.com/google/go-jsonnet v0.19.1 h1:MORxkrG0elylUqh36R4AcSPX0oZQa9hvI3lroN+kDhs= +github.com/google/go-jsonnet v0.19.1/go.mod h1:5JVT33JVCoehdTj5Z2KJq1eIdt3Nb8PCmZ+W5D8U350= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= -github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= @@ -1199,7 +531,6 @@ github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= @@ -1207,21 +538,13 @@ github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/s2a-go v0.1.0/go.mod h1:OJpEgntRZo8ugHpF9hkoLJbS5dSI20XZeXJ9JVywLlM= -github.com/google/s2a-go v0.1.3/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= -github.com/google/s2a-go v0.1.4/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= -github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= -github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= -github.com/googleapis/enterprise-certificate-proxy v0.2.1/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= -github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= @@ -1229,35 +552,21 @@ github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0 github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM= github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM= github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c= -github.com/googleapis/gax-go/v2 v2.5.1/go.mod h1:h6B0KMMFNtI2ddbGJn3T3ZbwkeT6yqEF02fYlzkUCyo= -github.com/googleapis/gax-go/v2 v2.6.0/go.mod h1:1mjbznJAPHFpesgE5ucqfYEscaz5kMdcIDwU/6+DDoY= -github.com/googleapis/gax-go/v2 v2.7.0/go.mod h1:TEop28CZZQ2y+c0VxMUmu1lV+fQx57QpBWsYpwqHJx8= -github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= -github.com/googleapis/gax-go/v2 v2.8.0/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= -github.com/googleapis/gax-go/v2 v2.10.0/go.mod h1:4UOEnMCrxsSqQ940WnTiD6qJ63le2ev3xfyagutxiPw= -github.com/googleapis/gax-go/v2 v2.11.0/go.mod h1:DxmR61SGKkGLa2xigwuZIQpkCI2S5iydzRfb3peWZJI= github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= -github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gopackage/ddp v0.0.0-20170117053602-652027933df4 h1:4EZlYQIiyecYJlUbVkFXCXHz1QPhVXcHnQKAzBTPfQo= github.com/gopackage/ddp v0.0.0-20170117053602-652027933df4/go.mod h1:lEO7XoHJ/xNRBCxrn4h/CEB67h0kW1B0t4ooP2yrjUA= github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gopherjs/gopherjs v0.0.0-20200217142428-fce0ec30dd00/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= -github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= -github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gosimple/slug v1.13.1 h1:bQ+kpX9Qa6tHRaK+fZR0A0M2Kd7Pa5eHPPsb1JpHD+Q= github.com/gosimple/slug v1.13.1/go.mod h1:UiRaFH+GEilHstLUmcBgWcI42viBN7mAb818JrYOeFQ= github.com/gosimple/unidecode v1.0.1 h1:hZzFTMMqSswvf0LBJZCZgThIZrpDHFXux9KeGmn6T/o= @@ -1268,22 +577,16 @@ github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:Fecb github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.2.2/go.mod h1:EaizFBKfUKtMIF5iaDEhniwNedqGo9FuLFzppDr3uwI= +github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 h1:+9834+KizmvFV7pXQGSXQTsaWhq2GjuNUt0aUU0YBYw= github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y= -github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 h1:UH//fgunKIs4JdUbpDl1VZCDaL56wXCB/5+wF6uHfaI= -github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92BcuyuQ/YW4NSIpoGtfXNho= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 h1:BZHcxBETFHIdVyhyEfOvn/RdU/QGdLI4y34qQGjGWO0= github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3 h1:lLT7ZLSzGLI08vc9cpd+tYmNWjdKDqyr/2L+f6U12Fk= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3/go.mod h1:o//XUCC/F+yRGJoPO/VU0GSB0f8Nhgmxx0VIRUvaC0w= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= -github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= -github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= @@ -1295,14 +598,13 @@ github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjh github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-retryablehttp v0.5.1/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= -github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= +github.com/hashicorp/go-retryablehttp v0.7.0 h1:eu1EI/mbirUgP5C8hVsTNaGZreBDlYiwC1FZWkvQPQ4= +github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.2.1 h1:zEfKbn2+PDgroKdiOzqiE8rsmLqU2uwi5PB5pBJ3TkI= github.com/hashicorp/go-version v1.2.1/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= @@ -1319,23 +621,20 @@ github.com/howeyc/gopass v0.0.0-20170109162249-bf9dde6d0d2c/go.mod h1:lADxMC39cJ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/huandu/xstrings v1.3.3 h1:/Gcsuc1x8JVbJ9/rlye4xZnVAbEkGauT8lbebqcQws4= github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= -github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg= -github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= -github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= -github.com/improbable-eng/grpc-web v0.15.0 h1:BN+7z6uNXZ1tQGcNAuaU1YjsLTApzkjt2tzCixLaUPQ= -github.com/improbable-eng/grpc-web v0.15.0/go.mod h1:1sy9HKV4Jt9aEs9JSnkWlRJPuPtwNr0l57L4f878wP8= +github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= +github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= +github.com/improbable-eng/grpc-web v0.0.0-20181111100011-16092bd1d58a h1:RweVA0vnEyStwtAelyGmnU8ENDnwd1Q7pQr7U3J/rXo= +github.com/improbable-eng/grpc-web v0.0.0-20181111100011-16092bd1d58a/go.mod h1:6hRR09jOEG81ADP5wCQju1z71g6OL4eEvELdran/3cs= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo= github.com/ishidawataru/sctp v0.0.0-20190723014705-7c296d48a2b5/go.mod h1:DM4VvS+hD/kDi1U1QsX2fnZowwBhqD0Dk3bRPKF/Oc8= -github.com/itchyny/gojq v0.12.13 h1:IxyYlHYIlspQHHTE0f3cJF0NKDMfajxViuhBLnHd/QU= -github.com/itchyny/gojq v0.12.13/go.mod h1:JzwzAqenfhrPUuwbmEz3nu3JQmFLlQTQMUcOdnu/Sf4= +github.com/itchyny/gojq v0.12.10 h1:6TcS0VYWS6wgntpF/4tnrzwdCMjiTxRAxIqZWfDsDQU= +github.com/itchyny/gojq v0.12.10/go.mod h1:o3FT8Gkbg/geT4pLI0tF3hvip5F3Y/uskjRz9OYa38g= github.com/itchyny/timefmt-go v0.1.5 h1:G0INE2la8S6ru/ZI5JecgyzbbJNs5lG1RcBqa7Jm6GE= github.com/itchyny/timefmt-go v0.1.5/go.mod h1:nEP7L+2YmAbT2kZ2HfSs1d8Xtw9LY8D2stDBckWakZ8= github.com/jaytaylor/html2text v0.0.0-20190408195923-01ec452cbe43/go.mod h1:CVKlgaMiht+LXvHG173ujK6JUhZXKb2u/BQtjPDIvyk= @@ -1344,7 +643,7 @@ github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i github.com/jeremywohl/flatten v1.0.1 h1:LrsxmB3hfwJuE+ptGOijix1PIfOoKLJ3Uee/mzbgtrs= github.com/jeremywohl/flatten v1.0.1/go.mod h1:4AmD/VxjWcI5SRB0n6szE2A6s2fsNHDLO0nAlMHgfLQ= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= @@ -1358,8 +657,6 @@ github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFF github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -1369,7 +666,6 @@ github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/X github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= -github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= github.com/k0kubun/pp v3.0.1+incompatible/go.mod h1:GWse8YhT0p8pT4ir3ZgBbfZild3tgzSScAn6HmfYukg= @@ -1384,15 +680,10 @@ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvW github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/asmfmt v1.3.2/go.mod h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE= -github.com/klauspost/compress v1.10.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.11.7/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI= github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= -github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.2.3/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -1403,32 +694,24 @@ github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFB github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= -github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/ktrysmt/go-bitbucket v0.9.63 h1:Dfcl+h0FV2yRDWjyFkI1OnyzmkHn7zy9ljT0kgrkbX8= -github.com/ktrysmt/go-bitbucket v0.9.63/go.mod h1:QvxNfWkVjw8mPuvfGOgWHuv51P5yZKFqXdPh0JeG8B8= -github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/ktrysmt/go-bitbucket v0.9.55 h1:eOrF7wWmG4wz5iPr7ymgyWLoti2OfmrhU2tmT6yhAu8= +github.com/ktrysmt/go-bitbucket v0.9.55/go.mod h1:y5wrrDHCGUFAtuC43GyLBeFigq7rwrh4HqeDOOyZT+A= github.com/leodido/go-urn v1.1.0/go.mod h1:+cyI34gQWZcE1eQU7NVgKkkzdXDQHr1dBMtdAPozLkw= -github.com/leodido/go-urn v1.2.0 h1:hpXL4XnriNwQ/ABnpepYM/1vCLWNDfUNts8dX3xTG6Y= -github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= github.com/libopenstorage/openstorage v1.0.0/go.mod h1:Sp1sIObHjat1BeXhfMqLZ14wnOzEhNx2YQedreMcUyc= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= -github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM= -github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/lpabon/godbc v0.1.1/go.mod h1:Jo9QV0cf3U6jZABgiJ2skINAXb9j8m51r07g4KI92ZA= +github.com/lucasb-eyer/go-colorful v1.0.2/go.mod h1:0MS4r+7BZKSJ5mw4/S5MPN+qHFF1fYclkSPilDOKW0s= +github.com/lucasb-eyer/go-colorful v1.0.3/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0= github.com/lusis/go-slackbot v0.0.0-20180109053408-401027ccfef5/go.mod h1:c2mYKRyMb1BPkO5St0c/ps62L4S0W2NAkaTXj9qEI+0= github.com/lusis/slack-test v0.0.0-20190426140909-c40012f20018/go.mod h1:sFlOUpQL1YcjhFVXhg1CG8ZASEs/Mf1oVb6H75JL/zg= -github.com/lyft/protoc-gen-star v0.6.0/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= -github.com/lyft/protoc-gen-star v0.6.1/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= -github.com/lyft/protoc-gen-star/v2 v2.0.1/go.mod h1:RcCdONR2ScXaYnQC5tUzxzlpA3WVYF7/opLeUgcQs/o= -github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= @@ -1447,33 +730,28 @@ github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= +github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= +github.com/mattn/go-runewidth v0.0.8/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= -github.com/mattn/go-sqlite3 v1.14.14/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/mattn/go-zglob v0.0.4 h1:LQi2iOm0/fGgu80AioIJ/1j9w9Oh+9DZ39J4VAGzHQM= github.com/mattn/go-zglob v0.0.4/go.mod h1:MxxjyoXXnMxfIpxTK2GAkw1w8glPsQILx3N5wrKakiY= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/microsoft/azure-devops-go-api/azuredevops v1.0.0-b5 h1:YH424zrwLTlyHSH/GzLMJeu5zhYVZSx5RQxGKm1h96s= github.com/microsoft/azure-devops-go-api/azuredevops v1.0.0-b5/go.mod h1:PoGiBqKSQK1vIfQ+yVaFcGjDySHvym6FM1cNYnwzbrY= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/mindprince/gonvml v0.0.0-20190828220739-9ebdce4bb989/go.mod h1:2eu9pRWp8mo84xCg6KswZ+USQHjwgRhNp06sozOdsTY= -github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY= -github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8IeTMnF8JTXieKnO4Z6JCsikNEzj0DwauVzE= github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM= github.com/minio/minio-go/v7 v7.0.58/go.mod h1:NUDy4A4oXPq1l2yK6LTSvCEzAMeIcoz9lcj5dbzSrRE= github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= @@ -1489,13 +767,15 @@ github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUb github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/mapstructure v0.0.0-20180220230111-00c29f56e238/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= -github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGgCcyj8cs= +github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/mmcloughlin/avo v0.5.0/go.mod h1:ChHFdoV7ql95Wi7vuq2YT1bwCJqiWdZrQ1im3VujLYM= github.com/moby/ipvs v1.0.1/go.mod h1:2pngiyseZbIKXNv7hsKj3O9UEz30c53MT9005gt2hxQ= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= @@ -1514,7 +794,6 @@ github.com/mohae/deepcopy v0.0.0-20170603005431-491d3605edfb/go.mod h1:TaXosZuwd github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0= github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= -github.com/montanaflynn/stats v0.6.6/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= @@ -1525,25 +804,14 @@ github.com/mvdan/xurls v1.1.0/go.mod h1:tQlNn3BED8bE/15hnSL2HLkDeLWpNPAwtw7wkEq4 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f h1:KUppIJq7/+SVif2QVs3tOP0zanoHgBEVAwHxUSIzRqU= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mwitkow/grpc-proxy v0.0.0-20181017164139-0f1106ef9c76/go.mod h1:x5OoJHDHqxHS801UIuhqGl6QdSAEJvtausosHSdazIo= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg= -github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU= -github.com/nats-io/nats-server/v2 v2.1.2/go.mod h1:Afk+wRZqkMQs/p45uXdrVLuab3gwv3Z8C4HTBu8GD/k= -github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w= -github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= -github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= -github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nlopes/slack v0.5.0/go.mod h1:jVI4BBK3lSktibKahxBF74txcK2vyvkza1z/+rRnVAM= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs= -github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= github.com/olekukonko/tablewriter v0.0.1/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= github.com/olekukonko/tablewriter v0.0.4/go.mod h1:zq6QwlOf5SlnkVbMSr5EoBv3636FWnp+qbPhuoO21uA= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= @@ -1551,7 +819,6 @@ github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6 github.com/oliveagle/jsonpath v0.0.0-20180606110733-2e52cf6e6852/go.mod h1:eqOVx5Vwu4gd2mmMZvVZsgIqNSaW3xxRThUJ0k/TPk4= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= @@ -1568,7 +835,6 @@ github.com/onsi/ginkgo/v2 v2.5.0/go.mod h1:Luc4sArBICYCS8THh8v3i3i5CuSZO+RaQRaJo github.com/onsi/ginkgo/v2 v2.7.0 h1:/XxtEV3I3Eif/HobnVx9YmJgk8ENdRsuUmM+fLCFNow= github.com/onsi/ginkgo/v2 v2.7.0/go.mod h1:yjiuMwPokqY1XauOgju45q3sJt6VzQ/Fict1LFVcsAo= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= @@ -1582,142 +848,100 @@ github.com/onsi/gomega v1.24.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2 github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= github.com/onsi/gomega v1.25.0 h1:Vw7br2PCDYijJHSfBOWhov+8cAnUf8MfMaIOV323l6Y= github.com/onsi/gomega v1.25.0/go.mod h1:r+zV744Re+DiYCIPRlYOTxn0YkOLcAnW8k1xXdMPGhM= -github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.1.0-rc4 h1:oOxKUJWnFC4YGHCCMNql1x4YaDfYBTS5Y4x/Cgeo1E0= -github.com/opencontainers/image-spec v1.1.0-rc4/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= github.com/opencontainers/runc v1.1.0/go.mod h1:Tj1hFw6eFWp/o33uxGf5yF2BX5yz2Z6iptFpuvbbKqc= github.com/opencontainers/runc v1.1.1/go.mod h1:Tj1hFw6eFWp/o33uxGf5yF2BX5yz2Z6iptFpuvbbKqc= github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= -github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis= -github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74= -github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= -github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxSfWAKL3wpBW7V8scJMt8N8gnaMCS9E/cA= -github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw= -github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4= -github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4= github.com/opsgenie/opsgenie-go-sdk-v2 v1.0.5 h1:AnS8ZCC5dle8P4X4FZ+IOlX9v0jAkCMiZDIzRnYwBbs= github.com/opsgenie/opsgenie-go-sdk-v2 v1.0.5/go.mod h1:f0ezb0R/mrB9Hpm5RrIS6EX3ydjsR2nAB88nYYXZcNY= -github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc= github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ= -github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= -github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= -github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= -github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= -github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc= -github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= -github.com/pierrec/lz4/v4 v4.1.15/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4= github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI= -github.com/pkg/browser v0.0.0-20210115035449-ce105d075bb4/go.mod h1:N6UoU20jOqggOuDwUaBQpluzLNDqif3kq9z2wpdYEfQ= -github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= -github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA= github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= -github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= +github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= -github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= +github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= +github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/common v0.15.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM= -github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc= +github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= +github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.3.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= +github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= +github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/quobyte/api v0.1.8/go.mod h1:jL7lIHrmqQ7yh05OJ+eEEdHr0u/kmT1Ff9iHd+4H6VI= github.com/r3labs/diff v1.1.0 h1:V53xhrbTHrWFWq3gI4b94AjgEJOerO1+1l0xyHOBi8M= github.com/r3labs/diff v1.1.0/go.mod h1:7WjXasNzi0vJetRcB/RqNl5dlIsmXcTTLmF5IoH6Xig= -github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/redis/go-redis/v9 v9.0.0-rc.4/go.mod h1:Vo3EsyWnicKnSKCA7HhgnvnyA74wOA69Cd2Meli5mmA= -github.com/redis/go-redis/v9 v9.0.5 h1:CuQcn5HIEeK7BgElubPP8CGtE0KakrnbBSTLjathl5o= -github.com/redis/go-redis/v9 v9.0.5/go.mod h1:WqMKv5vnQbRuZstUwxQI195wHy+t4PuXDOjzMvcuQHk= +github.com/redis/go-redis/v9 v9.0.2 h1:BA426Zqe/7r56kCcvxYLWe1mkaz71LKF77GwgFzSxfE= +github.com/redis/go-redis/v9 v9.0.2/go.mod h1:/xDTe9EF1LM61hek62Poq2nzQSGj0xSrEtEHbBQevps= github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= -github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= +github.com/rivo/tview v0.0.0-20200219210816-cd38d7432498/go.mod h1:6lkG1x+13OShEf0EaOCaTQYyB7d5nSbb181KtjlS+84= +github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= -github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= -github.com/rogpeppe/clock v0.0.0-20190514195947-2896927a307a h1:3QH7VyOaaiUHNrA9Se4YQIRkDTCw1EJls9xTUCaCeRM= -github.com/rogpeppe/clock v0.0.0-20190514195947-2896927a307a/go.mod h1:4r5QyqhjIWCcK8DO4KMclc5Iknq5qVBAlbYYzAbUScQ= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= -github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU= github.com/rs/cors v1.8.0 h1:P2KMzcFwrPoSjkF1WLRPsp3UMLyql8L4v9hQpVeK5so= github.com/rs/cors v1.8.0/go.mod h1:EBwu+T5AvHOcXwvZIkQFjUN6s8Czyqw12GL/Y0tUyRM= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rubiojr/go-vhd v0.0.0-20200706105327-02e210299021/go.mod h1:DM5xW0nvfNNm2uytzsvhI3OnX8uzaRAg8UX/CnDqbto= +github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= -github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w= -github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E= +github.com/sanity-io/litter v1.2.0/go.mod h1:JF6pZUFgu2Q0sBZ+HSV35P8TVPI1TTzEwyu9FXAw2W4= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/seccomp/libseccomp-golang v0.9.2-0.20210429002308-3879420cc921/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= @@ -1735,8 +959,8 @@ github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic github.com/sirupsen/logrus v1.9.2/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/skeema/knownhosts v1.2.0 h1:h9r9cf0+u7wSE+M183ZtMGgOJKiL96brpaz5ekfJCpM= -github.com/skeema/knownhosts v1.2.0/go.mod h1:g4fPeYpque7P0xefxtGzV81ihjC8sX2IqpAoNkjxbMo= +github.com/skeema/knownhosts v1.1.0 h1:Wvr9V0MxhjRbl3f9nMnKnFfiWTJmtECJ9Njkea3ysW0= +github.com/skeema/knownhosts v1.1.0/go.mod h1:sKFq3RD6/TKZkSWn8boUbDC7Qkgcv+8XXijpFO6roag= github.com/skratchdot/open-golang v0.0.0-20160302144031-75fb7ed4208c h1:fyKiXKO1/I/B6Y2U8T7WdQGWzwehOuGIrljPtt7YTTI= github.com/skratchdot/open-golang v0.0.0-20160302144031-75fb7ed4208c/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog= github.com/slack-go/slack v0.12.1 h1:X97b9g2hnITDtNsNe5GkGx6O2/Sz/uC20ejRZN6QxOw= @@ -1748,19 +972,16 @@ github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9 github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/soheilhy/cmux v0.1.5 h1:jjzc5WVemNEDTLwv9tlmemhC73tI08BNOIGwBOo10Js= github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= -github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY= github.com/sony/sonyflake v1.0.0 h1:MpU6Ro7tfXwgn2l5eluf9xQvQJDROTBImNCfRXn/YeM= github.com/sony/sonyflake v1.0.0/go.mod h1:Jv3cfhf/UFtolOTTRd3q4Nl6ENqM+KfyZ5PseKfZGF4= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= -github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= -github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= +github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA= +github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= @@ -1771,7 +992,6 @@ github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRM github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= @@ -1781,15 +1001,13 @@ github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf/go.mod h1:RJID2RhlZKId02nZ62WenDCkgHFerpIOmW0iT7GKmXM= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/storageos/go-api v2.2.0+incompatible/go.mod h1:ZrLn+e0ZuF3Y65PNF6dIwbJPZqfmtCXxFm9ckv0agOY= -github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= -github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw= -github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v0.0.0-20161117074351-18a02ba4a312/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -1803,22 +1021,13 @@ github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcU github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tidwall/gjson v1.14.4 h1:uo0p8EbA09J7RQaflQ1aBRffTR7xedD2bcIVSYxLnkM= -github.com/tidwall/gjson v1.14.4/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= -github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= -github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= +github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= -github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= -github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ugorji/go v1.1.7 h1:/68gy2h+1mWMrwZFeD1kQialdSzAb432dtpeJ42ovdo= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= -github.com/ugorji/go/codec v1.1.7 h1:2SvQaVZ1ouYrrKKwoSk2pzd4A9evlKJb9oTL+OaLUSs= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= -github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/negroni v1.0.0/go.mod h1:Meg73S6kFm/4PpbYdq35yYWoCZ9mS/YSx+lKnmiohz4= @@ -1836,10 +1045,10 @@ github.com/vmihailenco/msgpack/v5 v5.3.4/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= github.com/vmware/govmomi v0.20.3/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU= -github.com/whilp/git-urls v1.0.0 h1:95f6UMWN5FKW71ECsXRUd3FVYiXdrE7aX4NZKcPmIjU= -github.com/whilp/git-urls v1.0.0/go.mod h1:J16SAmobsqc3Qcy98brfl5f5+e0clUvg1krgwk/qCfE= -github.com/xanzy/go-gitlab v0.89.0 h1:yJuy1Pw+to/NqHzVIiopt/VApoHvGDB5SEGuRs3EJpI= -github.com/xanzy/go-gitlab v0.89.0/go.mod h1:5ryv+MnpZStBH8I/77HuQBsMbBGANtVpLWC15qOjWAw= +github.com/whilp/git-urls v0.0.0-20191001220047-6db9661140c0 h1:qqllXPzXh+So+mmANlX/gCJrgo+1kQyshMoQ+NASzm0= +github.com/whilp/git-urls v0.0.0-20191001220047-6db9661140c0/go.mod h1:2rx5KE5FLD0HRfkkpyn8JwbVLBdhgeiOb2D2D9LLKM4= +github.com/xanzy/go-gitlab v0.60.0 h1:HaIlc14k4t9eJjAhY0Gmq2fBHgKd1MthBn3+vzDtsbA= +github.com/xanzy/go-gitlab v0.60.0/go.mod h1:F0QEXwmqiBUxCgJm8fE9S+1veX4XC9Z4cfaAbqwk4YM= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= @@ -1847,13 +1056,9 @@ github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+ github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g= github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= github.com/xdg-go/stringprep v1.0.3/go.mod h1:W3f5j4i+9rC0kuIEJL0ky1VpHXQU3ocBgklLGvcBnW8= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca h1:1CFlNzQhALwjS9mBAUkycX616GzgsuYUOCHA5+HSlXI= github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg= -github.com/xlab/treeprint v1.1.0 h1:G/1DjNkPpfZCFt9CSh6b5/nY4VimlbHF3Rh4obvtzDk= -github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -1863,14 +1068,10 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/yuin/gopher-lua v1.1.0 h1:BojcDhfyDWgU2f2TOzYK/g5p2gxMrku8oupLDqlnSqE= -github.com/yuin/gopher-lua v1.1.0/go.mod h1:GBR0iDaNXjAgGg9zfCvksxSRnQx76gclCIb7kdAd1Pw= -github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= -github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA= +github.com/yuin/gopher-lua v0.0.0-20220504180219-658193537a64 h1:5mLPGnFdSsevFRFc9q3yYbBkB6tsm4aCwwQV/j1JQAQ= +github.com/yuin/gopher-lua v0.0.0-20220504180219-658193537a64/go.mod h1:GBR0iDaNXjAgGg9zfCvksxSRnQx76gclCIb7kdAd1Pw= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= -go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/api/v3 v3.5.1/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= @@ -1883,11 +1084,8 @@ go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD0 go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4= go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= +go.mongodb.org/mongo-driver v1.10.0 h1:UtV6N5k14upNp4LTduX0QCufG124fSu25Wz9tu94GLg= go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= -go.mongodb.org/mongo-driver v1.11.3 h1:Ql6K6qYHEzB6xvu4+AU0BoRoqf9vFPcc4o7MUIdPW8Y= -go.mongodb.org/mongo-driver v1.11.3/go.mod h1:PTSz5yu21bkT/wXpkS7WR5f0ddqw5quethTUn9WM+2g= -go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= -go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -1895,59 +1093,51 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.42.0 h1:ZOLJc06r4CB42laIXg/7udr0pbZyuAihN10A/XuiQRY= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.42.0/go.mod h1:5z+/ZWJQKXa9YT34fQNx5K8Hd1EoIhvtUygUQPqEOgQ= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.31.0 h1:li8u9OSMvLau7rMs8bmiL82OazG6MAkwPz2i6eS8TBQ= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.31.0/go.mod h1:SY9qHHUES6W3oZnO1H2W8NvsSovIoXRg/A1AH9px8+I= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= -go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s= -go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4= +go.opentelemetry.io/otel v1.6.1/go.mod h1:blzUabWHkX6LJewxvadmzafgh/wnvBSDBdOuwkAtrWQ= +go.opentelemetry.io/otel v1.11.1 h1:4WLLAmcfkmDk2ukNXJyq3/kiz/3UzCaYq6PskJsaou4= +go.opentelemetry.io/otel v1.11.1/go.mod h1:1nNhXBbWSD0nsL38H6btgnFN2k4i0sNLHNNMZMSbUGE= go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= -go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 h1:t4ZwRPU+emrcvM2e9DHd0Fsf0JTPVcbfa/BhTDF03d0= -go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0/go.mod h1:vLarbg68dH2Wa77g71zmKQqlQ8+8Rq3GRG31uc0WcWI= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 h1:cbsD4cUcviQGXdw8+bo5x2wazq10SKz8hEbtCRPcU78= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0/go.mod h1:JgXSGah17croqhJfhByOLVY719k1emAXC8MVhCIJlRs= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0 h1:TVQp/bboR4mhZSav+MdgXB8FaRho1RC8UwVn3T0vjVc= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0/go.mod h1:I33vtIe0sR96wfrUcilIzLoA3mLHhRmz9S9Te0S3gDo= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.11.1 h1:X2GndnMCsUPh6CiY2a+frAbNsXaPLbB0soHRYhAZ5Ig= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.11.1/go.mod h1:i8vjiSzbiUC7wOQplijSXMYUpNM93DtlS5CbUT+C6oQ= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.11.1 h1:MEQNafcNCB0uQIti/oHgU7CZpUMYQ7qigBwMVKycHvc= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.11.1/go.mod h1:19O5I2U5iys38SsmT2uDJja/300woyzE1KPIQxEUBUc= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.11.1 h1:LYyG/f1W/jzAix16jbksJfMQFpOH/Ma6T639pVPMgfI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.11.1/go.mod h1:QrRRQiY3kzAoYPNLP0W/Ikg0gR6V3LMc+ODSxr7yyvg= go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= -go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo= -go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4= go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw= go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= -go.opentelemetry.io/otel/sdk v1.16.0 h1:Z1Ok1YsijYL0CSJpHt4cS3wDDh7p572grzNrBMiMWgE= -go.opentelemetry.io/otel/sdk v1.16.0/go.mod h1:tMsIuKXuuIWPBAOrH+eHtvhTL+SntFtXF9QD68aP6p4= +go.opentelemetry.io/otel/sdk v1.11.1 h1:F7KmQgoHljhUuJyA+9BiU+EkJfyX5nVVF4wyzWZpKxs= +go.opentelemetry.io/otel/sdk v1.11.1/go.mod h1:/l3FE4SupHJ12TduVjUkZtlfFqDCQJlOlithYrdktys= go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE= go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE= go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= -go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs= -go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0= +go.opentelemetry.io/otel/trace v1.6.1/go.mod h1:RkFRM1m0puWIq10oxImnGEduNBzxiN7TXluRBtE+5j0= +go.opentelemetry.io/otel/trace v1.11.1 h1:ofxdnzsNrGBYXbP7t7zpUK281+go5rF7dvdIZXF8gdQ= +go.opentelemetry.io/otel/trace v1.11.1/go.mod h1:f/Q9G7vzk5u91PhbmKbg1Qn0rzH1LJ4vbPHFGkTPtOk= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.opentelemetry.io/proto/otlp v0.19.0 h1:IVN6GR+mhC4s5yfcTbmzHYODqvWAp3ZedA2SJPI1Nnw= go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= +go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 h1:+FNtrFTmVw0YZGpBGX56XDee331t6JAXeK2bcyhLOOc= go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5/go.mod h1:nmDLcffg48OtT/PSW0Hg7FvpRQsQh5OSqIylirxKC7o= -go.starlark.net v0.0.0-20220328144851-d1966c6b9fcd h1:Uo/x0Ir5vQJ+683GXB9Ug+4fcjsbp7z7Ul8UaZbhsRM= -go.starlark.net v0.0.0-20220328144851-d1966c6b9fcd/go.mod h1:t3mmBBPzAVvK0L0n1drDmrQsJ8FoIx4INCqVMTr/Zo0= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= +go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.1 h1:ue41HOKd1vGURxrmeKIgELGb3jPW9DMUDGtsinblHwI= +golang.org/x/arch v0.1.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1957,30 +1147,23 @@ golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaE golang.org/x/crypto v0.0.0-20190422183909-d864b10871cd/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= +golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= +golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM= golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= -golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= -golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk= -golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1990,31 +1173,16 @@ golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxT golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190731235908-ec7cb31e5a56/go.mod h1:JhuoJpWY28nO4Vef9tZUw9qufEGTyX1+7lmHxV5q5G4= golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20200331195152-e8c3332aa8e5/go.mod h1:4M0jN8W1tt0AVLNr8HDosyJCDCDuyL9N9+3m7wDWgKw= golang.org/x/exp v0.0.0-20210220032938-85be41e4509f/go.mod h1:I6l2HNBLBZEcrOoCpyKLdY2lHoRZ8lI4x60KMCQDft4= -golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= -golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc= -golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20200618115811-c13761719519/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20201208152932-35266b937fa6/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20210216034530-4410531fe030/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= -golang.org/x/image v0.0.0-20210607152325-775e3b0c77b9/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= -golang.org/x/image v0.0.0-20210628002857-a66eb6448b8d/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= -golang.org/x/image v0.0.0-20211028202545-6944b10bf410/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= -golang.org/x/image v0.0.0-20220302094943-723b81ca9867/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -2041,15 +1209,13 @@ golang.org/x/mod v0.3.1-0.20200828183125-ce943fd02449/go.mod h1:s0Qsj1ACt9ePp/hM golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= -golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.9.0 h1:KENHtAZL2y3NLMYZeHY9DW8HW8V+kQyJsY/V9JlKvCs= -golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -2057,7 +1223,6 @@ golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -2070,7 +1235,6 @@ golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -2079,7 +1243,6 @@ golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= @@ -2103,8 +1266,6 @@ golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1 golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= @@ -2114,26 +1275,19 @@ golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.0.0-20220617184016-355a448f1bc9/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= -golang.org/x/net v0.0.0-20221012135044-0b7e1fb9d458/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= -golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU= golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ= -golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= -golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14= -golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= +golang.org/x/oauth2 v0.0.0-20180227000427-d7d64896b5ff/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2156,19 +1310,8 @@ golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= -golang.org/x/oauth2 v0.0.0-20220622183110-fd043fe589d2/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= +golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094 h1:2o1E+E8TpNLklK9nHiPiK1uzIYrIHt+cQx3ynCwq9V8= golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= -golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= -golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= -golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= -golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= -golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= -golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= -golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= -golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= -golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU= -golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -2183,12 +1326,9 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sys v0.0.0-20180224232135-f6cff0780e54/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -2196,7 +1336,6 @@ golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190124100055-b90733256f2e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -2213,9 +1352,9 @@ golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190626150813-e07cf5db2756/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -2226,7 +1365,6 @@ golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191220142924-d4481acd189f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -2240,7 +1378,6 @@ golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -2260,8 +1397,6 @@ golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -2270,7 +1405,6 @@ golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210503080704-8803ae5d1324/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -2278,12 +1412,9 @@ golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210608053332-aa57babbf139/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -2308,41 +1439,32 @@ golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= -golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.9.0 h1:GRRCnKYhdQrD8kfRAdQ6Zcw1P0OcELxGLKJvtjVMZ28= golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= -golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= -golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0= -golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -2352,30 +1474,21 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58= golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc= -golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 h1:vVKdlvoWBphwdxWKrFZEuM0kGgGLxUOYcY4U/2Vjg44= golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -2398,10 +1511,7 @@ golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -2411,7 +1521,6 @@ golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117012304-6edc0a871e69/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -2436,29 +1545,24 @@ golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/tools v0.1.10-0.20220218145154-897bd77cd717/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= +golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4= -golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -2466,7 +1570,6 @@ golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= -golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= gomodules.xyz/envconfig v1.3.1-0.20190308184047-426f31af0d45 h1:juzzlx91nWAOsHuOVfXZPMXHtJEKouZvY9bBbwlOeYs= gomodules.xyz/envconfig v1.3.1-0.20190308184047-426f31af0d45/go.mod h1:41y72mzHT7+jFNgyBpJRrZWuZJcLmLrTpq6iGgOFJMQ= gomodules.xyz/jsonpatch/v2 v2.2.0 h1:4pT439QV83L+G9FkcCriY6EkpcK6r6bK+A5FBUMI7qY= @@ -2477,15 +1580,9 @@ gomodules.xyz/version v0.1.0/go.mod h1:Y8xuV02mL/45psyPKG3NCVOwvAOy6T5Kx0l3rCjKS gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo= gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0= gonum.org/v1/gonum v0.6.2/go.mod h1:9mxDZsDKxgMAuccQkewq682L+0eCu4dCN2yonUJTCLU= -gonum.org/v1/gonum v0.8.2/go.mod h1:oe/vMfY3deqTw+1EZJhuvEW2iwGF1bW9wwu7XCu0+v0= -gonum.org/v1/gonum v0.9.3/go.mod h1:TZumC3NeyVQskjXqmyWt4S3bINhy7B4eYwW69EbyX+0= -gonum.org/v1/gonum v0.11.0/go.mod h1:fSG4YDCxxUZQJ7rKsQrj0gMOg00Il0Z96/qMA4bVQhA= gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc= -gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY= -gonum.org/v1/plot v0.10.1/go.mod h1:VZW5OlhkL1mysU9vaqNHnsy86inf6Ot+jB3r+BczCEo= -google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -2524,33 +1621,11 @@ google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/S google.golang.org/api v0.71.0/go.mod h1:4PyU6e6JogV1f9eA4voyrTY2batOLdgZ5qZ5HOCc4j8= google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs= google.golang.org/api v0.75.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= -google.golang.org/api v0.77.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= google.golang.org/api v0.78.0/go.mod h1:1Sg78yoMLOhlQTeF+ARBoytAcH1NNyyl390YMy6rKmw= google.golang.org/api v0.80.0/go.mod h1:xY3nI94gbvBrE0J6NHXhxOmW97HG7Khjkku6AFB3Hyg= google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o= -google.golang.org/api v0.85.0/go.mod h1:AqZf8Ep9uZ2pyTvgL+x0D3Zt0eoT9b5E8fmzfu6FO2g= -google.golang.org/api v0.90.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= -google.golang.org/api v0.93.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= -google.golang.org/api v0.95.0/go.mod h1:eADj+UBuxkh5zlrSntJghuNeg8HwQ1w5lTKkuqaETEI= -google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= -google.golang.org/api v0.97.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= -google.golang.org/api v0.98.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= -google.golang.org/api v0.99.0/go.mod h1:1YOf74vkVndF7pG6hIHuINsM7eWwpVTAfNMNiL91A08= -google.golang.org/api v0.100.0/go.mod h1:ZE3Z2+ZOr87Rx7dqFsdRQkRBk36kDtp/h+QpHbB7a70= -google.golang.org/api v0.102.0/go.mod h1:3VFl6/fzoA+qNuS1N1/VfXY4LjoXN/wzeIp7TweWwGo= -google.golang.org/api v0.103.0/go.mod h1:hGtW6nK1AC+d9si/UBhw8Xli+QMOf6xyNAyJw4qU9w0= -google.golang.org/api v0.106.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= -google.golang.org/api v0.107.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= -google.golang.org/api v0.108.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= -google.golang.org/api v0.110.0/go.mod h1:7FC4Vvx1Mooxh8C5HWjzZHcavuS2f6pmJpZx60ca7iI= -google.golang.org/api v0.111.0/go.mod h1:qtFHvU9mhgTJegR31csQ+rwxyUTHOKFqCKWp1J0fdw0= -google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= -google.golang.org/api v0.118.0/go.mod h1:76TtD3vkgmZ66zZzp72bUUklpmQmKlhh6sYtIjYK+5E= -google.golang.org/api v0.122.0/go.mod h1:gcitW0lvnyWjSp9nKxAbdHKIZ6vF4aajGueeslZOyms= -google.golang.org/api v0.124.0/go.mod h1:xu2HQurE5gi/3t1aFCvhPD781p0a3p11sdunTJ2BlP4= -google.golang.org/api v0.126.0/go.mod h1:mBwVAtz+87bEN6CbA1GtZPDOqY2R5ONPqJeIlvyo4Aw= +google.golang.org/appengine v1.0.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= @@ -2563,7 +1638,6 @@ google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRn google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= @@ -2598,10 +1672,7 @@ google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210126160654-44e461bb6506/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -2636,92 +1707,22 @@ google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2 google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= google.golang.org/genproto v0.0.0-20220310185008-1973136f34c6/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E= -google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= google.golang.org/genproto v0.0.0-20220413183235-5e96e2839df9/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= google.golang.org/genproto v0.0.0-20220414192740-2d67ff6cf2b4/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= google.golang.org/genproto v0.0.0-20220421151946-72621c1f0bd3/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= google.golang.org/genproto v0.0.0-20220429170224-98d788798c3e/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo= -google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/genproto v0.0.0-20220518221133-4f43b3371335/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/genproto v0.0.0-20220523171625-347a074981d8/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4= google.golang.org/genproto v0.0.0-20220608133413-ed9918b62aac/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= +google.golang.org/genproto v0.0.0-20220616135557-88e70c0c3a90 h1:4SPz2GL2CXJt28MTF8V6Ap/9ZiVbQlJeGSd9qtA7DLs= google.golang.org/genproto v0.0.0-20220616135557-88e70c0c3a90/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= -google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= -google.golang.org/genproto v0.0.0-20220624142145-8cd45d7dbd1f/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= -google.golang.org/genproto v0.0.0-20220628213854-d9e0b6570c03/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA= -google.golang.org/genproto v0.0.0-20220722212130-b98a9ff5e252/go.mod h1:GkXuJDJ6aQ7lnJcRF+SJVgFdQhypqgl3LB1C9vabdRE= -google.golang.org/genproto v0.0.0-20220801145646-83ce21fca29f/go.mod h1:iHe1svFLAZg9VWz891+QbRMwUv9O/1Ww+/mngYeThbc= -google.golang.org/genproto v0.0.0-20220815135757-37a418bb8959/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= -google.golang.org/genproto v0.0.0-20220817144833-d7fd3f11b9b1/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= -google.golang.org/genproto v0.0.0-20220822174746-9e6da59bd2fc/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= -google.golang.org/genproto v0.0.0-20220829144015-23454907ede3/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= -google.golang.org/genproto v0.0.0-20220829175752-36a9c930ecbf/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk= -google.golang.org/genproto v0.0.0-20220913154956-18f8339a66a5/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= -google.golang.org/genproto v0.0.0-20220914142337-ca0e39ece12f/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= -google.golang.org/genproto v0.0.0-20220915135415-7fd63a7952de/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= -google.golang.org/genproto v0.0.0-20220916172020-2692e8806bfa/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= -google.golang.org/genproto v0.0.0-20220919141832-68c03719ef51/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo= -google.golang.org/genproto v0.0.0-20220920201722-2b89144ce006/go.mod h1:ht8XFiar2npT/g4vkk7O0WYS1sHOHbdujxbEp7CJWbw= -google.golang.org/genproto v0.0.0-20220926165614-551eb538f295/go.mod h1:woMGP53BroOrRY3xTxlbr8Y3eB/nzAvvFM83q7kG2OI= -google.golang.org/genproto v0.0.0-20220926220553-6981cbe3cfce/go.mod h1:woMGP53BroOrRY3xTxlbr8Y3eB/nzAvvFM83q7kG2OI= -google.golang.org/genproto v0.0.0-20221010155953-15ba04fc1c0e/go.mod h1:3526vdqwhZAwq4wsRUaVG555sVgsNmIjRtO7t/JH29U= -google.golang.org/genproto v0.0.0-20221014173430-6e2ab493f96b/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= -google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= -google.golang.org/genproto v0.0.0-20221024153911-1573dae28c9c/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= -google.golang.org/genproto v0.0.0-20221024183307-1bc688fe9f3e/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= -google.golang.org/genproto v0.0.0-20221027153422-115e99e71e1c/go.mod h1:CGI5F/G+E5bKwmfYo09AXuVN4dD894kIKUFmVbP2/Fo= -google.golang.org/genproto v0.0.0-20221109142239-94d6d90a7d66/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= -google.golang.org/genproto v0.0.0-20221114212237-e4508ebdbee1/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= -google.golang.org/genproto v0.0.0-20221117204609-8f9c96812029/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= -google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= -google.golang.org/genproto v0.0.0-20221201164419-0e50fba7f41c/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= -google.golang.org/genproto v0.0.0-20221201204527-e3fa12d562f3/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg= -google.golang.org/genproto v0.0.0-20221202195650-67e5cbc046fd/go.mod h1:cTsE614GARnxrLsqKREzmNYJACSWWpAWdNMwnD7c2BE= -google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230112194545-e10362b5ecf9/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230113154510-dbe35b8444a5/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230124163310-31e0e69b6fc2/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230125152338-dcaf20b6aeaa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230209215440-0dfe4f8abfcc/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= -google.golang.org/genproto v0.0.0-20230216225411-c8e22ba71e44/go.mod h1:8B0gmkoRebU8ukX6HP+4wrVQUY1+6PkQ44BSyIlflHA= -google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw= -google.golang.org/genproto v0.0.0-20230223222841-637eb2293923/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw= -google.golang.org/genproto v0.0.0-20230303212802-e74f57abe488/go.mod h1:TvhZT5f700eVlTNwND1xoEZQeWTB2RY/65kplwl/bFA= -google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= -google.golang.org/genproto v0.0.0-20230320184635-7606e756e683/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= -google.golang.org/genproto v0.0.0-20230323212658-478b75c54725/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= -google.golang.org/genproto v0.0.0-20230330154414-c0448cd141ea/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= -google.golang.org/genproto v0.0.0-20230331144136-dcfb400f0633/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= -google.golang.org/genproto v0.0.0-20230403163135-c38d8f061ccd/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak= -google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU= -google.golang.org/genproto v0.0.0-20230525234025-438c736192d0/go.mod h1:9ExIQyXL5hZrHzQceCwuSYwZZ5QZBazOcprJ5rgs3lY= -google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc h1:8DyZCyvI8mE1IdLy/60bS+52xfymkE72wv1asokgtao= -google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:xZnkP7mREFX5MORlOPEzLMr+90PPZQ2QWzrVTWfAq64= -google.golang.org/genproto/googleapis/api v0.0.0-20230525234020-1aefcd67740a/go.mod h1:ts19tUU+Z0ZShN1y3aPyq2+O3d5FUNNgT6FtOzmrNn8= -google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= -google.golang.org/genproto/googleapis/api v0.0.0-20230526203410-71b5a4ffd15e/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= -google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc h1:kVKPf/IiYSBWEWtkIn6wZXwWGCnLKcC8oWfZvXjsGnM= -google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= -google.golang.org/genproto/googleapis/bytestream v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:ylj+BE99M198VPbBh6A8d9n3w8fChvyLK3wwBOjXBFA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234015-3fc162c6f38a/go.mod h1:xURIpW9ES5+/GZhnV6beoEtxQrnkRGIfP5VQG2tCBLc= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230526203410-71b5a4ffd15e/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc h1:XSJ8Vk1SWuNr8S18z1NZSziL0CPIXLCCMDOEFtHBOFc= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= -google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -google.golang.org/grpc v1.22.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= @@ -2731,7 +1732,6 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= @@ -2751,17 +1751,8 @@ google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11 google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= google.golang.org/grpc v1.46.2/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= google.golang.org/grpc v1.47.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= -google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk= -google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= -google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= -google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.51.0 h1:E1eGv1FTqoLIdnBCZufiSHgKjlqG6fKFf6pPWtMTh8U= google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= -google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= -google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= -google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= -google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGONTY8= -google.golang.org/grpc v1.56.2 h1:fVRFRnXvU+x6C4IlHZewvJOVHoOv1TUuQyoRsYnB4bI= -google.golang.org/grpc v1.56.2/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= @@ -2772,11 +1763,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk= gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk= @@ -2786,13 +1774,13 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/gcfg.v1 v1.2.0/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= -gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE= gopkg.in/go-playground/validator.v9 v9.29.1/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ= +gopkg.in/go-playground/webhooks.v5 v5.17.0 h1:truBced5ZmkiNKK47cM8bMe86wUSjNks7SFMuNKwzlc= +gopkg.in/go-playground/webhooks.v5 v5.17.0/go.mod h1:LZbya/qLVdbqDR1aKrGuWV6qbia2zCYSR5dpom2SInQ= gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AWRXxgwEyPp2z+p0+hgMuE= gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= @@ -2801,8 +1789,6 @@ gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/retry.v1 v1.0.3 h1:a9CArYczAVv6Qs6VGoLMio99GEs7kY9UzSF9+LD+iGs= -gopkg.in/retry.v1 v1.0.3/go.mod h1:FJkXmWiMaAo7xB+xhvDF59zhfjDWyzmyAxiT4dB688g= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI= gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= @@ -2818,7 +1804,6 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= -honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -2826,7 +1811,6 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las= k8s.io/api v0.24.2 h1:g518dPU/L7VRLxWfcadQn2OnsiGWVOadTLpdnqgY2OI= k8s.io/api v0.24.2/go.mod h1:AHqbSkTm6YrQ0ObxjO3Pmp/ubFF/KuM7jU+3khoBsOg= k8s.io/apiextensions-apiserver v0.24.2 h1:/4NEQHKlEz1MlaK/wHT5KMKC9UKYz6NZz6JE6ov4G6k= @@ -2854,8 +1838,6 @@ k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8 k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20211129171323-c02415ce4185 h1:TT1WdmqqXareKxZ/oNXEUSwKlLiHzPMyB0t8BaFeBYI= k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= -k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= @@ -2868,7 +1850,6 @@ k8s.io/kube-aggregator v0.24.2/go.mod h1:Ju2jNDixn+vqeeKEBfjfpc204bO1pbdXX0N9knC k8s.io/kube-controller-manager v0.24.2/go.mod h1:KDE0yqiEvxYiO0WRpPA4rVx8AcK1vsWydUF37AJ9lTI= k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42/go.mod h1:Z/45zLw8lUo4wdiUkI+v/ImEGAvu3WatcZl3lPMR4Rk= -k8s.io/kube-openapi v0.0.0-20220401212409-b28bf2818661/go.mod h1:daOouuuwd9JXpv1L7Y34iV3yf6nxzipkKMWWlqlvK9M= k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 h1:yEQKdMCjzAOvGeiTwG4hO/hNVNtDOuUFvMUZ0OlaIzs= k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8/go.mod h1:mbJ+NSUoAhuR14N0S63bPkh8MGVSo3VYSGZtH/mfMe0= k8s.io/kube-proxy v0.24.2/go.mod h1:bozS2ufl/Ns6s40Ue34eV7rqyLVygi5usSmCgW7rFU8= @@ -2886,55 +1867,15 @@ k8s.io/sample-apiserver v0.24.2/go.mod h1:mf8qgDdu450wqpCJOkSAmoTgU4PIMAcfa5uTBw k8s.io/system-validators v1.7.0/go.mod h1:gP1Ky+R9wtrSiFbrpEPwWMeYz9yqyy1S/KOh0Vci7WI= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 h1:HNSDgDCrr/6Ly3WEGKZftiE7IY19Vz2GdbOCyI4qqhc= k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20220706174534-f6158b442e7c h1:hFZO68mv/0xe8+V0gRT9BAq3/31cKjjeVv4nScriuBk= -k8s.io/utils v0.0.0-20220706174534-f6158b442e7c/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= layeh.com/gopher-json v0.0.0-20190114024228-97fed8db8427 h1:RZkKxMR3jbQxdCEcglq3j7wY3PRJIopAwBlx1RE71X0= layeh.com/gopher-json v0.0.0-20190114024228-97fed8db8427/go.mod h1:ivKkcY8Zxw5ba0jldhZCYYQfGdb2K6u9tbYK1AwMIBc= -lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= -lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= -modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= -modernc.org/cc/v3 v3.36.2/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= -modernc.org/cc/v3 v3.36.3/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= -modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc= -modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw= -modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= -modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= -modernc.org/ccgo/v3 v3.16.8/go.mod h1:zNjwkizS+fIFDrDjIAgBSCLkWbJuHF+ar3QRn+Z9aws= -modernc.org/ccgo/v3 v3.16.9/go.mod h1:zNMzC9A9xeNUepy6KuZBbugn3c0Mc9TeiJO4lgvkJDo= -modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ= modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= -modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM= -modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= -modernc.org/libc v1.16.0/go.mod h1:N4LD6DBE9cf+Dzf9buBlzVJndKr/iJHG97vGLHYnb5A= -modernc.org/libc v1.16.1/go.mod h1:JjJE0eu4yeK7tab2n4S1w8tlWd9MxXLRzheaRnAKymU= -modernc.org/libc v1.16.17/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU= -modernc.org/libc v1.16.19/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= -modernc.org/libc v1.17.0/go.mod h1:XsgLldpP4aWlPlsjqKRdHPqCxCjISdHfM/yeWC5GyW0= -modernc.org/libc v1.17.1/go.mod h1:FZ23b+8LjxZs7XtFMbSzL/EhPxNbfZbErxEHc7cbD9s= modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= -modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= -modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= -modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= -modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= -modernc.org/memory v1.2.0/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= -modernc.org/memory v1.2.1/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= -modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= -modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= -modernc.org/sqlite v1.18.1/go.mod h1:6ho+Gow7oX5V+OiOQ6Tr4xeqbx13UZ6t+Fw9IRUG4d4= modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= -modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw= -modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw= -modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw= -modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= -modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8= -nhooyr.io/websocket v1.8.6/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= -nhooyr.io/websocket v1.8.7 h1:usjR2uOr/zjjkVMy0lW+PPohFok7PCow5sDjLgX4P4g= -nhooyr.io/websocket v1.8.7/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= -oras.land/oras-go/v2 v2.2.1 h1:3VJTYqy5KfelEF9c2jo1MLSpr+TM3mX8K42wzZcd6qE= -oras.land/oras-go/v2 v2.2.1/go.mod h1:GeAwLuC4G/JpNwkd+bSZ6SkDMGaaYglt6YK2WvZP7uQ= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= @@ -2942,23 +1883,19 @@ rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.30/go.mod h1:fEO7lRTdivWO2qYVCVG7dEADOMo/MLDCVr8So2g88Uw= sigs.k8s.io/controller-runtime v0.11.0 h1:DqO+c8mywcZLFJWILq4iktoECTyn30Bkj0CwgqMpZWQ= sigs.k8s.io/controller-runtime v0.11.0/go.mod h1:KKwLiTooNGu+JmLZGn9Sl3Gjmfj66eMbCQznLP5zcqA= +sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 h1:kDi4JBNAsJWfz1aEXhO8Jg87JJaPNLh5tIzYHgStQ9Y= sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= -sigs.k8s.io/json v0.0.0-20220525155127-227cbc7cc124 h1:2sgAQQcY0dEW2SsQwTXhQV4vO6+rSslYx8K3XmM5hqQ= -sigs.k8s.io/json v0.0.0-20220525155127-227cbc7cc124/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= +sigs.k8s.io/kustomize/api v0.11.4 h1:/0Mr3kfBBNcNPOW5Qwk/3eb8zkswCwnqQxxKtmrTkRo= sigs.k8s.io/kustomize/api v0.11.4/go.mod h1:k+8RsqYbgpkIrJ4p9jcdPqe8DprLxFUUO0yNOq8C+xI= -sigs.k8s.io/kustomize/api v0.11.5 h1:vLDp++YAX7iy2y2CVPJNy9pk9CY8XaUKgHkjbVtnWag= -sigs.k8s.io/kustomize/api v0.11.5/go.mod h1:2UDpxS6AonWXow2ZbySd4AjUxmdXLeTlvGBC46uSiq8= sigs.k8s.io/kustomize/cmd/config v0.10.6/go.mod h1:/S4A4nUANUa4bZJ/Edt7ZQTyKOY9WCER0uBS1SW2Rco= sigs.k8s.io/kustomize/kustomize/v4 v4.5.4/go.mod h1:Zo/Xc5FKD6sHl0lilbrieeGeZHVYCA4BzxeAaLI05Bg= +sigs.k8s.io/kustomize/kyaml v0.13.6 h1:eF+wsn4J7GOAXlvajv6OknSunxpcOBQQqsnPxObtkGs= sigs.k8s.io/kustomize/kyaml v0.13.6/go.mod h1:yHP031rn1QX1lr/Xd934Ri/xdVNG8BE2ECa78Ht/kEg= -sigs.k8s.io/kustomize/kyaml v0.13.7 h1:/EZ/nPaLUzeJKF/BuJ4QCuMVJWiEVoI8iftOHY3g3tk= -sigs.k8s.io/kustomize/kyaml v0.13.7/go.mod h1:6K+IUOuir3Y7nucPRAjw9yth04KSWBnP5pqUTGwj/qU= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= -sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= -sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= -sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU= diff --git a/hack/gen-catalog/main.go b/hack/gen-catalog/main.go index 486327e33ee6e..53117ad5303d0 100644 --- a/hack/gen-catalog/main.go +++ b/hack/gen-catalog/main.go @@ -16,12 +16,12 @@ import ( "github.com/argoproj/notifications-engine/pkg/services" "github.com/argoproj/notifications-engine/pkg/triggers" "github.com/argoproj/notifications-engine/pkg/util/misc" + "github.com/ghodss/yaml" "github.com/olekukonko/tablewriter" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "sigs.k8s.io/yaml" ) func main() { diff --git a/hack/gen-crd-spec/main.go b/hack/gen-crd-spec/main.go index e7dcd658ef26a..f69e3b17e7534 100644 --- a/hack/gen-crd-spec/main.go +++ b/hack/gen-crd-spec/main.go @@ -10,9 +10,9 @@ import ( "github.com/argoproj/argo-cd/v2/pkg/apis/application" "github.com/argoproj/gitops-engine/pkg/utils/kube" + "github.com/ghodss/yaml" extensionsobj "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "sigs.k8s.io/yaml" ) var ( diff --git a/hack/gen-resources/util/sizedwaitgroup.go b/hack/gen-resources/util/sizedwaitgroup.go index 6c6d4fb1c5fff..b43011ff802c9 100644 --- a/hack/gen-resources/util/sizedwaitgroup.go +++ b/hack/gen-resources/util/sizedwaitgroup.go @@ -24,7 +24,7 @@ // Based upon sync.WaitGroup, SizedWaitGroup allows to start multiple // routines and to wait for their end using the simple API. -// Package util SizedWaitGroup adds the feature of limiting the maximum number of +// SizedWaitGroup adds the feature of limiting the maximum number of // concurrently started routines. It could for example be used to start // multiples routines querying a database but without sending too much // queries in order to not overload the given database. diff --git a/hack/generate-proto.sh b/hack/generate-proto.sh index 1df4655d485dc..fcfe4e4f0e4d0 100755 --- a/hack/generate-proto.sh +++ b/hack/generate-proto.sh @@ -118,10 +118,7 @@ EOF del(.definitions.v1alpha1OptionalArray) | .definitions.v1alpha1ApplicationSourcePluginParameter.properties.map = {"description":"Map is the value of a map type parameter.","type":"object","additionalProperties":{"type":"string"}} | del(.definitions.v1alpha1OptionalMap) - ' "${COMBINED_SWAGGER}" | \ - jq '.definitions.v1Time.type = "string" | .definitions.v1Time.format = "date-time" | del(.definitions.v1Time.properties)' | \ - jq '.definitions.v1alpha1ResourceNode.allOf = [{"$ref": "#/definitions/v1alpha1ResourceRef"}] | del(.definitions.v1alpha1ResourceNode.properties.resourceRef) ' \ - > "${SWAGGER_OUT}" + ' "${COMBINED_SWAGGER}" > "${SWAGGER_OUT}" /bin/rm "${PRIMARY_SWAGGER}" "${COMBINED_SWAGGER}" } diff --git a/hack/installers/checksums/helm-v3.12.0-linux-amd64.tar.gz.sha256 b/hack/installers/checksums/helm-v3.12.0-linux-amd64.tar.gz.sha256 deleted file mode 100644 index 7462379983ea9..0000000000000 --- a/hack/installers/checksums/helm-v3.12.0-linux-amd64.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -da36e117d6dbc57c8ec5bab2283222fbd108db86c83389eebe045ad1ef3e2c3b helm-v3.12.0-linux-amd64.tar.gz diff --git a/hack/installers/checksums/helm-v3.12.0-linux-arm64.tar.gz.sha256 b/hack/installers/checksums/helm-v3.12.0-linux-arm64.tar.gz.sha256 deleted file mode 100644 index 3c6199cc3751f..0000000000000 --- a/hack/installers/checksums/helm-v3.12.0-linux-arm64.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -658839fed8f9be2169f5df68e55cb2f0aa731a50df454caf183186766800bbd0 helm-v3.12.0-linux-arm64.tar.gz diff --git a/hack/installers/checksums/helm-v3.12.0-linux-ppc64le.tar.gz.sha256 b/hack/installers/checksums/helm-v3.12.0-linux-ppc64le.tar.gz.sha256 deleted file mode 100644 index cae34431dba6d..0000000000000 --- a/hack/installers/checksums/helm-v3.12.0-linux-ppc64le.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -252d952b0e1b4ed2013710ddedf687ed5545d9f95a4fd72de0ff9617ff69155c helm-v3.12.0-linux-ppc64le.tar.gz diff --git a/hack/installers/checksums/helm-v3.12.0-linux-s390x.tar.gz.sha256 b/hack/installers/checksums/helm-v3.12.0-linux-s390x.tar.gz.sha256 deleted file mode 100644 index 3dd96d5670d5d..0000000000000 --- a/hack/installers/checksums/helm-v3.12.0-linux-s390x.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -727474fb1684aa2349a77c54340c11ff09b19862d972c2403185fb163fec13ae helm-v3.12.0-linux-s390x.tar.gz diff --git a/hack/installers/checksums/helm-v3.12.1-linux-amd64.tar.gz.sha256 b/hack/installers/checksums/helm-v3.12.1-linux-amd64.tar.gz.sha256 deleted file mode 100644 index 9a9fdc145bb6a..0000000000000 --- a/hack/installers/checksums/helm-v3.12.1-linux-amd64.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -1a7074f58ef7190f74ce6db5db0b70e355a655e2013c4d5db2317e63fa9e3dea helm-v3.12.1-linux-amd64.tar.gz diff --git a/hack/installers/checksums/helm-v3.12.1-linux-arm64.tar.gz.sha256 b/hack/installers/checksums/helm-v3.12.1-linux-arm64.tar.gz.sha256 deleted file mode 100644 index a0c153758e688..0000000000000 --- a/hack/installers/checksums/helm-v3.12.1-linux-arm64.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -50548d4fedef9d8d01d1ed5a2dd5c849271d1017127417dc4c7ef6777ae68f7e helm-v3.12.1-linux-arm64.tar.gz diff --git a/hack/installers/checksums/helm-v3.12.1-linux-ppc64le.tar.gz.sha256 b/hack/installers/checksums/helm-v3.12.1-linux-ppc64le.tar.gz.sha256 deleted file mode 100644 index 2d51832d19aff..0000000000000 --- a/hack/installers/checksums/helm-v3.12.1-linux-ppc64le.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -32b25dba14549a4097bf3dd62221cf6df06279ded391f7479144e3a215982aaf helm-v3.12.1-linux-ppc64le.tar.gz diff --git a/hack/installers/checksums/helm-v3.12.1-linux-s390x.tar.gz.sha256 b/hack/installers/checksums/helm-v3.12.1-linux-s390x.tar.gz.sha256 deleted file mode 100644 index 053b446be9913..0000000000000 --- a/hack/installers/checksums/helm-v3.12.1-linux-s390x.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -f243b564cf7e4081fffdfe5a39487f6442fc439586a1f50cc59dd801c3e636a5 helm-v3.12.1-linux-s390x.tar.gz diff --git a/hack/installers/checksums/kustomize_5.1.0_darwin_amd64.tar.gz.sha256 b/hack/installers/checksums/kustomize_5.1.0_darwin_amd64.tar.gz.sha256 deleted file mode 100644 index 946ee03acae12..0000000000000 --- a/hack/installers/checksums/kustomize_5.1.0_darwin_amd64.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -08664a17820138a68b7cbe302b1b63f4ec19c6e0838385f789ee0470f026ba25 kustomize_5.1.0_darwin_amd64.tar.gz diff --git a/hack/installers/checksums/kustomize_5.1.0_linux_amd64.tar.gz.sha256 b/hack/installers/checksums/kustomize_5.1.0_linux_amd64.tar.gz.sha256 deleted file mode 100644 index 2eb13d31cfd88..0000000000000 --- a/hack/installers/checksums/kustomize_5.1.0_linux_amd64.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -52f4cf1ba34d38fd55a9bef819e329c9a4561f5f57f8f539346038ab5026dda8 kustomize_5.1.0_linux_amd64.tar.gz diff --git a/hack/installers/checksums/kustomize_5.1.0_linux_arm64.tar.gz.sha256 b/hack/installers/checksums/kustomize_5.1.0_linux_arm64.tar.gz.sha256 deleted file mode 100644 index a5040fa6fd9a1..0000000000000 --- a/hack/installers/checksums/kustomize_5.1.0_linux_arm64.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -4e333ccf092bb72ef5d6bfd3e1f8abb161b5540ce47a53474d70c58eeb99f0a9 kustomize_5.1.0_linux_arm64.tar.gz diff --git a/hack/installers/checksums/kustomize_5.1.0_linux_ppc64le.tar.gz.sha256 b/hack/installers/checksums/kustomize_5.1.0_linux_ppc64le.tar.gz.sha256 deleted file mode 100644 index 3f7eda534c9c9..0000000000000 --- a/hack/installers/checksums/kustomize_5.1.0_linux_ppc64le.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -83abeb44857db6a06f9dd35c5c40282b3b9ae4ca73e6306c52be604668964f0e kustomize_5.1.0_linux_ppc64le.tar.gz diff --git a/hack/installers/checksums/kustomize_5.1.0_linux_s390x.tar.gz.sha256 b/hack/installers/checksums/kustomize_5.1.0_linux_s390x.tar.gz.sha256 deleted file mode 100644 index ded7a81927051..0000000000000 --- a/hack/installers/checksums/kustomize_5.1.0_linux_s390x.tar.gz.sha256 +++ /dev/null @@ -1 +0,0 @@ -acff69cfb8e11b7df73c71610379ad76c003d638294f9bc98ceb0b68655e953e kustomize_5.1.0_linux_s390x.tar.gz diff --git a/hack/installers/install-lint-tools.sh b/hack/installers/install-lint-tools.sh index b4f68e464b15b..4ca5eb651966f 100755 --- a/hack/installers/install-lint-tools.sh +++ b/hack/installers/install-lint-tools.sh @@ -1,4 +1,4 @@ #!/bin/bash set -eux -o pipefail -GO111MODULE=on go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.54.0 +GO111MODULE=on go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.51.0 diff --git a/hack/known_types/main.go b/hack/known_types/main.go index be8bcfdc7b50c..491bf1e491c93 100644 --- a/hack/known_types/main.go +++ b/hack/known_types/main.go @@ -4,7 +4,6 @@ import ( "errors" "fmt" "go/importer" - "go/token" "go/types" "os" "strings" @@ -37,16 +36,15 @@ func newCommand() *cobra.Command { packagePath := args[1] outputPath := args[2] - if !strings.HasPrefix(packagePath, packagePrefix) { - return fmt.Errorf("package must be under %s", packagePrefix) - } - - imprt := importer.ForCompiler(token.NewFileSet(), "source", nil) + // nolint:staticcheck + imprt := importer.For("source", nil) pkg, err := imprt.Import(packagePath) if err != nil { return err } - + if !strings.HasPrefix(packagePath, packagePrefix) { + return fmt.Errorf("package must be under %s", packagePrefix) + } shortPackagePath := strings.TrimPrefix(packagePath, packagePrefix) var mapItems []string diff --git a/hack/tool-versions.sh b/hack/tool-versions.sh index 0a78a89c9f0f4..5a92ebd3d95b6 100644 --- a/hack/tool-versions.sh +++ b/hack/tool-versions.sh @@ -11,8 +11,8 @@ # Use ./hack/installers/checksums/add-helm-checksums.sh and # add-kustomize-checksums.sh to help download checksums. ############################################################################### -helm3_version=3.12.1 +helm3_version=3.11.2 kubectl_version=1.17.8 kubectx_version=0.6.3 -kustomize5_version=5.1.0 +kustomize5_version=5.0.1 protoc_version=3.17.3 diff --git a/hack/update-supported-versions.sh b/hack/update-supported-versions.sh deleted file mode 100644 index f4f10aa31a007..0000000000000 --- a/hack/update-supported-versions.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/env bash - -out="| Argo CD version | Kubernetes versions |\n" -out+="|-----------------|---------------------|\n" - -argocd_minor_version=$(git rev-parse --abbrev-ref HEAD | sed 's/release-//') -argocd_major_version_num=$(echo "$argocd_minor_version" | sed -E 's/\.[0-9]+//') -argocd_minor_version_num=$(echo "$argocd_minor_version" | sed -E 's/[0-9]+\.//') - -for n in 0 1 2; do - minor_version_num=$((argocd_minor_version_num - n)) - minor_version="${argocd_major_version_num}.${minor_version_num}" - git checkout "release-$minor_version" > /dev/null || exit 1 - line=$(yq '.jobs["test-e2e"].strategy.matrix["k3s-version"][]' .github/workflows/ci-build.yaml | \ - jq --arg minor_version "$minor_version" --raw-input --slurp --raw-output \ - 'split("\n")[:-1] | map(sub("\\.[0-9]+$"; "")) | join(", ") | "| \($minor_version) | \(.) |"') - out+="$line\n" -done - -git checkout "release-$argocd_minor_version" - - -printf "$out" > docs/operator-manual/tested-kubernetes-versions.md diff --git a/manifests/base/application-controller/argocd-application-controller-statefulset.yaml b/manifests/base/application-controller/argocd-application-controller-statefulset.yaml index 270fa05bcc62e..d1a7991bd036b 100644 --- a/manifests/base/application-controller/argocd-application-controller-statefulset.yaml +++ b/manifests/base/application-controller/argocd-application-controller-statefulset.yaml @@ -143,12 +143,6 @@ spec: name: argocd-cmd-params-cm key: application.namespaces optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.sharding.algorithm - optional: true - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT valueFrom: configMapKeyRef: diff --git a/manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml b/manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml index ff7cf84c3e60a..de42229ba5df6 100644 --- a/manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml +++ b/manifests/base/applicationset-controller/argocd-applicationset-controller-deployment.yaml @@ -22,168 +22,107 @@ spec: imagePullPolicy: Always name: argocd-applicationset-controller ports: - - containerPort: 7000 - name: webhook - - containerPort: 8080 - name: metrics + - containerPort: 7000 + name: webhook + - containerPort: 8080 + name: metrics env: - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.leader.election - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER - valueFrom: - configMapKeyRef: - key: repo.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.policy - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.policy.override - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.debug - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.dryrun - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_MODULES_ENABLED - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.git.submodule - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.progressive.syncs - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.repo.server.plaintext - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.repo.server.strict.tls - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.repo.server.timeout.seconds - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.concurrent.reconciliations.max - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.allowed.scm.providers - optional: true + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.leader.election + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespace + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + key: repo.server + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.policy + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.debug + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.dryrun + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.progressive.syncs + name: argocd-cmd-params-cm + optional: true volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/gpg/source - name: gpg-keys - - mountPath: /app/config/gpg/keys - name: gpg-keyring - - mountPath: /tmp - name: tmp - - name: argocd-repo-server-tls - mountPath: /app/config/reposerver/tls + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/gpg/source + name: gpg-keys + - mountPath: /app/config/gpg/keys + name: gpg-keyring + - mountPath: /tmp + name: tmp securityContext: capabilities: drop: - - ALL + - ALL allowPrivilegeEscalation: false - readOnlyRootFilesystem: true + readOnlyRootFilesystem: true runAsNonRoot: true seccompProfile: type: RuntimeDefault serviceAccountName: argocd-applicationset-controller volumes: - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - configMap: - name: argocd-gpg-keys-cm - name: gpg-keys - - emptyDir: { } - name: gpg-keyring - - emptyDir: { } - name: tmp - - name: argocd-repo-server-tls - secret: - secretName: argocd-repo-server-tls - optional: true - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt + - configMap: + name: argocd-ssh-known-hosts-cm + name: ssh-known-hosts + - configMap: + name: argocd-tls-certs-cm + name: tls-certs + - configMap: + name: argocd-gpg-keys-cm + name: gpg-keys + - emptyDir: {} + name: gpg-keyring + - emptyDir: {} + name: tmp diff --git a/manifests/base/dex/argocd-dex-server-service.yaml b/manifests/base/dex/argocd-dex-server-service.yaml index cffbf006ae624..7aeabca1e674e 100644 --- a/manifests/base/dex/argocd-dex-server-service.yaml +++ b/manifests/base/dex/argocd-dex-server-service.yaml @@ -9,7 +9,6 @@ metadata: spec: ports: - name: http - appProtocol: TCP protocol: TCP port: 5556 targetPort: 5556 diff --git a/manifests/base/kustomization.yaml b/manifests/base/kustomization.yaml index e80274cddc620..831aa98172f47 100644 --- a/manifests/base/kustomization.yaml +++ b/manifests/base/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization images: - name: quay.io/argoproj/argocd newName: quay.io/argoproj/argocd - newTag: latest + newTag: v2.7.12 resources: - ./application-controller - ./dex diff --git a/manifests/base/notification/argocd-notifications-controller-deployment.yaml b/manifests/base/notification/argocd-notifications-controller-deployment.yaml index 8eab1f95570c5..d49e565e2acd1 100644 --- a/manifests/base/notification/argocd-notifications-controller-deployment.yaml +++ b/manifests/base/notification/argocd-notifications-controller-deployment.yaml @@ -35,19 +35,6 @@ spec: containers: - args: - /usr/local/bin/argocd-notifications - env: - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.level - name: argocd-cmd-params-cm - optional: true workingDir: /app livenessProbe: tcpSocket: diff --git a/manifests/base/redis/argocd-redis-deployment.yaml b/manifests/base/redis/argocd-redis-deployment.yaml index 8d649e3995ebc..f8d3fb206eb8e 100644 --- a/manifests/base/redis/argocd-redis-deployment.yaml +++ b/manifests/base/redis/argocd-redis-deployment.yaml @@ -33,7 +33,6 @@ spec: ports: - containerPort: 6379 securityContext: - readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: diff --git a/manifests/base/redis/argocd-redis-rolebinding.yaml b/manifests/base/redis/argocd-redis-rolebinding.yaml new file mode 100644 index 0000000000000..87caaa2cd6f57 --- /dev/null +++ b/manifests/base/redis/argocd-redis-rolebinding.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: redis + app.kubernetes.io/name: argocd-redis + app.kubernetes.io/part-of: argocd + name: argocd-redis +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-redis +subjects: +- kind: ServiceAccount + name: argocd-redis diff --git a/manifests/base/redis/kustomization.yaml b/manifests/base/redis/kustomization.yaml index 4a0b64c4da6a8..95553fe464753 100644 --- a/manifests/base/redis/kustomization.yaml +++ b/manifests/base/redis/kustomization.yaml @@ -3,6 +3,7 @@ kind: Kustomization resources: - argocd-redis-deployment.yaml +- argocd-redis-rolebinding.yaml - argocd-redis-sa.yaml - argocd-redis-service.yaml - argocd-redis-network-policy.yaml diff --git a/manifests/base/repo-server/argocd-repo-server-deployment.yaml b/manifests/base/repo-server/argocd-repo-server-deployment.yaml index 735f6436f6699..9ced79662dd25 100644 --- a/manifests/base/repo-server/argocd-repo-server-deployment.yaml +++ b/manifests/base/repo-server/argocd-repo-server-deployment.yaml @@ -48,18 +48,6 @@ spec: name: argocd-cmd-params-cm key: reposerver.parallelism.limit optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.listen.address - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.metrics.listen.address - optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: diff --git a/manifests/base/repo-server/argocd-repo-server-network-policy.yaml b/manifests/base/repo-server/argocd-repo-server-network-policy.yaml index 267dfa81adc49..2b3fb72b557b5 100644 --- a/manifests/base/repo-server/argocd-repo-server-network-policy.yaml +++ b/manifests/base/repo-server/argocd-repo-server-network-policy.yaml @@ -7,21 +7,18 @@ spec: matchLabels: app.kubernetes.io/name: argocd-repo-server policyTypes: - - Ingress + - Ingress ingress: - from: - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-notifications-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller + - podSelector: + matchLabels: + app.kubernetes.io/name: argocd-server + - podSelector: + matchLabels: + app.kubernetes.io/name: argocd-application-controller + - podSelector: + matchLabels: + app.kubernetes.io/name: argocd-notifications-controller ports: - protocol: TCP port: 8081 diff --git a/manifests/base/server/argocd-server-deployment.yaml b/manifests/base/server/argocd-server-deployment.yaml index 66c6ed384b1d2..6cfd2c1aa5522 100644 --- a/manifests/base/server/argocd-server-deployment.yaml +++ b/manifests/base/server/argocd-server-deployment.yaml @@ -197,18 +197,6 @@ spec: name: argocd-cmd-params-cm key: server.http.cookie.maxnumber optional: true - - name: ARGOCD_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.listen.address - optional: true - - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.metrics.listen.address - optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: diff --git a/manifests/core-install.yaml b/manifests/core-install.yaml index 0e919238d55a5..8f924d6578b98 100644 --- a/manifests/core-install.yaml +++ b/manifests/core-install.yaml @@ -287,15 +287,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -583,15 +576,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -787,8 +773,7 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. + cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace for the @@ -796,9 +781,8 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is not - set. + description: Server specifies the URL of the target cluster and + must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: @@ -998,15 +982,8 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1285,15 +1262,8 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1458,7 +1428,7 @@ spec: as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifies whether to revert resources + description: 'SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean @@ -1522,7 +1492,7 @@ spec: conditions items: description: ApplicationCondition contains details about an application - condition, which is usually an error or warning + condition, which is usally an error or warning properties: lastTransitionTime: description: LastTransitionTime is the time the condition was @@ -1541,10 +1511,6 @@ spec: - type type: object type: array - controllerNamespace: - description: ControllerNamespace indicates the namespace in which - the application controller is located - type: string health: description: Health contains information about the application's current health status @@ -1724,15 +1690,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2024,16 +1983,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2470,15 +2421,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over - Values, so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a - map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2786,15 +2730,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined - as a block. ValuesObject takes precedence - over Values, so use one or the other. + as a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as - a map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3004,19 +2941,6 @@ spec: syncResult: description: SyncResult is the result of a Sync operation properties: - managedNamespaceMetadata: - description: ManagedNamespaceMetadata contains the current - sync state of managed namespace metadata - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object resources: description: Resources contains a list of sync result items for each individual resource in a sync operation @@ -3219,16 +3143,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3531,15 +3447,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3796,8 +3705,7 @@ spec: properties: name: description: Name is an alternate way of specifying the - target cluster by its symbolic name. This must be set - if Server is not set. + target cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace @@ -3806,47 +3714,10 @@ spec: not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name - is not set. + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object - ignoreDifferences: - description: IgnoreDifferences is a reference to the application's - ignored differences used for comparison - items: - description: ResourceIgnoreDifferences contains resource - filter and list of json paths which should be ignored - during comparison with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted - managers. Fields mutated by those managers will take - precedence over the desired state defined in the SCM - and won't be displayed in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array source: description: Source is a reference to the application's source used for comparison @@ -3985,16 +3856,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4297,15 +4160,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4520,8 +4376,6 @@ spec: type: object spec: properties: - applyNestedSelectors: - type: boolean generators: items: properties: @@ -4717,9 +4571,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4897,9 +4748,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5236,9 +5084,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5416,9 +5261,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5759,9 +5601,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5939,9 +5778,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6086,10 +5922,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - repoURL - revision @@ -6262,9 +6094,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6442,9 +6271,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6789,9 +6615,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6969,9 +6792,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7308,9 +7128,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7488,9 +7305,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7831,9 +7645,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8011,9 +7822,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8158,10 +7966,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - repoURL - revision @@ -8334,9 +8138,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8514,9 +8315,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8668,21 +8466,123 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true - plugin: + pullRequest: properties: - configMapRef: + bitbucketServer: properties: - name: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: type: string required: - - name + - api + - project + - repo type: object - input: + filters: + items: + properties: + branchMatch: + type: string + type: object + type: array + gitea: properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName type: object + required: + - project type: object requeueAfterSeconds: format: int64 @@ -8847,9 +8747,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9027,9 +8924,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9174,30 +9068,39 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef type: object - pullRequest: + scmProvider: properties: - azuredevops: + azureDevOps: properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean api: type: string - labels: - items: - type: string - type: array organization: type: string - project: - type: string - repo: + teamProject: type: string - tokenRef: + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: properties: key: type: string @@ -9207,58 +9110,19 @@ spec: - key - secretName type: object + owner: + type: string + user: + type: string required: - - organization - - project - - repo + - appPasswordRef + - owner + - user type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: + bitbucketServer: properties: + allBranches: + type: boolean api: type: string basicAuth: @@ -9281,32 +9145,41 @@ spec: type: object project: type: string - repo: - type: string required: - api - project - - repo type: object + cloneProtocol: + type: string filters: items: properties: branchMatch: type: string - targetBranchMatch: + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: type: string type: object type: array gitea: properties: + allBranches: + type: boolean api: type: string insecure: type: boolean owner: type: string - repo: - type: string tokenRef: properties: key: @@ -9320,21 +9193,16 @@ spec: required: - api - owner - - repo type: object github: properties: + allBranches: + type: boolean api: type: string appSecretName: type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: + organization: type: string tokenRef: properties: @@ -9347,23 +9215,18 @@ spec: - secretName type: object required: - - owner - - repo + - organization type: object gitlab: properties: - api: - type: string - insecure: + allBranches: type: boolean - labels: - items: - type: string - type: array - project: + api: type: string - pullRequestState: + group: type: string + includeSubgroups: + type: boolean tokenRef: properties: key: @@ -9375,7 +9238,7 @@ spec: - secretName type: object required: - - project + - group type: object requeueAfterSeconds: format: int64 @@ -9540,9 +9403,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9720,9 +9580,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9868,266 +9725,420 @@ spec: - spec type: object type: object - scmProvider: + selector: properties: - awsCodeCommit: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: properties: - allBranches: - type: boolean - region: - type: string - role: + group: type: string - tagFilters: + jqPathExpressions: items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object + type: string type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: + jsonPointers: + items: + type: string + type: array + kind: type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: + managedFieldsManagers: + items: + type: string + type: array + name: type: string - user: + namespace: type: string required: - - appPasswordRef - - owner - - user + - kind type: object - bitbucketServer: + type: array + info: + items: properties: - allBranches: - type: boolean - api: + name: type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: + value: type: string required: - - api - - project + - name + - value type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: type: string - pathsDoNotExist: + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: items: - type: string + properties: + name: + type: string + path: + type: string + type: object type: array - pathsExist: + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: items: type: string type: array - repositoryMatch: + values: + type: string + version: type: string type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: + kustomize: + properties: + commonAnnotations: + additionalProperties: type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: type: string - namespace: + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: type: string - type: object - spec: - properties: - destination: + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true name: type: string - namespace: + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: type: string - server: + value: type: string + required: + - name + - value type: object - ignoreDifferences: - items: - properties: - group: + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + type: array + map: + additionalProperties: type: string - managedFieldsManagers: - items: - type: string - type: array + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: name: type: string - namespace: + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - kind + - count + - name type: object type: array - info: + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: items: properties: name: @@ -10139,221 +10150,410 @@ spec: - value type: object type: array - project: + name: type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: + parameters: + items: + properties: + array: + items: type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: + type: array + map: + additionalProperties: type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: type: string - repoURL: + namespace: type: string - targetRevision: + server: type: string - required: - - repoURL type: object - sources: + ignoreDifferences: items: properties: - chart: + group: type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array tlas: items: properties: @@ -10408,9 +10608,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10559,427 +10756,94 @@ spec: additionalProperties: type: string type: object + required: + - configMapRef type: object - selector: + clusters: properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: + selector: properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: + matchExpressions: items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: + key: + type: string + operator: + type: string + values: items: type: string type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array + required: + - key + - operator type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: + name: type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: + namespace: type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: + type: object + spec: + properties: + destination: properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true name: type: string - required: - - count - - name + namespace: + type: string + server: + type: string type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: + ignoreDifferences: items: properties: - name: + group: type: string - path: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean + managedFieldsManagers: + items: + type: string + type: array name: type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + namespace: type: string required: - - count - - name + - kind type: object type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: + info: items: properties: name: @@ -10991,212 +10855,20 @@ spec: - value type: object type: array - name: + project: type: string - parameters: - items: - properties: - array: - items: + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: + include: type: string jsonnet: properties: @@ -11272,9 +10944,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11452,9 +11121,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11603,34 +11269,38 @@ spec: additionalProperties: type: string type: object - required: - - configMapRef type: object - clusters: + git: properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: + directories: + items: + properties: + exclude: + type: boolean + path: type: string - type: object - type: object + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string template: properties: metadata: @@ -11791,9 +11461,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11971,9 +11638,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12039,1830 +11703,97 @@ spec: type: array name: type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object required: - - key - - secretName + - destination + - project type: object required: - - project + - metadata + - spec type: object - requeueAfterSeconds: - format: int64 - type: integer + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string template: properties: metadata: @@ -14023,9 +11954,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14203,9 +12131,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14350,81 +12275,17 @@ spec: - metadata - spec type: object + required: + - elements type: object - scmProvider: + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + pullRequest: properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object bitbucketServer: properties: - allBranches: - type: boolean api: type: string basicAuth: @@ -14447,41 +12308,30 @@ spec: type: object project: type: string + repo: + type: string required: - api - project + - repo type: object - cloneProtocol: - type: string filters: items: properties: branchMatch: type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string type: object type: array gitea: properties: - allBranches: - type: boolean api: type: string insecure: type: boolean owner: type: string + repo: + type: string tokenRef: properties: key: @@ -14495,16 +12345,21 @@ spec: required: - api - owner + - repo type: object github: properties: - allBranches: - type: boolean api: type: string appSecretName: type: string - organization: + labels: + items: + type: string + type: array + owner: + type: string + repo: type: string tokenRef: properties: @@ -14517,22 +12372,21 @@ spec: - secretName type: object required: - - organization + - owner + - repo type: object gitlab: properties: - allBranches: - type: boolean api: type: string - group: + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean tokenRef: properties: key: @@ -14543,10 +12397,8 @@ spec: - key - secretName type: object - topic: - type: string required: - - group + - project type: object requeueAfterSeconds: format: int64 @@ -14711,9 +12563,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14891,9 +12740,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -15031,557 +12877,699 @@ spec: type: array type: object required: - - destination - - project + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName type: object + owner: + type: string + user: + type: string required: - - metadata - - spec + - appPasswordRef + - owner + - user type: object - values: - additionalProperties: - type: string + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project type: object - type: object - selector: - properties: - matchExpressions: + cloneProtocol: + type: string + filters: items: properties: - key: + branchMatch: type: string - operator: + labelMatch: type: string - values: + pathsDoNotExist: items: type: string type: array - required: - - key - - operator + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string type: object type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: + gitea: properties: - group: + allBranches: + type: boolean + api: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + insecure: + type: boolean + owner: type: string - managedFieldsManagers: - items: - type: string - type: array - name: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: type: string - namespace: + appSecretName: + type: string + organization: type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object required: - - kind + - organization type: object - type: array - info: - items: + gitlab: properties: - name: + allBranches: + type: boolean + api: type: string - value: + group: type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object required: - - name - - value + - group type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: properties: - code: - type: boolean - name: + exclude: type: string - value: + include: type: string - required: - - name - - value + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: + helm: properties: - code: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: type: boolean - name: + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: type: string - value: + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: type: string - required: - - name - - value type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: type: string - value: + repoURL: + type: string + targetRevision: type: string required: - - name - - value + - repoURL type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: + sources: + items: + properties: + chart: type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: + directory: properties: - code: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: type: boolean - name: + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: type: string - value: + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: type: string - required: - - name - - value type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: + kustomize: properties: - code: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: type: boolean - name: + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: type: string - value: + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: type: string - required: - - name - - value type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string path: type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: + repoURL: type: string - value: + targetRevision: type: string required: - - name - - value + - repoURL type: object type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: type: string - type: object - type: array + type: array + type: object + required: + - destination + - project type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string required: - - repoURL + - metadata + - spec type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: + type: object + selector: + properties: + matchExpressions: + items: properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array template: properties: metadata: @@ -15742,9 +13730,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -15922,9 +13907,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16069,89 +14051,12 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - - configMapRef + - generators + - mergeKeys type: object pullRequest: properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object bitbucketServer: properties: api: @@ -16188,8 +14093,6 @@ spec: properties: branchMatch: type: string - targetBranchMatch: - type: string type: object type: array gitea: @@ -16249,8 +14152,6 @@ spec: properties: api: type: string - insecure: - type: boolean labels: items: type: string @@ -16435,9 +14336,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16615,9 +14513,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16765,26 +14660,6 @@ spec: type: object scmProvider: properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object azureDevOps: properties: accessTokenRef: @@ -16939,12 +14814,8 @@ spec: type: string group: type: string - includeSharedProjects: - type: boolean includeSubgroups: type: boolean - insecure: - type: boolean tokenRef: properties: key: @@ -16955,8 +14826,6 @@ spec: - key - secretName type: object - topic: - type: string required: - group type: object @@ -17123,9 +14992,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17303,9 +15169,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17450,10 +15313,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object type: object selector: properties: @@ -17482,10 +15341,6 @@ spec: type: array goTemplate: type: boolean - goTemplateOptions: - items: - type: string - type: array preservedFields: properties: annotations: @@ -17526,13 +15381,6 @@ spec: type: object syncPolicy: properties: - applicationsSync: - enum: - - create-only - - create-update - - create-delete - - sync - type: string preserveResourcesOnDeletion: type: boolean type: object @@ -17696,9 +15544,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17876,9 +15721,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -18171,8 +16013,7 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. + cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace for the @@ -18180,9 +16021,8 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is - not set. + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object type: array @@ -18600,6 +16440,22 @@ subjects: name: argocd-applicationset-controller --- apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: redis + app.kubernetes.io/name: argocd-redis + app.kubernetes.io/part-of: argocd + name: argocd-redis +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-redis +subjects: +- kind: ServiceAccount + name: argocd-redis +--- +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: @@ -18796,22 +16652,22 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE valueFrom: configMapKeyRef: - key: repo.server + key: applicationsetcontroller.namespace name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: - key: applicationsetcontroller.policy + key: repo.server name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY valueFrom: configMapKeyRef: - key: applicationsetcontroller.enable.policy.override + key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG @@ -18850,55 +16706,7 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.concurrent.reconciliations.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.allowed.scm.providers - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-applicationset-controller ports: @@ -18926,8 +16734,6 @@ spec: name: gpg-keyring - mountPath: /tmp name: tmp - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls serviceAccountName: argocd-applicationset-controller volumes: - configMap: @@ -18943,17 +16749,6 @@ spec: name: gpg-keyring - emptyDir: {} name: tmp - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls --- apiVersion: apps/v1 kind: Deployment @@ -19003,7 +16798,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true securityContext: runAsNonRoot: true runAsUser: 999 @@ -19072,18 +16866,6 @@ spec: key: reposerver.parallelism.limit name: argocd-cmd-params-cm optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: @@ -19186,7 +16968,7 @@ spec: value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -19238,7 +17020,7 @@ spec: - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 name: copyutil securityContext: allowPrivilegeEscalation: false @@ -19445,19 +17227,13 @@ spec: key: application.namespaces name: argocd-cmd-params-cm optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - key: controller.sharding.algorithm - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT valueFrom: configMapKeyRef: key: controller.kubectl.parallelism.limit name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-application-controller ports: @@ -19582,9 +17358,6 @@ spec: - podSelector: matchLabels: app.kubernetes.io/name: argocd-notifications-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller ports: - port: 8081 protocol: TCP diff --git a/manifests/core-install/kustomization.yaml b/manifests/core-install/kustomization.yaml index 07a82b3707700..0c6ec147f48d1 100644 --- a/manifests/core-install/kustomization.yaml +++ b/manifests/core-install/kustomization.yaml @@ -12,4 +12,4 @@ resources: images: - name: quay.io/argoproj/argocd newName: quay.io/argoproj/argocd - newTag: latest + newTag: v2.7.12 diff --git a/manifests/crds/application-crd.yaml b/manifests/crds/application-crd.yaml index 1248bd37b421b..d810e179e8448 100644 --- a/manifests/crds/application-crd.yaml +++ b/manifests/crds/application-crd.yaml @@ -286,15 +286,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -582,15 +575,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -786,8 +772,7 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. + cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace for the @@ -795,9 +780,8 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is not - set. + description: Server specifies the URL of the target cluster and + must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: @@ -997,15 +981,8 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1284,15 +1261,8 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1457,7 +1427,7 @@ spec: as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifies whether to revert resources + description: 'SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean @@ -1521,7 +1491,7 @@ spec: conditions items: description: ApplicationCondition contains details about an application - condition, which is usually an error or warning + condition, which is usally an error or warning properties: lastTransitionTime: description: LastTransitionTime is the time the condition was @@ -1540,10 +1510,6 @@ spec: - type type: object type: array - controllerNamespace: - description: ControllerNamespace indicates the namespace in which - the application controller is located - type: string health: description: Health contains information about the application's current health status @@ -1723,15 +1689,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2023,16 +1982,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2469,15 +2420,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over - Values, so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a - map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2785,15 +2729,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined - as a block. ValuesObject takes precedence - over Values, so use one or the other. + as a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as - a map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3003,19 +2940,6 @@ spec: syncResult: description: SyncResult is the result of a Sync operation properties: - managedNamespaceMetadata: - description: ManagedNamespaceMetadata contains the current - sync state of managed namespace metadata - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object resources: description: Resources contains a list of sync result items for each individual resource in a sync operation @@ -3218,16 +3142,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3530,15 +3446,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3795,8 +3704,7 @@ spec: properties: name: description: Name is an alternate way of specifying the - target cluster by its symbolic name. This must be set - if Server is not set. + target cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace @@ -3805,47 +3713,10 @@ spec: not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name - is not set. + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object - ignoreDifferences: - description: IgnoreDifferences is a reference to the application's - ignored differences used for comparison - items: - description: ResourceIgnoreDifferences contains resource - filter and list of json paths which should be ignored - during comparison with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted - managers. Fields mutated by those managers will take - precedence over the desired state defined in the SCM - and won't be displayed in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array source: description: Source is a reference to the application's source used for comparison @@ -3984,16 +3855,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4296,15 +4159,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") diff --git a/manifests/crds/applicationset-crd.yaml b/manifests/crds/applicationset-crd.yaml index f25019e24f2cb..dc3ce3a0602be 100644 --- a/manifests/crds/applicationset-crd.yaml +++ b/manifests/crds/applicationset-crd.yaml @@ -29,8 +29,6 @@ spec: type: object spec: properties: - applyNestedSelectors: - type: boolean generators: items: properties: @@ -226,9 +224,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -406,9 +401,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -745,9 +737,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -925,9 +914,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1268,9 +1254,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1448,9 +1431,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1595,10 +1575,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - repoURL - revision @@ -1771,9 +1747,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1951,9 +1924,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2298,9 +2268,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2478,9 +2445,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2817,9 +2781,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2997,9 +2958,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3340,9 +3298,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3520,9 +3475,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3667,10 +3619,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - repoURL - revision @@ -3843,9 +3791,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4023,9 +3968,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4177,21 +4119,123 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true - plugin: + pullRequest: properties: - configMapRef: + bitbucketServer: properties: - name: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: type: string required: - - name + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo type: object - input: + github: properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName type: object + required: + - project type: object requeueAfterSeconds: format: int64 @@ -4356,9 +4400,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4536,9 +4577,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4683,30 +4721,12 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef type: object - pullRequest: + scmProvider: properties: - azuredevops: + azureDevOps: properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: + accessTokenRef: properties: key: type: string @@ -4716,58 +4736,46 @@ spec: - key - secretName type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string required: + - accessTokenRef - organization - - project - - repo + - teamProject type: object bitbucket: properties: - api: - type: string - basicAuth: + allBranches: + type: boolean + appPasswordRef: properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: + key: + type: string + secretName: type: string required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef + - key + - secretName type: object owner: type: string - repo: + user: type: string required: + - appPasswordRef - owner - - repo + - user type: object bitbucketServer: properties: + allBranches: + type: boolean api: type: string basicAuth: @@ -4790,32 +4798,41 @@ spec: type: object project: type: string - repo: - type: string required: - api - project - - repo type: object + cloneProtocol: + type: string filters: items: properties: branchMatch: type: string - targetBranchMatch: + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: type: string type: object type: array gitea: properties: + allBranches: + type: boolean api: type: string insecure: type: boolean owner: type: string - repo: - type: string tokenRef: properties: key: @@ -4829,21 +4846,16 @@ spec: required: - api - owner - - repo type: object github: properties: + allBranches: + type: boolean api: type: string appSecretName: type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: + organization: type: string tokenRef: properties: @@ -4856,23 +4868,18 @@ spec: - secretName type: object required: - - owner - - repo + - organization type: object gitlab: properties: + allBranches: + type: boolean api: type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: + group: type: string + includeSubgroups: + type: boolean tokenRef: properties: key: @@ -4884,7 +4891,7 @@ spec: - secretName type: object required: - - project + - group type: object requeueAfterSeconds: format: int64 @@ -5049,9 +5056,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5229,9 +5233,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5377,1747 +5378,525 @@ spec: - spec type: object type: object - scmProvider: + selector: properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: + matchExpressions: items: properties: - branchMatch: + key: type: string - labelMatch: + operator: type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: + values: items: type: string type: array - repositoryMatch: - type: string + required: + - key + - operator type: object type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner + matchLabels: + additionalProperties: + type: string type: object - github: + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: properties: - allBranches: - type: boolean - api: + group: type: string - appSecretName: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: type: string - organization: + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object required: - - organization + - kind type: object - gitlab: + type: array + info: + items: properties: - allBranches: - type: boolean - api: - type: string - group: + name: type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: + value: type: string required: - - group + - name + - value type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string type: object - name: + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: type: string - namespace: + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: type: string - type: object - spec: - properties: - destination: + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true name: type: string - namespace: + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: type: string - server: + value: type: string + required: + - name + - value type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - value: + type: array + map: + additionalProperties: type: string - required: - - name - - value - type: object - type: array - project: + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: type: string - revisionHistoryLimit: - format: int64 - type: integer - source: + include: + type: string + jsonnet: properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: + extVars: + items: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean name: type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array + value: + type: string + required: + - name + - value type: object - ref: + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: type: string - repoURL: + path: type: string - targetRevision: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: type: string - type: array - type: object - required: - - destination - - project + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string + - repoURL type: object - required: - - configMapRef - type: object - clusters: + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: properties: - selector: + configMapRef: + type: string + labelSelector: properties: matchExpressions: items: @@ -7140,6 +5919,11 @@ spec: type: string type: object type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer template: properties: metadata: @@ -7300,9 +6084,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7480,9 +6261,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7631,38 +6409,34 @@ spec: additionalProperties: type: string type: object + required: + - configMapRef type: object - git: + clusters: properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string + type: object + type: object template: properties: metadata: @@ -7823,9 +6597,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8003,9 +6774,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8154,17 +6922,37 @@ spec: additionalProperties: type: string type: object - required: - - repoURL - - revision type: object - list: + git: properties: - elements: + directories: items: - x-kubernetes-preserve-unknown-fields: true + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object type: array - elementsYaml: + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: type: string template: properties: @@ -8326,9 +7114,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8506,9 +7291,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8654,31 +7436,17 @@ spec: - spec type: object required: - - elements + - repoURL + - revision type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: + list: properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string template: properties: metadata: @@ -8839,9 +7607,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9019,9 +7784,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9166,89 +7928,15 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - - configMapRef + - elements type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true pullRequest: properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object bitbucketServer: properties: api: @@ -9285,8 +7973,6 @@ spec: properties: branchMatch: type: string - targetBranchMatch: - type: string type: object type: array gitea: @@ -9346,8 +8032,6 @@ spec: properties: api: type: string - insecure: - type: boolean labels: items: type: string @@ -9532,9 +8216,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9712,9 +8393,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9857,31 +8535,11 @@ spec: type: object required: - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array + - spec type: object + type: object + scmProvider: + properties: azureDevOps: properties: accessTokenRef: @@ -10036,12 +8694,8 @@ spec: type: string group: type: string - includeSharedProjects: - type: boolean includeSubgroups: type: boolean - insecure: - type: boolean tokenRef: properties: key: @@ -10052,1045 +8706,523 @@ spec: - key - secretName type: object - topic: - type: string required: - group type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: type: string - repoURL: + namespace: type: string - targetRevision: + server: type: string - required: - - repoURL type: object - sources: + ignoreDifferences: items: properties: - chart: + group: type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: type: string - type: array - map: - additionalProperties: + value: type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: properties: - allowEmpty: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: type: boolean - prune: + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: type: boolean - selfHeal: + releaseName: + type: string + skipCrds: type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string type: object - managedNamespaceMetadata: + kustomize: properties: - annotations: + commonAnnotations: additionalProperties: type: string type: object - labels: + commonAnnotationsEnvsubst: + type: boolean + commonLabels: additionalProperties: type: string type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: + forceCommonAnnotations: type: boolean - name: + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: type: string - value: + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: type: string - required: - - name - - value type: object - type: array - libs: - items: + path: type: string - type: array - tlas: - items: + plugin: properties: - code: - type: boolean + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array name: type: string - value: - type: string - required: - - name - - value + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + ref: type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: + repoURL: type: string - value: + targetRevision: type: string required: - - name - - value + - repoURL type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: + sources: + items: + properties: + chart: type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: properties: - code: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: type: boolean - name: + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: type: string - value: + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: type: string - required: - - name - - value type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: + kustomize: properties: - code: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: type: boolean - name: + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: type: string - value: + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: type: string - required: - - name - - value type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string path: type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: + repoURL: type: string - value: + targetRevision: type: string required: - - name - - value + - repoURL type: object type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: type: string - type: object - type: array + type: array + type: object + required: + - destination + - project type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string required: - - repoURL + - metadata + - spec type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: + type: object + selector: + properties: + matchExpressions: + items: properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: + key: + type: string + operator: + type: string + values: + items: type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer + type: array + required: + - key + - operator type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array template: properties: metadata: @@ -11251,9 +9383,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11431,9 +9560,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11578,89 +9704,12 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - - configMapRef + - generators + - mergeKeys type: object pullRequest: properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object bitbucketServer: properties: api: @@ -11697,8 +9746,6 @@ spec: properties: branchMatch: type: string - targetBranchMatch: - type: string type: object type: array gitea: @@ -11758,8 +9805,6 @@ spec: properties: api: type: string - insecure: - type: boolean labels: items: type: string @@ -11944,9 +9989,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12124,9 +10166,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12274,26 +10313,6 @@ spec: type: object scmProvider: properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object azureDevOps: properties: accessTokenRef: @@ -12448,12 +10467,8 @@ spec: type: string group: type: string - includeSharedProjects: - type: boolean includeSubgroups: type: boolean - insecure: - type: boolean tokenRef: properties: key: @@ -12464,8 +10479,6 @@ spec: - key - secretName type: object - topic: - type: string required: - group type: object @@ -12632,9 +10645,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12812,9 +10822,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12959,10 +10966,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object type: object selector: properties: @@ -12991,10 +10994,6 @@ spec: type: array goTemplate: type: boolean - goTemplateOptions: - items: - type: string - type: array preservedFields: properties: annotations: @@ -13035,13 +11034,6 @@ spec: type: object syncPolicy: properties: - applicationsSync: - enum: - - create-only - - create-update - - create-delete - - sync - type: string preserveResourcesOnDeletion: type: boolean type: object @@ -13205,9 +11197,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -13385,9 +11374,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object diff --git a/manifests/crds/appproject-crd.yaml b/manifests/crds/appproject-crd.yaml index 989b3004892f6..335decfc564df 100644 --- a/manifests/crds/appproject-crd.yaml +++ b/manifests/crds/appproject-crd.yaml @@ -88,8 +88,7 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. + cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace for the @@ -97,9 +96,8 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is - not set. + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object type: array diff --git a/manifests/ha/base/kustomization.yaml b/manifests/ha/base/kustomization.yaml index ae40b96e8657e..07030e97fda77 100644 --- a/manifests/ha/base/kustomization.yaml +++ b/manifests/ha/base/kustomization.yaml @@ -12,7 +12,7 @@ patches: images: - name: quay.io/argoproj/argocd newName: quay.io/argoproj/argocd - newTag: latest + newTag: v2.7.12 resources: - ../../base/application-controller - ../../base/applicationset-controller diff --git a/manifests/ha/base/overlays/argocd-application-controller-statefulset.yaml b/manifests/ha/base/overlays/argocd-application-controller-statefulset.yaml index c288595170914..e077dbd97ef58 100644 --- a/manifests/ha/base/overlays/argocd-application-controller-statefulset.yaml +++ b/manifests/ha/base/overlays/argocd-application-controller-statefulset.yaml @@ -9,3 +9,9 @@ spec: - name: argocd-application-controller args: - /usr/local/bin/argocd-application-controller + env: + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server diff --git a/manifests/ha/base/overlays/argocd-repo-server-deployment.yaml b/manifests/ha/base/overlays/argocd-repo-server-deployment.yaml index b237cf6c13b24..e26bae4c8bc09 100644 --- a/manifests/ha/base/overlays/argocd-repo-server-deployment.yaml +++ b/manifests/ha/base/overlays/argocd-repo-server-deployment.yaml @@ -24,3 +24,9 @@ spec: - name: argocd-repo-server args: - /usr/local/bin/argocd-repo-server + env: + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server diff --git a/manifests/ha/base/overlays/argocd-server-deployment.yaml b/manifests/ha/base/overlays/argocd-server-deployment.yaml index 49eb31b1b0f29..351e6cbce76b8 100644 --- a/manifests/ha/base/overlays/argocd-server-deployment.yaml +++ b/manifests/ha/base/overlays/argocd-server-deployment.yaml @@ -25,5 +25,10 @@ spec: env: - name: ARGOCD_API_SERVER_REPLICAS value: '2' + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server args: - /usr/local/bin/argocd-server diff --git a/manifests/ha/base/redis-ha/overlays/deployment-containers-securityContext.yaml b/manifests/ha/base/redis-ha/overlays/deployment-containers-securityContext.yaml index 8ce2b23f876a2..812e97d8049cf 100644 --- a/manifests/ha/base/redis-ha/overlays/deployment-containers-securityContext.yaml +++ b/manifests/ha/base/redis-ha/overlays/deployment-containers-securityContext.yaml @@ -1,7 +1,6 @@ - op: add path: /spec/template/spec/initContainers/0/securityContext value: - readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: @@ -11,7 +10,6 @@ - op: add path: /spec/template/spec/containers/0/securityContext value: - readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: diff --git a/manifests/ha/base/redis-ha/overlays/statefulset-containers-securityContext.yaml b/manifests/ha/base/redis-ha/overlays/statefulset-containers-securityContext.yaml index 53b395e14da12..386b219575eb7 100644 --- a/manifests/ha/base/redis-ha/overlays/statefulset-containers-securityContext.yaml +++ b/manifests/ha/base/redis-ha/overlays/statefulset-containers-securityContext.yaml @@ -1,7 +1,6 @@ - op: add path: /spec/template/spec/initContainers/0/securityContext value: - readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: @@ -11,7 +10,6 @@ - op: add path: /spec/template/spec/containers/0/securityContext value: - readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: @@ -21,7 +19,6 @@ - op: add path: /spec/template/spec/containers/1/securityContext value: - readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: @@ -31,7 +28,6 @@ - op: add path: /spec/template/spec/containers/2/securityContext value: - readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: diff --git a/manifests/ha/install.yaml b/manifests/ha/install.yaml index c5f45e932a4eb..8e5168bc98840 100644 --- a/manifests/ha/install.yaml +++ b/manifests/ha/install.yaml @@ -287,15 +287,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -583,15 +576,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -787,8 +773,7 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. + cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace for the @@ -796,9 +781,8 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is not - set. + description: Server specifies the URL of the target cluster and + must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: @@ -998,15 +982,8 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1285,15 +1262,8 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1458,7 +1428,7 @@ spec: as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifies whether to revert resources + description: 'SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean @@ -1522,7 +1492,7 @@ spec: conditions items: description: ApplicationCondition contains details about an application - condition, which is usually an error or warning + condition, which is usally an error or warning properties: lastTransitionTime: description: LastTransitionTime is the time the condition was @@ -1541,10 +1511,6 @@ spec: - type type: object type: array - controllerNamespace: - description: ControllerNamespace indicates the namespace in which - the application controller is located - type: string health: description: Health contains information about the application's current health status @@ -1724,15 +1690,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2024,16 +1983,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2470,15 +2421,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over - Values, so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a - map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2786,15 +2730,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined - as a block. ValuesObject takes precedence - over Values, so use one or the other. + as a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as - a map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3004,19 +2941,6 @@ spec: syncResult: description: SyncResult is the result of a Sync operation properties: - managedNamespaceMetadata: - description: ManagedNamespaceMetadata contains the current - sync state of managed namespace metadata - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object resources: description: Resources contains a list of sync result items for each individual resource in a sync operation @@ -3219,16 +3143,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3531,15 +3447,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3796,8 +3705,7 @@ spec: properties: name: description: Name is an alternate way of specifying the - target cluster by its symbolic name. This must be set - if Server is not set. + target cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace @@ -3806,47 +3714,10 @@ spec: not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name - is not set. + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object - ignoreDifferences: - description: IgnoreDifferences is a reference to the application's - ignored differences used for comparison - items: - description: ResourceIgnoreDifferences contains resource - filter and list of json paths which should be ignored - during comparison with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted - managers. Fields mutated by those managers will take - precedence over the desired state defined in the SCM - and won't be displayed in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array source: description: Source is a reference to the application's source used for comparison @@ -3985,16 +3856,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4297,15 +4160,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4520,8 +4376,6 @@ spec: type: object spec: properties: - applyNestedSelectors: - type: boolean generators: items: properties: @@ -4717,9 +4571,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4897,9 +4748,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5236,9 +5084,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5416,9 +5261,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5759,9 +5601,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5939,9 +5778,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6086,10 +5922,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - repoURL - revision @@ -6262,9 +6094,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6442,9 +6271,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6789,9 +6615,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6969,9 +6792,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7308,9 +7128,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7488,9 +7305,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7831,9 +7645,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8011,9 +7822,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8158,10 +7966,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - repoURL - revision @@ -8334,9 +8138,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8514,9 +8315,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8668,21 +8466,123 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true - plugin: + pullRequest: properties: - configMapRef: + bitbucketServer: properties: - name: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: type: string required: - - name + - api + - project + - repo type: object - input: + filters: + items: + properties: + branchMatch: + type: string + type: object + type: array + gitea: properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName type: object + required: + - project type: object requeueAfterSeconds: format: int64 @@ -8847,9 +8747,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9027,9 +8924,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9174,30 +9068,39 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef type: object - pullRequest: + scmProvider: properties: - azuredevops: + azureDevOps: properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean api: type: string - labels: - items: - type: string - type: array organization: type: string - project: - type: string - repo: + teamProject: type: string - tokenRef: + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: properties: key: type: string @@ -9207,58 +9110,19 @@ spec: - key - secretName type: object + owner: + type: string + user: + type: string required: - - organization - - project - - repo + - appPasswordRef + - owner + - user type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: + bitbucketServer: properties: + allBranches: + type: boolean api: type: string basicAuth: @@ -9281,32 +9145,41 @@ spec: type: object project: type: string - repo: - type: string required: - api - project - - repo type: object + cloneProtocol: + type: string filters: items: properties: branchMatch: type: string - targetBranchMatch: + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: type: string type: object type: array gitea: properties: + allBranches: + type: boolean api: type: string insecure: type: boolean owner: type: string - repo: - type: string tokenRef: properties: key: @@ -9320,21 +9193,16 @@ spec: required: - api - owner - - repo type: object github: properties: + allBranches: + type: boolean api: type: string appSecretName: type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: + organization: type: string tokenRef: properties: @@ -9347,23 +9215,18 @@ spec: - secretName type: object required: - - owner - - repo + - organization type: object gitlab: properties: - api: - type: string - insecure: + allBranches: type: boolean - labels: - items: - type: string - type: array - project: + api: type: string - pullRequestState: + group: type: string + includeSubgroups: + type: boolean tokenRef: properties: key: @@ -9375,7 +9238,7 @@ spec: - secretName type: object required: - - project + - group type: object requeueAfterSeconds: format: int64 @@ -9540,9 +9403,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9720,9 +9580,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9868,266 +9725,420 @@ spec: - spec type: object type: object - scmProvider: + selector: properties: - awsCodeCommit: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: properties: - allBranches: - type: boolean - region: - type: string - role: + group: type: string - tagFilters: + jqPathExpressions: items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object + type: string type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: + jsonPointers: + items: + type: string + type: array + kind: type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: + managedFieldsManagers: + items: + type: string + type: array + name: type: string - user: + namespace: type: string required: - - appPasswordRef - - owner - - user + - kind type: object - bitbucketServer: + type: array + info: + items: properties: - allBranches: - type: boolean - api: + name: type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: + value: type: string required: - - api - - project + - name + - value type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: type: string - pathsDoNotExist: + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: items: - type: string + properties: + name: + type: string + path: + type: string + type: object type: array - pathsExist: + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: items: type: string type: array - repositoryMatch: + values: + type: string + version: type: string type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: + kustomize: + properties: + commonAnnotations: + additionalProperties: type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: type: string - namespace: + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: type: string - type: object - spec: - properties: - destination: + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true name: type: string - namespace: + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: type: string - server: + value: type: string + required: + - name + - value type: object - ignoreDifferences: - items: - properties: - group: + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + type: array + map: + additionalProperties: type: string - managedFieldsManagers: - items: - type: string - type: array + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: name: type: string - namespace: + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - kind + - count + - name type: object type: array - info: + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: items: properties: name: @@ -10139,2021 +10150,127 @@ spec: - value type: object type: array - project: + name: type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: + parameters: + items: + properties: + array: + items: type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: + type: array + map: + additionalProperties: type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array type: object - ref: - type: string - repoURL: + name: type: string - targetRevision: + string: type: string - required: - - repoURL type: object type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string + - repoURL type: object - type: object - git: - properties: - directories: - items: + type: array + syncPolicy: + properties: + automated: properties: - exclude: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: type: boolean - path: - type: string - required: - - path type: object - type: array - files: - items: + managedNamespaceMetadata: properties: - path: - type: string - required: - - path + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object - type: array - pathParamPrefix: + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: type: string - repoURL: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: type: string requeueAfterSeconds: format: int64 type: integer - revision: - type: string template: properties: metadata: @@ -12314,9 +10431,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12494,9 +10608,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12646,17 +10757,33 @@ spec: type: string type: object required: - - repoURL - - revision + - configMapRef type: object - list: + clusters: properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object template: properties: metadata: @@ -12817,9 +10944,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12997,9 +11121,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -13144,32 +11265,42 @@ spec: - metadata - spec type: object - required: - - elements + values: + additionalProperties: + type: string + type: object type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: + git: properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string requeueAfterSeconds: format: int64 type: integer + revision: + type: string template: properties: metadata: @@ -13330,9 +11461,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -13510,9 +11638,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -13603,266 +11728,72 @@ spec: targetRevision: type: string required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object required: - - key - - secretName + - destination + - project type: object required: - - project + - metadata + - spec type: object - requeueAfterSeconds: - format: int64 - type: integer + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string template: properties: metadata: @@ -14023,9 +11954,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14203,9 +12131,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14350,81 +12275,17 @@ spec: - metadata - spec type: object + required: + - elements type: object - scmProvider: + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + pullRequest: properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object bitbucketServer: properties: - allBranches: - type: boolean api: type: string basicAuth: @@ -14447,41 +12308,30 @@ spec: type: object project: type: string + repo: + type: string required: - api - project + - repo type: object - cloneProtocol: - type: string filters: items: properties: branchMatch: type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string type: object type: array gitea: properties: - allBranches: - type: boolean api: type: string insecure: type: boolean owner: type: string + repo: + type: string tokenRef: properties: key: @@ -14495,16 +12345,21 @@ spec: required: - api - owner + - repo type: object github: properties: - allBranches: - type: boolean api: type: string appSecretName: type: string - organization: + labels: + items: + type: string + type: array + owner: + type: string + repo: type: string tokenRef: properties: @@ -14517,22 +12372,21 @@ spec: - secretName type: object required: - - organization + - owner + - repo type: object gitlab: properties: - allBranches: - type: boolean api: type: string - group: + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean tokenRef: properties: key: @@ -14543,10 +12397,8 @@ spec: - key - secretName type: object - topic: - type: string required: - - group + - project type: object requeueAfterSeconds: format: int64 @@ -14711,9 +12563,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14891,9 +12740,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -15031,557 +12877,699 @@ spec: type: array type: object required: - - destination - - project + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username type: object + project: + type: string required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string + - api + - project type: object - type: object - selector: - properties: - matchExpressions: + cloneProtocol: + type: string + filters: items: properties: - key: + branchMatch: type: string - operator: + labelMatch: type: string - values: + pathsDoNotExist: items: type: string type: array - required: - - key - - operator + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string type: object type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: + gitea: properties: - group: + allBranches: + type: boolean + api: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + insecure: + type: boolean + owner: type: string - managedFieldsManagers: - items: - type: string - type: array - name: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: type: string - namespace: + appSecretName: + type: string + organization: type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object required: - - kind + - organization type: object - type: array - info: - items: + gitlab: properties: - name: + allBranches: + type: boolean + api: type: string - value: + group: type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object required: - - name - - value + - group type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: properties: - code: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: type: boolean - name: + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: type: string - value: + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: type: string - required: - - name - - value type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: + kustomize: properties: - code: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: type: boolean - name: + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: type: string - value: + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: type: string - required: - - name - - value type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string path: type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: + repoURL: type: string - value: + targetRevision: type: string required: - - name - - value + - repoURL type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: + sources: + items: + properties: + chart: type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: + directory: properties: - code: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: type: boolean - name: + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: type: string - value: + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: type: string - required: - - name - - value type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: + kustomize: properties: - code: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: type: boolean - name: + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: type: string - value: + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: type: string - required: - - name - - value type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string path: type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: + repoURL: type: string - value: + targetRevision: type: string required: - - name - - value + - repoURL type: object type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array template: properties: metadata: @@ -15742,9 +13730,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -15922,9 +13907,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16069,89 +14051,12 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - - configMapRef + - generators + - mergeKeys type: object pullRequest: properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object bitbucketServer: properties: api: @@ -16188,8 +14093,6 @@ spec: properties: branchMatch: type: string - targetBranchMatch: - type: string type: object type: array gitea: @@ -16249,8 +14152,6 @@ spec: properties: api: type: string - insecure: - type: boolean labels: items: type: string @@ -16435,9 +14336,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16615,9 +14513,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16765,26 +14660,6 @@ spec: type: object scmProvider: properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object azureDevOps: properties: accessTokenRef: @@ -16939,12 +14814,8 @@ spec: type: string group: type: string - includeSharedProjects: - type: boolean includeSubgroups: type: boolean - insecure: - type: boolean tokenRef: properties: key: @@ -16955,8 +14826,6 @@ spec: - key - secretName type: object - topic: - type: string required: - group type: object @@ -17123,9 +14992,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17303,9 +15169,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17450,10 +15313,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object type: object selector: properties: @@ -17482,10 +15341,6 @@ spec: type: array goTemplate: type: boolean - goTemplateOptions: - items: - type: string - type: array preservedFields: properties: annotations: @@ -17526,13 +15381,6 @@ spec: type: object syncPolicy: properties: - applicationsSync: - enum: - - create-only - - create-update - - create-delete - - sync - type: string preserveResourcesOnDeletion: type: boolean type: object @@ -17696,9 +15544,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17876,9 +15721,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -18171,8 +16013,7 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. + cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace for the @@ -18180,9 +16021,8 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is - not set. + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object type: array @@ -19775,8 +17615,7 @@ metadata: name: argocd-dex-server spec: ports: - - appProtocol: TCP - name: http + - name: http port: 5556 protocol: TCP targetPort: 5556 @@ -20034,22 +17873,22 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE valueFrom: configMapKeyRef: - key: repo.server + key: applicationsetcontroller.namespace name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: - key: applicationsetcontroller.policy + key: repo.server name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY valueFrom: configMapKeyRef: - key: applicationsetcontroller.enable.policy.override + key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG @@ -20088,55 +17927,7 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.concurrent.reconciliations.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.allowed.scm.providers - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-applicationset-controller ports: @@ -20164,8 +17955,6 @@ spec: name: gpg-keyring - mountPath: /tmp name: tmp - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls serviceAccountName: argocd-applicationset-controller volumes: - configMap: @@ -20181,17 +17970,6 @@ spec: name: gpg-keyring - emptyDir: {} name: tmp - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls --- apiVersion: apps/v1 kind: Deployment @@ -20259,7 +18037,7 @@ spec: - -n - /usr/local/bin/argocd - /shared/argocd-dex - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: copyutil securityContext: @@ -20316,20 +18094,7 @@ spec: containers: - args: - /usr/local/bin/argocd-notifications - env: - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.level - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: tcpSocket: @@ -20424,7 +18189,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -20445,7 +18209,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -20505,6 +18268,11 @@ spec: - args: - /usr/local/bin/argocd-repo-server env: + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + key: redis.server + name: argocd-cmd-params-cm - name: ARGOCD_RECONCILIATION_TIMEOUT valueFrom: configMapKeyRef: @@ -20529,18 +18297,6 @@ spec: key: reposerver.parallelism.limit name: argocd-cmd-params-cm optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: @@ -20643,7 +18399,7 @@ spec: value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -20695,7 +18451,7 @@ spec: - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 name: copyutil securityContext: allowPrivilegeEscalation: false @@ -20780,6 +18536,11 @@ spec: env: - name: ARGOCD_API_SERVER_REPLICAS value: "2" + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + key: redis.server + name: argocd-cmd-params-cm - name: ARGOCD_SERVER_INSECURE valueFrom: configMapKeyRef: @@ -20954,18 +18715,6 @@ spec: key: server.http.cookie.maxnumber name: argocd-cmd-params-cm optional: true - - name: ARGOCD_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: @@ -20984,7 +18733,7 @@ spec: key: server.enable.proxy.extension name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: httpGet: @@ -21096,6 +18845,11 @@ spec: - args: - /usr/local/bin/argocd-application-controller env: + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + key: redis.server + name: argocd-cmd-params-cm - name: ARGOCD_CONTROLLER_REPLICAS value: "1" - name: ARGOCD_RECONCILIATION_TIMEOUT @@ -21218,19 +18972,13 @@ spec: key: application.namespaces name: argocd-cmd-params-cm optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - key: controller.sharding.algorithm - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT valueFrom: configMapKeyRef: key: controller.kubectl.parallelism.limit name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-application-controller ports: @@ -21346,7 +19094,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -21395,7 +19142,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -21423,7 +19169,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -21452,7 +19197,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -21661,9 +19405,6 @@ spec: - podSelector: matchLabels: app.kubernetes.io/name: argocd-notifications-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller ports: - port: 8081 protocol: TCP diff --git a/manifests/ha/namespace-install.yaml b/manifests/ha/namespace-install.yaml index 03e2dd32f2395..76fd12503ffb1 100644 --- a/manifests/ha/namespace-install.yaml +++ b/manifests/ha/namespace-install.yaml @@ -1275,8 +1275,7 @@ metadata: name: argocd-dex-server spec: ports: - - appProtocol: TCP - name: http + - name: http port: 5556 protocol: TCP targetPort: 5556 @@ -1534,22 +1533,22 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE valueFrom: configMapKeyRef: - key: repo.server + key: applicationsetcontroller.namespace name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: - key: applicationsetcontroller.policy + key: repo.server name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY valueFrom: configMapKeyRef: - key: applicationsetcontroller.enable.policy.override + key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG @@ -1588,55 +1587,7 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.concurrent.reconciliations.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.allowed.scm.providers - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-applicationset-controller ports: @@ -1664,8 +1615,6 @@ spec: name: gpg-keyring - mountPath: /tmp name: tmp - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls serviceAccountName: argocd-applicationset-controller volumes: - configMap: @@ -1681,17 +1630,6 @@ spec: name: gpg-keyring - emptyDir: {} name: tmp - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls --- apiVersion: apps/v1 kind: Deployment @@ -1759,7 +1697,7 @@ spec: - -n - /usr/local/bin/argocd - /shared/argocd-dex - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: copyutil securityContext: @@ -1816,20 +1754,7 @@ spec: containers: - args: - /usr/local/bin/argocd-notifications - env: - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.level - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: tcpSocket: @@ -1924,7 +1849,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -1945,7 +1869,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -2005,6 +1928,11 @@ spec: - args: - /usr/local/bin/argocd-repo-server env: + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + key: redis.server + name: argocd-cmd-params-cm - name: ARGOCD_RECONCILIATION_TIMEOUT valueFrom: configMapKeyRef: @@ -2029,18 +1957,6 @@ spec: key: reposerver.parallelism.limit name: argocd-cmd-params-cm optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: @@ -2143,7 +2059,7 @@ spec: value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -2195,7 +2111,7 @@ spec: - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 name: copyutil securityContext: allowPrivilegeEscalation: false @@ -2280,6 +2196,11 @@ spec: env: - name: ARGOCD_API_SERVER_REPLICAS value: "2" + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + key: redis.server + name: argocd-cmd-params-cm - name: ARGOCD_SERVER_INSECURE valueFrom: configMapKeyRef: @@ -2454,18 +2375,6 @@ spec: key: server.http.cookie.maxnumber name: argocd-cmd-params-cm optional: true - - name: ARGOCD_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: @@ -2484,7 +2393,7 @@ spec: key: server.enable.proxy.extension name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: httpGet: @@ -2596,6 +2505,11 @@ spec: - args: - /usr/local/bin/argocd-application-controller env: + - name: ARGOCD_REDIS + valueFrom: + configMapKeyRef: + key: redis.server + name: argocd-cmd-params-cm - name: ARGOCD_CONTROLLER_REPLICAS value: "1" - name: ARGOCD_RECONCILIATION_TIMEOUT @@ -2718,19 +2632,13 @@ spec: key: application.namespaces name: argocd-cmd-params-cm optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - key: controller.sharding.algorithm - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT valueFrom: configMapKeyRef: key: controller.kubectl.parallelism.limit name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-application-controller ports: @@ -2846,7 +2754,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -2895,7 +2802,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -2923,7 +2829,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -2952,7 +2857,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault volumeMounts: @@ -3161,9 +3065,6 @@ spec: - podSelector: matchLabels: app.kubernetes.io/name: argocd-notifications-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller ports: - port: 8081 protocol: TCP diff --git a/manifests/install.yaml b/manifests/install.yaml index b48239ab5c714..8bbf138c4bd2b 100644 --- a/manifests/install.yaml +++ b/manifests/install.yaml @@ -287,15 +287,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -583,15 +576,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -787,8 +773,7 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. + cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace for the @@ -796,9 +781,8 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is not - set. + description: Server specifies the URL of the target cluster and + must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: @@ -998,15 +982,8 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1285,15 +1262,8 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1458,7 +1428,7 @@ spec: as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifies whether to revert resources + description: 'SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean @@ -1522,7 +1492,7 @@ spec: conditions items: description: ApplicationCondition contains details about an application - condition, which is usually an error or warning + condition, which is usally an error or warning properties: lastTransitionTime: description: LastTransitionTime is the time the condition was @@ -1541,10 +1511,6 @@ spec: - type type: object type: array - controllerNamespace: - description: ControllerNamespace indicates the namespace in which - the application controller is located - type: string health: description: Health contains information about the application's current health status @@ -1724,15 +1690,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2024,16 +1983,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2470,15 +2421,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over - Values, so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a - map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2786,15 +2730,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined - as a block. ValuesObject takes precedence - over Values, so use one or the other. + as a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as - a map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3004,19 +2941,6 @@ spec: syncResult: description: SyncResult is the result of a Sync operation properties: - managedNamespaceMetadata: - description: ManagedNamespaceMetadata contains the current - sync state of managed namespace metadata - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object resources: description: Resources contains a list of sync result items for each individual resource in a sync operation @@ -3219,16 +3143,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3531,15 +3447,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3796,8 +3705,7 @@ spec: properties: name: description: Name is an alternate way of specifying the - target cluster by its symbolic name. This must be set - if Server is not set. + target cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace @@ -3806,47 +3714,10 @@ spec: not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name - is not set. + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object - ignoreDifferences: - description: IgnoreDifferences is a reference to the application's - ignored differences used for comparison - items: - description: ResourceIgnoreDifferences contains resource - filter and list of json paths which should be ignored - during comparison with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted - managers. Fields mutated by those managers will take - precedence over the desired state defined in the SCM - and won't be displayed in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array source: description: Source is a reference to the application's source used for comparison @@ -3985,16 +3856,8 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. + to helm template, typically defined as a block type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4297,15 +4160,8 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. + a block type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4520,8 +4376,6 @@ spec: type: object spec: properties: - applyNestedSelectors: - type: boolean generators: items: properties: @@ -4717,9 +4571,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4897,9 +4748,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5236,9 +5084,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5416,9 +5261,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5759,9 +5601,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5939,9 +5778,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6086,10 +5922,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - repoURL - revision @@ -6262,9 +6094,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6442,9 +6271,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6789,9 +6615,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6969,9 +6792,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7308,9 +7128,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7488,9 +7305,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7831,9 +7645,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8011,9 +7822,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8158,10 +7966,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - repoURL - revision @@ -8334,9 +8138,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8514,9 +8315,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8668,21 +8466,123 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true - plugin: + pullRequest: properties: - configMapRef: + bitbucketServer: properties: - name: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: type: string required: - - name + - api + - project + - repo type: object - input: + filters: + items: + properties: + branchMatch: + type: string + type: object + type: array + gitea: properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName type: object + required: + - project type: object requeueAfterSeconds: format: int64 @@ -8847,9 +8747,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9027,9 +8924,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9174,30 +9068,39 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef type: object - pullRequest: + scmProvider: properties: - azuredevops: + azureDevOps: properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean api: type: string - labels: - items: - type: string - type: array organization: type: string - project: - type: string - repo: + teamProject: type: string - tokenRef: + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: properties: key: type: string @@ -9207,58 +9110,19 @@ spec: - key - secretName type: object + owner: + type: string + user: + type: string required: - - organization - - project - - repo + - appPasswordRef + - owner + - user type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: + bitbucketServer: properties: + allBranches: + type: boolean api: type: string basicAuth: @@ -9281,32 +9145,41 @@ spec: type: object project: type: string - repo: - type: string required: - api - project - - repo type: object + cloneProtocol: + type: string filters: items: properties: branchMatch: type: string - targetBranchMatch: + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: type: string type: object type: array gitea: properties: + allBranches: + type: boolean api: type: string insecure: type: boolean owner: type: string - repo: - type: string tokenRef: properties: key: @@ -9320,21 +9193,16 @@ spec: required: - api - owner - - repo type: object github: properties: + allBranches: + type: boolean api: type: string appSecretName: type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: + organization: type: string tokenRef: properties: @@ -9347,23 +9215,18 @@ spec: - secretName type: object required: - - owner - - repo + - organization type: object gitlab: properties: - api: - type: string - insecure: + allBranches: type: boolean - labels: - items: - type: string - type: array - project: + api: type: string - pullRequestState: + group: type: string + includeSubgroups: + type: boolean tokenRef: properties: key: @@ -9375,7 +9238,7 @@ spec: - secretName type: object required: - - project + - group type: object requeueAfterSeconds: format: int64 @@ -9540,9 +9403,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9720,9 +9580,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9868,266 +9725,420 @@ spec: - spec type: object type: object - scmProvider: + selector: properties: - awsCodeCommit: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: properties: - allBranches: - type: boolean - region: - type: string - role: + group: type: string - tagFilters: + jqPathExpressions: items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object + type: string type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: + jsonPointers: + items: + type: string + type: array + kind: type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: + managedFieldsManagers: + items: + type: string + type: array + name: type: string - user: + namespace: type: string required: - - appPasswordRef - - owner - - user + - kind type: object - bitbucketServer: + type: array + info: + items: properties: - allBranches: - type: boolean - api: + name: type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: + value: type: string required: - - api - - project + - name + - value type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: type: string - pathsDoNotExist: + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: items: - type: string + properties: + name: + type: string + path: + type: string + type: object type: array - pathsExist: + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: items: type: string type: array - repositoryMatch: + values: + type: string + version: type: string type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: + kustomize: + properties: + commonAnnotations: + additionalProperties: type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: type: string - namespace: + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: type: string - type: object - spec: - properties: - destination: + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true name: type: string - namespace: + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: type: string - server: + value: type: string + required: + - name + - value type: object - ignoreDifferences: - items: - properties: - group: + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + type: array + map: + additionalProperties: type: string - managedFieldsManagers: - items: - type: string - type: array + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: name: type: string - namespace: + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - kind + - count + - name type: object type: array - info: + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: items: properties: name: @@ -10139,2021 +10150,127 @@ spec: - value type: object type: array - project: + name: type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: + parameters: + items: + properties: + array: + items: type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: + type: array + map: + additionalProperties: type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array type: object - ref: - type: string - repoURL: + name: type: string - targetRevision: + string: type: string - required: - - repoURL type: object type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string + - repoURL type: object - type: object - git: - properties: - directories: - items: + type: array + syncPolicy: + properties: + automated: properties: - exclude: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: type: boolean - path: - type: string - required: - - path type: object - type: array - files: - items: + managedNamespaceMetadata: properties: - path: - type: string - required: - - path + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object type: object - type: array - pathParamPrefix: + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: type: string - repoURL: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: type: string requeueAfterSeconds: format: int64 type: integer - revision: - type: string template: properties: metadata: @@ -12314,9 +10431,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12494,9 +10608,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12646,17 +10757,33 @@ spec: type: string type: object required: - - repoURL - - revision + - configMapRef type: object - list: + clusters: properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object template: properties: metadata: @@ -12817,9 +10944,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -12997,9 +11121,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -13144,32 +11265,42 @@ spec: - metadata - spec type: object - required: - - elements + values: + additionalProperties: + type: string + type: object type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: + git: properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string requeueAfterSeconds: format: int64 type: integer + revision: + type: string template: properties: metadata: @@ -13330,9 +11461,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -13510,9 +11638,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -13604,265 +11729,71 @@ spec: type: string required: - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object required: - - key - - secretName + - destination + - project type: object required: - - project + - metadata + - spec type: object - requeueAfterSeconds: - format: int64 - type: integer + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string template: properties: metadata: @@ -14023,9 +11954,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14203,9 +12131,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14350,81 +12275,17 @@ spec: - metadata - spec type: object + required: + - elements type: object - scmProvider: + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + pullRequest: properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object bitbucketServer: properties: - allBranches: - type: boolean api: type: string basicAuth: @@ -14447,41 +12308,30 @@ spec: type: object project: type: string + repo: + type: string required: - api - project + - repo type: object - cloneProtocol: - type: string filters: items: properties: branchMatch: type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string type: object type: array gitea: properties: - allBranches: - type: boolean api: type: string insecure: type: boolean owner: type: string + repo: + type: string tokenRef: properties: key: @@ -14495,16 +12345,21 @@ spec: required: - api - owner + - repo type: object github: properties: - allBranches: - type: boolean api: type: string appSecretName: type: string - organization: + labels: + items: + type: string + type: array + owner: + type: string + repo: type: string tokenRef: properties: @@ -14517,22 +12372,21 @@ spec: - secretName type: object required: - - organization + - owner + - repo type: object gitlab: properties: - allBranches: - type: boolean api: type: string - group: + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean tokenRef: properties: key: @@ -14543,10 +12397,8 @@ spec: - key - secretName type: object - topic: - type: string required: - - group + - project type: object requeueAfterSeconds: format: int64 @@ -14711,9 +12563,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -14891,9 +12740,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -15031,557 +12877,699 @@ spec: type: array type: object required: - - destination - - project + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username type: object + project: + type: string required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string + - api + - project type: object - type: object - selector: - properties: - matchExpressions: + cloneProtocol: + type: string + filters: items: properties: - key: + branchMatch: type: string - operator: + labelMatch: type: string - values: + pathsDoNotExist: items: type: string type: array - required: - - key - - operator + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string type: object type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: + gitea: properties: - group: + allBranches: + type: boolean + api: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + insecure: + type: boolean + owner: type: string - managedFieldsManagers: - items: - type: string - type: array - name: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: type: string - namespace: + appSecretName: + type: string + organization: type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object required: - - kind + - organization type: object - type: array - info: - items: + gitlab: properties: - name: + allBranches: + type: boolean + api: type: string - value: + group: type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object required: - - name - - value + - group type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: properties: - code: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: type: boolean - name: + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: type: string - value: + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: type: string - required: - - name - - value type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: + kustomize: properties: - code: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: type: boolean - name: + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: type: string - value: + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: type: string - required: - - name - - value type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string path: type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: + repoURL: type: string - value: + targetRevision: type: string required: - - name - - value + - repoURL type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: + sources: + items: + properties: + chart: type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: + directory: properties: - code: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: type: boolean - name: + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: type: string - value: + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: type: string - required: - - name - - value type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: + kustomize: properties: - code: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: type: boolean - name: + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: type: string - value: + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: type: string - required: - - name - - value type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: + path: type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: + repoURL: type: string - value: + targetRevision: type: string required: - - name - - value + - repoURL type: object type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array template: properties: metadata: @@ -15742,9 +13730,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -15922,9 +13907,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16069,89 +14051,12 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object required: - - configMapRef + - generators + - mergeKeys type: object pullRequest: properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object bitbucketServer: properties: api: @@ -16188,8 +14093,6 @@ spec: properties: branchMatch: type: string - targetBranchMatch: - type: string type: object type: array gitea: @@ -16249,8 +14152,6 @@ spec: properties: api: type: string - insecure: - type: boolean labels: items: type: string @@ -16435,9 +14336,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16615,9 +14513,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -16765,26 +14660,6 @@ spec: type: object scmProvider: properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object azureDevOps: properties: accessTokenRef: @@ -16939,12 +14814,8 @@ spec: type: string group: type: string - includeSharedProjects: - type: boolean includeSubgroups: type: boolean - insecure: - type: boolean tokenRef: properties: key: @@ -16955,8 +14826,6 @@ spec: - key - secretName type: object - topic: - type: string required: - group type: object @@ -17123,9 +14992,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17303,9 +15169,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17450,10 +15313,6 @@ spec: - metadata - spec type: object - values: - additionalProperties: - type: string - type: object type: object selector: properties: @@ -17482,10 +15341,6 @@ spec: type: array goTemplate: type: boolean - goTemplateOptions: - items: - type: string - type: array preservedFields: properties: annotations: @@ -17526,13 +15381,6 @@ spec: type: object syncPolicy: properties: - applicationsSync: - enum: - - create-only - - create-update - - create-delete - - sync - type: string preserveResourcesOnDeletion: type: boolean type: object @@ -17696,9 +15544,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -17876,9 +15721,6 @@ spec: type: array values: type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -18171,8 +16013,7 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. + cluster by its symbolic name type: string namespace: description: Namespace specifies the target namespace for the @@ -18180,9 +16021,8 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is - not set. + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object type: array @@ -18807,6 +16647,22 @@ subjects: --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: redis + app.kubernetes.io/name: argocd-redis + app.kubernetes.io/part-of: argocd + name: argocd-redis +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-redis +subjects: +- kind: ServiceAccount + name: argocd-redis +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding metadata: labels: app.kubernetes.io/component: server @@ -18979,8 +16835,7 @@ metadata: name: argocd-dex-server spec: ports: - - appProtocol: TCP - name: http + - name: http port: 5556 protocol: TCP targetPort: 5556 @@ -19135,22 +16990,22 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE valueFrom: configMapKeyRef: - key: repo.server + key: applicationsetcontroller.namespace name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: - key: applicationsetcontroller.policy + key: repo.server name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY valueFrom: configMapKeyRef: - key: applicationsetcontroller.enable.policy.override + key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG @@ -19189,55 +17044,7 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.concurrent.reconciliations.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.allowed.scm.providers - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-applicationset-controller ports: @@ -19265,8 +17072,6 @@ spec: name: gpg-keyring - mountPath: /tmp name: tmp - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls serviceAccountName: argocd-applicationset-controller volumes: - configMap: @@ -19282,17 +17087,6 @@ spec: name: gpg-keyring - emptyDir: {} name: tmp - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls --- apiVersion: apps/v1 kind: Deployment @@ -19360,7 +17154,7 @@ spec: - -n - /usr/local/bin/argocd - /shared/argocd-dex - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: copyutil securityContext: @@ -19417,20 +17211,7 @@ spec: containers: - args: - /usr/local/bin/argocd-notifications - env: - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.level - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: tcpSocket: @@ -19517,7 +17298,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true securityContext: runAsNonRoot: true runAsUser: 999 @@ -19586,18 +17366,6 @@ spec: key: reposerver.parallelism.limit name: argocd-cmd-params-cm optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: @@ -19700,7 +17468,7 @@ spec: value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -19752,7 +17520,7 @@ spec: - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 name: copyutil securityContext: allowPrivilegeEscalation: false @@ -20009,18 +17777,6 @@ spec: key: server.http.cookie.maxnumber name: argocd-cmd-params-cm optional: true - - name: ARGOCD_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: @@ -20039,7 +17795,7 @@ spec: key: server.enable.proxy.extension name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: httpGet: @@ -20273,19 +18029,13 @@ spec: key: application.namespaces name: argocd-cmd-params-cm optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - key: controller.sharding.algorithm - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT valueFrom: configMapKeyRef: key: controller.kubectl.parallelism.limit name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-application-controller ports: @@ -20457,9 +18207,6 @@ spec: - podSelector: matchLabels: app.kubernetes.io/name: argocd-notifications-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller ports: - port: 8081 protocol: TCP diff --git a/manifests/namespace-install.yaml b/manifests/namespace-install.yaml index ac244c7ccfe1d..ba41d0977a0bc 100644 --- a/manifests/namespace-install.yaml +++ b/manifests/namespace-install.yaml @@ -341,6 +341,22 @@ subjects: --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: redis + app.kubernetes.io/name: argocd-redis + app.kubernetes.io/part-of: argocd + name: argocd-redis +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-redis +subjects: +- kind: ServiceAccount + name: argocd-redis +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding metadata: labels: app.kubernetes.io/component: server @@ -479,8 +495,7 @@ metadata: name: argocd-dex-server spec: ports: - - appProtocol: TCP - name: http + - name: http port: 5556 protocol: TCP targetPort: 5556 @@ -635,22 +650,22 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE valueFrom: configMapKeyRef: - key: repo.server + key: applicationsetcontroller.namespace name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: - key: applicationsetcontroller.policy + key: repo.server name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY valueFrom: configMapKeyRef: - key: applicationsetcontroller.enable.policy.override + key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG @@ -689,55 +704,7 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.concurrent.reconciliations.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.allowed.scm.providers - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-applicationset-controller ports: @@ -765,8 +732,6 @@ spec: name: gpg-keyring - mountPath: /tmp name: tmp - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls serviceAccountName: argocd-applicationset-controller volumes: - configMap: @@ -782,17 +747,6 @@ spec: name: gpg-keyring - emptyDir: {} name: tmp - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls --- apiVersion: apps/v1 kind: Deployment @@ -860,7 +814,7 @@ spec: - -n - /usr/local/bin/argocd - /shared/argocd-dex - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: copyutil securityContext: @@ -917,20 +871,7 @@ spec: containers: - args: - /usr/local/bin/argocd-notifications - env: - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.level - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: tcpSocket: @@ -1017,7 +958,6 @@ spec: capabilities: drop: - ALL - readOnlyRootFilesystem: true securityContext: runAsNonRoot: true runAsUser: 999 @@ -1086,18 +1026,6 @@ spec: key: reposerver.parallelism.limit name: argocd-cmd-params-cm optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: @@ -1200,7 +1128,7 @@ spec: value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -1252,7 +1180,7 @@ spec: - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 name: copyutil securityContext: allowPrivilegeEscalation: false @@ -1509,18 +1437,6 @@ spec: key: server.http.cookie.maxnumber name: argocd-cmd-params-cm optional: true - - name: ARGOCD_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: @@ -1539,7 +1455,7 @@ spec: key: server.enable.proxy.extension name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always livenessProbe: httpGet: @@ -1773,19 +1689,13 @@ spec: key: application.namespaces name: argocd-cmd-params-cm optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - key: controller.sharding.algorithm - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT valueFrom: configMapKeyRef: key: controller.kubectl.parallelism.limit name: argocd-cmd-params-cm optional: true - image: quay.io/argoproj/argocd:latest + image: quay.io/argoproj/argocd:v2.7.12 imagePullPolicy: Always name: argocd-application-controller ports: @@ -1957,9 +1867,6 @@ spec: - podSelector: matchLabels: app.kubernetes.io/name: argocd-notifications-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller ports: - port: 8081 protocol: TCP diff --git a/mkdocs.yml b/mkdocs.yml index 74cfd89556512..99938c9f659f6 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -8,8 +8,7 @@ extra_javascript: - assets/versions.js markdown_extensions: - markdown_include.include -- codehilite: - css_class: highlight +- codehilite - admonition - toc: permalink: true @@ -22,7 +21,6 @@ nav: - operator-manual/index.md - operator-manual/architecture.md - operator-manual/installation.md - - operator-manual/core.md - operator-manual/declarative-setup.md - operator-manual/app-any-namespace.md - operator-manual/ingress.md @@ -43,9 +41,8 @@ nav: - operator-manual/tls.md - operator-manual/cluster-bootstrapping.md - operator-manual/secret-management.md - - operator-manual/disaster_recovery.md - operator-manual/high_availability.md - - operator-manual/reconcile.md + - operator-manual/disaster_recovery.md - operator-manual/webhook.md - operator-manual/health.md - operator-manual/resource_actions.md @@ -78,7 +75,6 @@ nav: - operator-manual/notifications/services/opsgenie.md - operator-manual/notifications/services/overview.md - operator-manual/notifications/services/pagerduty.md - - operator-manual/notifications/services/pagerduty_v2.md - operator-manual/notifications/services/pushover.md - operator-manual/notifications/services/rocketchat.md - operator-manual/notifications/services/slack.md @@ -104,16 +100,12 @@ nav: - operator-manual/applicationset/Generators-Cluster-Decision-Resource.md - operator-manual/applicationset/Generators-Pull-Request.md - operator-manual/applicationset/Generators-Post-Selector.md - - operator-manual/applicationset/Generators-Plugin.md - Template fields: - operator-manual/applicationset/Template.md - operator-manual/applicationset/GoTemplate.md - Controlling Resource Modification: operator-manual/applicationset/Controlling-Resource-Modification.md - Application Pruning & Resource Deletion: operator-manual/applicationset/Application-Deletion.md - Progressive Syncs: operator-manual/applicationset/Progressive-Syncs.md - - Git File Generator Globbing: operator-manual/applicationset/Generators-Git-File-Globbing.md - - ApplicationSet Specification Reference: operator-manual/applicationset/applicationset-specification.md - - ApplicationSet in any namespace: operator-manual/applicationset/Appset-Any-Namespace.md - Server Configuration Parameters: - operator-manual/server-commands/argocd-server.md - operator-manual/server-commands/argocd-application-controller.md @@ -122,7 +114,6 @@ nav: - operator-manual/server-commands/additional-configuration-method.md - Upgrading: - operator-manual/upgrading/overview.md - - operator-manual/upgrading/2.7-2.8.md - operator-manual/upgrading/2.6-2.7.md - operator-manual/upgrading/2.5-2.6.md - operator-manual/upgrading/2.4-2.5.md @@ -139,7 +130,6 @@ nav: - operator-manual/upgrading/1.2-1.3.md - operator-manual/upgrading/1.1-1.2.md - operator-manual/upgrading/1.0-1.1.md - - Project Specification Reference: operator-manual/project-specification.md - User Guide: - user-guide/index.md - user-guide/application_sources.md @@ -179,12 +169,10 @@ nav: - Notification subscriptions: user-guide/subscriptions.md - user-guide/annotations-and-labels.md - Command Reference: user-guide/commands/argocd.md - - Application Specification Reference: user-guide/application-specification.md - Developer Guide: - developer-guide/index.md - Architecture: - developer-guide/architecture/authz-authn.md - - developer-guide/architecture/components.md - Code Contribution Guide: developer-guide/code-contributions.md - Toolchain Guide: developer-guide/toolchain-guide.md - developer-guide/contributors-quickstart.md diff --git a/notification_controller/controller/controller_test.go b/notification_controller/controller/controller_test.go deleted file mode 100644 index fdbd683722279..0000000000000 --- a/notification_controller/controller/controller_test.go +++ /dev/null @@ -1,166 +0,0 @@ -package controller - -import ( - "context" - "testing" - "time" - - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - "github.com/sirupsen/logrus/hooks/test" - "github.com/stretchr/testify/assert" - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/client-go/dynamic/fake" - k8sfake "k8s.io/client-go/kubernetes/fake" - "k8s.io/client-go/tools/cache" -) - -func TestIsAppSyncStatusRefreshed(t *testing.T) { - logger, _ := test.NewNullLogger() - logEntry := logger.WithField("", "") - - tests := []struct { - name string - app *unstructured.Unstructured - expectedValue bool - }{ - { - name: "No OperationState", - app: &unstructured.Unstructured{ - Object: map[string]interface{}{ - "status": map[string]interface{}{}, - }, - }, - expectedValue: true, - }, - { - name: "No FinishedAt, Completed Phase", - app: &unstructured.Unstructured{ - Object: map[string]interface{}{ - "status": map[string]interface{}{ - "operationState": map[string]interface{}{ - "phase": "Succeeded", - }, - }, - }, - }, - expectedValue: false, - }, - { - name: "FinishedAt After ReconciledAt & ObservedAt", - app: &unstructured.Unstructured{ - Object: map[string]interface{}{ - "status": map[string]interface{}{ - "operationState": map[string]interface{}{ - "finishedAt": "2021-01-01T01:05:00Z", - "phase": "Succeeded", - }, - "reconciledAt": "2021-01-01T01:02:00Z", - "observedAt": "2021-01-01T01:04:00Z", - }, - }, - }, - expectedValue: false, - }, - { - name: "FinishedAt Before ReconciledAt & ObservedAt", - app: &unstructured.Unstructured{ - Object: map[string]interface{}{ - "status": map[string]interface{}{ - "operationState": map[string]interface{}{ - "finishedAt": "2021-01-01T01:02:00Z", - "phase": "Succeeded", - }, - "reconciledAt": "2021-01-01T01:04:00Z", - "observedAt": "2021-01-01T01:06:00Z", - }, - }, - }, - expectedValue: true, - }, - } - - for _, test := range tests { - t.Run(test.name, func(t *testing.T) { - actualValue := isAppSyncStatusRefreshed(test.app, logEntry) - assert.Equal(t, test.expectedValue, actualValue) - }) - } -} - -func TestGetAppProj_invalidProjectNestedString(t *testing.T) { - app := &unstructured.Unstructured{ - Object: map[string]interface{}{ - "spec": map[string]interface{}{}, - }, - } - informer := cache.NewSharedIndexInformer(nil, nil, 0, nil) - proj := getAppProj(app, informer) - - assert.Nil(t, proj) -} - -func TestInit(t *testing.T) { - scheme := runtime.NewScheme() - err := v1alpha1.SchemeBuilder.AddToScheme(scheme) - if err != nil { - t.Fatalf("Error registering the resource: %v", err) - } - dynamicClient := fake.NewSimpleDynamicClient(scheme) - k8sClient := k8sfake.NewSimpleClientset() - appLabelSelector := "app=test" - - nc := NewController( - k8sClient, - dynamicClient, - nil, - "default", - appLabelSelector, - nil, - "my-secret", - "my-configmap", - ) - - assert.NotNil(t, nc) - - ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) - defer cancel() - - err = nc.Init(ctx) - - assert.NoError(t, err) -} - -func TestInitTimeout(t *testing.T) { - scheme := runtime.NewScheme() - err := v1alpha1.SchemeBuilder.AddToScheme(scheme) - if err != nil { - t.Fatalf("Error registering the resource: %v", err) - } - dynamicClient := fake.NewSimpleDynamicClient(scheme) - k8sClient := k8sfake.NewSimpleClientset() - appLabelSelector := "app=test" - - nc := NewController( - k8sClient, - dynamicClient, - nil, - "default", - appLabelSelector, - nil, - "my-secret", - "my-configmap", - ) - - assert.NotNil(t, nc) - - // Use a short timeout to simulate a timeout during cache synchronization - ctx, cancel := context.WithTimeout(context.Background(), 1*time.Millisecond) - defer cancel() - - err = nc.Init(ctx) - - // Expect an error & add assertion for the error message - assert.Error(t, err) - assert.Equal(t, "Timed out waiting for caches to sync", err.Error()) -} diff --git a/notifications_catalog/install.yaml b/notifications_catalog/install.yaml index e601615bac73f..d399dcf7a3fbd 100644 --- a/notifications_catalog/install.yaml +++ b/notifications_catalog/install.yaml @@ -513,13 +513,12 @@ data: - description: Application syncing has failed send: - app-sync-failed - when: app.status.operationState != nil and app.status.operationState.phase in ['Error', - 'Failed'] + when: app.status.operationState.phase in ['Error', 'Failed'] trigger.on-sync-running: | - description: Application is being synced send: - app-sync-running - when: app.status.operationState != nil and app.status.operationState.phase in ['Running'] + when: app.status.operationState.phase in ['Running'] trigger.on-sync-status-unknown: | - description: Application status is 'Unknown' send: @@ -529,7 +528,7 @@ data: - description: Application syncing has succeeded send: - app-sync-succeeded - when: app.status.operationState != nil and app.status.operationState.phase in ['Succeeded'] + when: app.status.operationState.phase in ['Succeeded'] kind: ConfigMap metadata: creationTimestamp: null diff --git a/notifications_catalog/triggers/on-sync-failed.yaml b/notifications_catalog/triggers/on-sync-failed.yaml index b19afc561b0d5..888a007f39247 100644 --- a/notifications_catalog/triggers/on-sync-failed.yaml +++ b/notifications_catalog/triggers/on-sync-failed.yaml @@ -1,3 +1,3 @@ -- when: app.status.operationState != nil and app.status.operationState.phase in ['Error', 'Failed'] +- when: app.status.operationState.phase in ['Error', 'Failed'] description: Application syncing has failed send: [app-sync-failed] diff --git a/notifications_catalog/triggers/on-sync-running.yaml b/notifications_catalog/triggers/on-sync-running.yaml index 8ed62c9bf9fe5..005d06177051e 100644 --- a/notifications_catalog/triggers/on-sync-running.yaml +++ b/notifications_catalog/triggers/on-sync-running.yaml @@ -1,3 +1,3 @@ -- when: app.status.operationState != nil and app.status.operationState.phase in ['Running'] +- when: app.status.operationState.phase in ['Running'] description: Application is being synced send: [app-sync-running] diff --git a/notifications_catalog/triggers/on-sync-succeeded.yaml b/notifications_catalog/triggers/on-sync-succeeded.yaml index c3eb0e1aead70..9e1c9fef5af3b 100644 --- a/notifications_catalog/triggers/on-sync-succeeded.yaml +++ b/notifications_catalog/triggers/on-sync-succeeded.yaml @@ -1,3 +1,3 @@ -- when: app.status.operationState != nil and app.status.operationState.phase in ['Succeeded'] +- when: app.status.operationState.phase in ['Succeeded'] description: Application syncing has succeeded send: [app-sync-succeeded] diff --git a/pkg/apiclient/apiclient.go b/pkg/apiclient/apiclient.go index 8f9a32d8e255e..5f122433ee285 100644 --- a/pkg/apiclient/apiclient.go +++ b/pkg/apiclient/apiclient.go @@ -22,6 +22,7 @@ import ( grpc_retry "github.com/grpc-ecosystem/go-grpc-middleware/retry" "github.com/hashicorp/go-retryablehttp" log "github.com/sirupsen/logrus" + "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" "golang.org/x/oauth2" "google.golang.org/grpc" "google.golang.org/grpc/codes" @@ -45,6 +46,7 @@ import ( settingspkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/settings" versionpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/version" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/util/argo" "github.com/argoproj/argo-cd/v2/util/env" grpc_util "github.com/argoproj/argo-cd/v2/util/grpc" @@ -102,7 +104,7 @@ type Client interface { NewProjectClientOrDie() (io.Closer, projectpkg.ProjectServiceClient) NewAccountClient() (io.Closer, accountpkg.AccountServiceClient, error) NewAccountClientOrDie() (io.Closer, accountpkg.AccountServiceClient) - WatchApplicationWithRetry(ctx context.Context, appName string, revision string) chan *v1alpha1.ApplicationWatchEvent + WatchApplicationWithRetry(ctx context.Context, appName string, revision string) chan *argoappv1.ApplicationWatchEvent } // ClientOptions hold address, security, and other settings for the API client. @@ -125,11 +127,6 @@ type ClientOptions struct { Headers []string HttpRetryMax int KubeOverrides *clientcmd.ConfigOverrides - AppControllerName string - ServerName string - RedisHaProxyName string - RedisName string - RepoServerName string } type client struct { @@ -206,13 +203,14 @@ func NewClient(opts *ClientOptions) (Client, error) { c.UserAgent = fmt.Sprintf("%s/%s", common.ArgoCDUserAgentName, common.GetVersion().Version) } // Override server address if specified in env or CLI flag - c.ServerAddr = env.StringFromEnv(EnvArgoCDServer, c.ServerAddr) + if serverFromEnv := os.Getenv(EnvArgoCDServer); serverFromEnv != "" { + c.ServerAddr = serverFromEnv + } if opts.PortForward || opts.PortForwardNamespace != "" { if opts.KubeOverrides == nil { opts.KubeOverrides = &clientcmd.ConfigOverrides{} } - serverPodLabelSelector := common.LabelKeyAppName + "=" + opts.ServerName - port, err := kube.PortForward(8080, opts.PortForwardNamespace, opts.KubeOverrides, serverPodLabelSelector) + port, err := kube.PortForward(8080, opts.PortForwardNamespace, opts.KubeOverrides, "app.kubernetes.io/name=argocd-server") if err != nil { return nil, err } @@ -231,7 +229,9 @@ func NewClient(opts *ClientOptions) (Client, error) { c.ServerAddr += ":443" } // Override auth-token if specified in env variable or CLI flag - c.AuthToken = env.StringFromEnv(EnvArgoCDAuthToken, c.AuthToken) + if authFromEnv := os.Getenv(EnvArgoCDAuthToken); authFromEnv != "" { + c.AuthToken = authFromEnv + } if opts.AuthToken != "" { c.AuthToken = strings.TrimSpace(opts.AuthToken) } @@ -285,8 +285,8 @@ func NewClient(opts *ClientOptions) (Client, error) { } } if !c.GRPCWeb { - // test if we need to set it to true - // if a call to grpc failed, then try again with GRPCWeb + //test if we need to set it to true + //if a call to grpc failed, then try again with GRPCWeb conn, versionIf, err := c.NewVersionClient() if err == nil { defer argoio.Close(conn) @@ -524,8 +524,8 @@ func (c *client) newConn() (*grpc.ClientConn, io.Closer, error) { dialOpts = append(dialOpts, grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(MaxGRPCMessageSize), grpc.MaxCallSendMsgSize(MaxGRPCMessageSize))) dialOpts = append(dialOpts, grpc.WithStreamInterceptor(grpc_retry.StreamClientInterceptor(retryOpts...))) dialOpts = append(dialOpts, grpc.WithUnaryInterceptor(grpc_middleware.ChainUnaryClient(grpc_retry.UnaryClientInterceptor(retryOpts...)))) - dialOpts = append(dialOpts, grpc.WithUnaryInterceptor(grpc_util.OTELUnaryClientInterceptor())) - dialOpts = append(dialOpts, grpc.WithStreamInterceptor(grpc_util.OTELStreamClientInterceptor())) + dialOpts = append(dialOpts, grpc.WithUnaryInterceptor(otelgrpc.UnaryClientInterceptor())) + dialOpts = append(dialOpts, grpc.WithStreamInterceptor(otelgrpc.StreamClientInterceptor())) ctx := context.Background() @@ -806,10 +806,10 @@ func (c *client) NewAccountClientOrDie() (io.Closer, accountpkg.AccountServiceCl // WatchApplicationWithRetry returns a channel of watch events for an application, retrying the // watch upon errors. Closes the returned channel when the context is cancelled. -func (c *client) WatchApplicationWithRetry(ctx context.Context, appName string, revision string) chan *v1alpha1.ApplicationWatchEvent { - appEventsCh := make(chan *v1alpha1.ApplicationWatchEvent) +func (c *client) WatchApplicationWithRetry(ctx context.Context, appName string, revision string) chan *argoappv1.ApplicationWatchEvent { + appEventsCh := make(chan *argoappv1.ApplicationWatchEvent) cancelled := false - appName, appNs := argo.ParseFromQualifiedName(appName, "") + appName, appNs := argo.ParseAppQualifiedName(appName, "") go func() { defer close(appEventsCh) for !cancelled { diff --git a/pkg/apiclient/application/application.pb.go b/pkg/apiclient/application/application.pb.go index 8fd016ee36f68..c235c0315ce76 100644 --- a/pkg/apiclient/application/application.pb.go +++ b/pkg/apiclient/application/application.pb.go @@ -36,11 +36,7 @@ var _ = math.Inf // proto package needs to be updated. const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package -// ApplicationQuery is a query for application resources. When getting multiple applications, the "projects" field acts -// as a filter. When getting a single application, you may specify either zero or one project. If you specify zero -// projects, the application will be returned regardless of which project it belongs to (assuming you have access). If -// you specify one project, the application will only be returned if it exists and belongs to the specified project. -// Otherwise you will receive a 404. +// ApplicationQuery is a query for application resources type ApplicationQuery struct { // the application's name Name *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"` @@ -215,7 +211,6 @@ type RevisionMetadataQuery struct { Revision *string `protobuf:"bytes,2,req,name=revision" json:"revision,omitempty"` // the application's namespace AppNamespace *string `protobuf:"bytes,3,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,4,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -275,13 +270,6 @@ func (m *RevisionMetadataQuery) GetAppNamespace() string { return "" } -func (m *RevisionMetadataQuery) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - // ApplicationEventsQuery is a query for application resource events type ApplicationResourceEventsQuery struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` @@ -289,7 +277,6 @@ type ApplicationResourceEventsQuery struct { ResourceName *string `protobuf:"bytes,3,opt,name=resourceName" json:"resourceName,omitempty"` ResourceUID *string `protobuf:"bytes,4,opt,name=resourceUID" json:"resourceUID,omitempty"` AppNamespace *string `protobuf:"bytes,5,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,6,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -363,19 +350,11 @@ func (m *ApplicationResourceEventsQuery) GetAppNamespace() string { return "" } -func (m *ApplicationResourceEventsQuery) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - // ManifestQuery is a query for manifest resources type ApplicationManifestQuery struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Revision *string `protobuf:"bytes,2,opt,name=revision" json:"revision,omitempty"` AppNamespace *string `protobuf:"bytes,3,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,4,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -435,13 +414,6 @@ func (m *ApplicationManifestQuery) GetAppNamespace() string { return "" } -func (m *ApplicationManifestQuery) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type FileChunk struct { Chunk []byte `protobuf:"bytes,1,req,name=chunk" json:"chunk,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -493,7 +465,6 @@ type ApplicationManifestQueryWithFiles struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Checksum *string `protobuf:"bytes,2,req,name=checksum" json:"checksum,omitempty"` AppNamespace *string `protobuf:"bytes,3,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,4,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -553,13 +524,6 @@ func (m *ApplicationManifestQueryWithFiles) GetAppNamespace() string { return "" } -func (m *ApplicationManifestQueryWithFiles) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ApplicationManifestQueryWithFilesWrapper struct { // Types that are valid to be assigned to Part: // *ApplicationManifestQueryWithFilesWrapper_Query @@ -757,7 +721,6 @@ func (m *ApplicationCreateRequest) GetValidate() bool { type ApplicationUpdateRequest struct { Application *v1alpha1.Application `protobuf:"bytes,1,req,name=application" json:"application,omitempty"` Validate *bool `protobuf:"varint,2,opt,name=validate" json:"validate,omitempty"` - Project *string `protobuf:"bytes,3,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -810,19 +773,11 @@ func (m *ApplicationUpdateRequest) GetValidate() bool { return false } -func (m *ApplicationUpdateRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ApplicationDeleteRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Cascade *bool `protobuf:"varint,2,opt,name=cascade" json:"cascade,omitempty"` PropagationPolicy *string `protobuf:"bytes,3,opt,name=propagationPolicy" json:"propagationPolicy,omitempty"` AppNamespace *string `protobuf:"bytes,4,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,5,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -889,13 +844,6 @@ func (m *ApplicationDeleteRequest) GetAppNamespace() string { return "" } -func (m *ApplicationDeleteRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type SyncOptions struct { Items []string `protobuf:"bytes,1,rep,name=items" json:"items,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -956,7 +904,6 @@ type ApplicationSyncRequest struct { RetryStrategy *v1alpha1.RetryStrategy `protobuf:"bytes,10,opt,name=retryStrategy" json:"retryStrategy,omitempty"` SyncOptions *SyncOptions `protobuf:"bytes,11,opt,name=syncOptions" json:"syncOptions,omitempty"` AppNamespace *string `protobuf:"bytes,12,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,13,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1072,20 +1019,12 @@ func (m *ApplicationSyncRequest) GetAppNamespace() string { return "" } -func (m *ApplicationSyncRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - // ApplicationUpdateSpecRequest is a request to update application spec type ApplicationUpdateSpecRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Spec *v1alpha1.ApplicationSpec `protobuf:"bytes,2,req,name=spec" json:"spec,omitempty"` Validate *bool `protobuf:"varint,3,opt,name=validate" json:"validate,omitempty"` AppNamespace *string `protobuf:"bytes,4,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,5,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1152,20 +1091,12 @@ func (m *ApplicationUpdateSpecRequest) GetAppNamespace() string { return "" } -func (m *ApplicationUpdateSpecRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - // ApplicationPatchRequest is a request to patch an application type ApplicationPatchRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Patch *string `protobuf:"bytes,2,req,name=patch" json:"patch,omitempty"` PatchType *string `protobuf:"bytes,3,req,name=patchType" json:"patchType,omitempty"` AppNamespace *string `protobuf:"bytes,5,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,6,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1232,20 +1163,12 @@ func (m *ApplicationPatchRequest) GetAppNamespace() string { return "" } -func (m *ApplicationPatchRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ApplicationRollbackRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Id *int64 `protobuf:"varint,2,req,name=id" json:"id,omitempty"` DryRun *bool `protobuf:"varint,3,opt,name=dryRun" json:"dryRun,omitempty"` Prune *bool `protobuf:"varint,4,opt,name=prune" json:"prune,omitempty"` AppNamespace *string `protobuf:"bytes,6,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,7,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1319,13 +1242,6 @@ func (m *ApplicationRollbackRequest) GetAppNamespace() string { return "" } -func (m *ApplicationRollbackRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ApplicationResourceRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Namespace *string `protobuf:"bytes,2,opt,name=namespace" json:"namespace,omitempty"` @@ -1334,7 +1250,6 @@ type ApplicationResourceRequest struct { Group *string `protobuf:"bytes,5,opt,name=group" json:"group,omitempty"` Kind *string `protobuf:"bytes,6,req,name=kind" json:"kind,omitempty"` AppNamespace *string `protobuf:"bytes,7,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,8,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1422,13 +1337,6 @@ func (m *ApplicationResourceRequest) GetAppNamespace() string { return "" } -func (m *ApplicationResourceRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ApplicationResourcePatchRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Namespace *string `protobuf:"bytes,2,opt,name=namespace" json:"namespace,omitempty"` @@ -1439,7 +1347,6 @@ type ApplicationResourcePatchRequest struct { Patch *string `protobuf:"bytes,7,req,name=patch" json:"patch,omitempty"` PatchType *string `protobuf:"bytes,8,req,name=patchType" json:"patchType,omitempty"` AppNamespace *string `protobuf:"bytes,9,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,10,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1541,13 +1448,6 @@ func (m *ApplicationResourcePatchRequest) GetAppNamespace() string { return "" } -func (m *ApplicationResourcePatchRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ApplicationResourceDeleteRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Namespace *string `protobuf:"bytes,2,opt,name=namespace" json:"namespace,omitempty"` @@ -1558,7 +1458,6 @@ type ApplicationResourceDeleteRequest struct { Force *bool `protobuf:"varint,7,opt,name=force" json:"force,omitempty"` Orphan *bool `protobuf:"varint,8,opt,name=orphan" json:"orphan,omitempty"` AppNamespace *string `protobuf:"bytes,9,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,10,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1660,13 +1559,6 @@ func (m *ApplicationResourceDeleteRequest) GetAppNamespace() string { return "" } -func (m *ApplicationResourceDeleteRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ResourceActionRunRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Namespace *string `protobuf:"bytes,2,opt,name=namespace" json:"namespace,omitempty"` @@ -1676,7 +1568,6 @@ type ResourceActionRunRequest struct { Kind *string `protobuf:"bytes,6,req,name=kind" json:"kind,omitempty"` Action *string `protobuf:"bytes,7,req,name=action" json:"action,omitempty"` AppNamespace *string `protobuf:"bytes,8,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,9,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1771,13 +1662,6 @@ func (m *ResourceActionRunRequest) GetAppNamespace() string { return "" } -func (m *ResourceActionRunRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ResourceActionsListResponse struct { Actions []*v1alpha1.ResourceAction `protobuf:"bytes,1,rep,name=actions" json:"actions,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -1888,7 +1772,6 @@ type ApplicationPodLogsQuery struct { ResourceName *string `protobuf:"bytes,13,opt,name=resourceName" json:"resourceName,omitempty"` Previous *bool `protobuf:"varint,14,opt,name=previous" json:"previous,omitempty"` AppNamespace *string `protobuf:"bytes,15,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,16,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -2032,13 +1915,6 @@ func (m *ApplicationPodLogsQuery) GetAppNamespace() string { return "" } -func (m *ApplicationPodLogsQuery) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type LogEntry struct { Content *string `protobuf:"bytes,1,req,name=content" json:"content,omitempty"` // deprecated in favor of timeStampStr since meta.v1.Time don't support nano time @@ -2122,7 +1998,6 @@ func (m *LogEntry) GetPodName() string { type OperationTerminateRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` AppNamespace *string `protobuf:"bytes,2,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,3,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -2175,17 +2050,9 @@ func (m *OperationTerminateRequest) GetAppNamespace() string { return "" } -func (m *OperationTerminateRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ApplicationSyncWindowsQuery struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` AppNamespace *string `protobuf:"bytes,2,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,3,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -2238,13 +2105,6 @@ func (m *ApplicationSyncWindowsQuery) GetAppNamespace() string { return "" } -func (m *ApplicationSyncWindowsQuery) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ApplicationSyncWindowsResponse struct { ActiveWindows []*ApplicationSyncWindow `protobuf:"bytes,1,rep,name=activeWindows" json:"activeWindows,omitempty"` AssignedWindows []*ApplicationSyncWindow `protobuf:"bytes,2,rep,name=assignedWindows" json:"assignedWindows,omitempty"` @@ -2426,7 +2286,6 @@ type ResourcesQuery struct { Group *string `protobuf:"bytes,5,opt,name=group" json:"group,omitempty"` Kind *string `protobuf:"bytes,6,opt,name=kind" json:"kind,omitempty"` AppNamespace *string `protobuf:"bytes,7,opt,name=appNamespace" json:"appNamespace,omitempty"` - Project *string `protobuf:"bytes,8,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -2514,13 +2373,6 @@ func (m *ResourcesQuery) GetAppNamespace() string { return "" } -func (m *ResourcesQuery) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - type ManagedResourcesResponse struct { Items []*v1alpha1.ResourceDiff `protobuf:"bytes,1,rep,name=items" json:"items,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -2689,7 +2541,6 @@ func (m *LinksResponse) GetItems() []*LinkInfo { type ListAppLinksRequest struct { Name *string `protobuf:"bytes,1,req,name=name" json:"name,omitempty"` Namespace *string `protobuf:"bytes,3,opt,name=namespace" json:"namespace,omitempty"` - Project *string `protobuf:"bytes,4,opt,name=project" json:"project,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -2742,13 +2593,6 @@ func (m *ListAppLinksRequest) GetNamespace() string { return "" } -func (m *ListAppLinksRequest) GetProject() string { - if m != nil && m.Project != nil { - return *m.Project - } - return "" -} - func init() { proto.RegisterType((*ApplicationQuery)(nil), "application.ApplicationQuery") proto.RegisterType((*NodeQuery)(nil), "application.NodeQuery") @@ -2792,175 +2636,169 @@ func init() { } var fileDescriptor_df6e82b174b5eaec = []byte{ - // 2673 bytes of a gzipped FileDescriptorProto + // 2590 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x5a, 0xcd, 0x8f, 0x1c, 0x47, - 0x15, 0xa7, 0x66, 0xbf, 0x66, 0xde, 0xec, 0xfa, 0xa3, 0x12, 0x2f, 0x9d, 0xf6, 0xc6, 0x6c, 0xda, - 0x76, 0xbc, 0x59, 0x7b, 0x67, 0xec, 0xc1, 0x20, 0x67, 0x93, 0x08, 0xec, 0xf5, 0x27, 0xac, 0x1d, - 0xd3, 0x6b, 0x63, 0x14, 0x0e, 0x50, 0xe9, 0xae, 0x9d, 0x6d, 0xb6, 0xa7, 0xbb, 0xdd, 0xdd, 0x33, - 0xd6, 0xca, 0xf8, 0x12, 0x64, 0x09, 0xa1, 0x08, 0x04, 0xe4, 0x80, 0x10, 0x02, 0x14, 0x14, 0x09, - 0x21, 0x10, 0x17, 0x14, 0x21, 0x21, 0x24, 0xb8, 0x20, 0x38, 0x20, 0x21, 0x38, 0x72, 0x41, 0x16, - 0xe2, 0x08, 0x97, 0xfc, 0x01, 0xa8, 0xaa, 0xab, 0xba, 0xab, 0xe7, 0xa3, 0x67, 0x96, 0x19, 0x14, - 0xdf, 0xfa, 0xd5, 0x54, 0xbd, 0xf7, 0xab, 0x57, 0xbf, 0x7a, 0xaf, 0xea, 0xd5, 0xc0, 0x89, 0x88, - 0x86, 0x1d, 0x1a, 0xd6, 0x49, 0x10, 0xb8, 0x8e, 0x45, 0x62, 0xc7, 0xf7, 0xd4, 0xef, 0x5a, 0x10, - 0xfa, 0xb1, 0x8f, 0xab, 0x4a, 0x93, 0xbe, 0xd4, 0xf4, 0xfd, 0xa6, 0x4b, 0xeb, 0x24, 0x70, 0xea, - 0xc4, 0xf3, 0xfc, 0x98, 0x37, 0x47, 0x49, 0x57, 0xdd, 0xd8, 0xbd, 0x10, 0xd5, 0x1c, 0x9f, 0xff, - 0x6a, 0xf9, 0x21, 0xad, 0x77, 0xce, 0xd5, 0x9b, 0xd4, 0xa3, 0x21, 0x89, 0xa9, 0x2d, 0xfa, 0x9c, - 0xcf, 0xfa, 0xb4, 0x88, 0xb5, 0xe3, 0x78, 0x34, 0xdc, 0xab, 0x07, 0xbb, 0x4d, 0xd6, 0x10, 0xd5, - 0x5b, 0x34, 0x26, 0xfd, 0x46, 0x6d, 0x36, 0x9d, 0x78, 0xa7, 0xfd, 0x66, 0xcd, 0xf2, 0x5b, 0x75, - 0x12, 0x36, 0xfd, 0x20, 0xf4, 0xbf, 0xc2, 0x3f, 0xd6, 0x2c, 0xbb, 0xde, 0x69, 0x64, 0x0a, 0xd4, - 0xb9, 0x74, 0xce, 0x11, 0x37, 0xd8, 0x21, 0xbd, 0xda, 0xae, 0x0c, 0xd1, 0x16, 0xd2, 0xc0, 0x17, - 0xbe, 0xe1, 0x9f, 0x4e, 0xec, 0x87, 0x7b, 0xca, 0x67, 0xa2, 0xc6, 0xf8, 0x00, 0xc1, 0xa1, 0x8b, - 0x99, 0xbd, 0xcf, 0xb5, 0x69, 0xb8, 0x87, 0x31, 0x4c, 0x7b, 0xa4, 0x45, 0x35, 0xb4, 0x8c, 0x56, - 0x2a, 0x26, 0xff, 0xc6, 0x1a, 0xcc, 0x85, 0x74, 0x3b, 0xa4, 0xd1, 0x8e, 0x56, 0xe2, 0xcd, 0x52, - 0xc4, 0x3a, 0x94, 0x99, 0x71, 0x6a, 0xc5, 0x91, 0x36, 0xb5, 0x3c, 0xb5, 0x52, 0x31, 0x53, 0x19, - 0xaf, 0xc0, 0xc1, 0x90, 0x46, 0x7e, 0x3b, 0xb4, 0xe8, 0xe7, 0x69, 0x18, 0x39, 0xbe, 0xa7, 0x4d, - 0xf3, 0xd1, 0xdd, 0xcd, 0x4c, 0x4b, 0x44, 0x5d, 0x6a, 0xc5, 0x7e, 0xa8, 0xcd, 0xf0, 0x2e, 0xa9, - 0xcc, 0xf0, 0x30, 0xe0, 0xda, 0x6c, 0x82, 0x87, 0x7d, 0x63, 0x03, 0xe6, 0x49, 0x10, 0xdc, 0x22, - 0x2d, 0x1a, 0x05, 0xc4, 0xa2, 0xda, 0x1c, 0xff, 0x2d, 0xd7, 0xc6, 0x30, 0x0b, 0x24, 0x5a, 0x99, - 0x03, 0x93, 0xa2, 0xb1, 0x01, 0x95, 0x5b, 0xbe, 0x4d, 0x07, 0x4f, 0xb7, 0x5b, 0x7d, 0xa9, 0x57, - 0xbd, 0xf1, 0x18, 0xc1, 0x11, 0x93, 0x76, 0x1c, 0x86, 0xff, 0x26, 0x8d, 0x89, 0x4d, 0x62, 0xd2, - 0xad, 0xb1, 0x94, 0x6a, 0xd4, 0xa1, 0x1c, 0x8a, 0xce, 0x5a, 0x89, 0xb7, 0xa7, 0x72, 0x8f, 0xb5, - 0xa9, 0xe2, 0xc9, 0x24, 0x2e, 0x4c, 0x27, 0xf3, 0x2f, 0x04, 0xc7, 0x94, 0x35, 0x34, 0x85, 0x67, - 0xaf, 0x74, 0xa8, 0x17, 0x47, 0x83, 0x01, 0x9d, 0x81, 0xc3, 0x72, 0x11, 0xba, 0xe7, 0xd9, 0xfb, - 0x03, 0x83, 0xa8, 0x36, 0x4a, 0x88, 0x6a, 0x1b, 0x5e, 0x86, 0xaa, 0x94, 0xef, 0xde, 0xb8, 0x2c, - 0x60, 0xaa, 0x4d, 0x3d, 0x13, 0x9d, 0x29, 0x9e, 0xe8, 0x6c, 0x7e, 0xa2, 0x5f, 0x47, 0xa0, 0x29, - 0x13, 0xbd, 0x49, 0x3c, 0x67, 0x9b, 0x46, 0xf1, 0xa8, 0x3e, 0x47, 0x13, 0xf4, 0xf9, 0x0b, 0x50, - 0xb9, 0xea, 0xb8, 0x74, 0x63, 0xa7, 0xed, 0xed, 0xe2, 0x67, 0x61, 0xc6, 0x62, 0x1f, 0xdc, 0xf6, - 0xbc, 0x99, 0x08, 0xc6, 0xb7, 0x11, 0xbc, 0x30, 0x08, 0xed, 0x3d, 0x27, 0xde, 0x61, 0xe3, 0xa3, - 0x41, 0xb0, 0xad, 0x1d, 0x6a, 0xed, 0x46, 0xed, 0x96, 0xa4, 0x8a, 0x94, 0xc7, 0x84, 0xfd, 0x33, - 0x04, 0x2b, 0x43, 0x31, 0xdd, 0x0b, 0x49, 0x10, 0xd0, 0x10, 0x5f, 0x85, 0x99, 0xfb, 0xec, 0x07, - 0xbe, 0x31, 0xaa, 0x8d, 0x5a, 0x4d, 0x0d, 0xac, 0x43, 0xb5, 0x5c, 0xff, 0x88, 0x99, 0x0c, 0xc7, - 0x35, 0xe9, 0x9e, 0x12, 0xd7, 0xb3, 0x98, 0xd3, 0x93, 0x7a, 0x91, 0xf5, 0xe7, 0xdd, 0x2e, 0xcd, - 0xc2, 0x74, 0x40, 0xc2, 0xd8, 0x38, 0x02, 0xcf, 0xe4, 0x69, 0x1d, 0xf8, 0x5e, 0x44, 0x8d, 0xdf, - 0xe4, 0x59, 0xb0, 0x11, 0x52, 0x12, 0x53, 0x93, 0xde, 0x6f, 0xd3, 0x28, 0xc6, 0xbb, 0xa0, 0xc6, - 0x7a, 0xee, 0xd5, 0x6a, 0xe3, 0x46, 0x2d, 0x0b, 0x96, 0x35, 0x19, 0x2c, 0xf9, 0xc7, 0x97, 0x2c, - 0xbb, 0xd6, 0x69, 0xd4, 0x82, 0xdd, 0x66, 0x8d, 0x85, 0xde, 0x1c, 0x32, 0x19, 0x7a, 0xd5, 0xa9, - 0x9a, 0xaa, 0x76, 0xbc, 0x08, 0xb3, 0xed, 0x20, 0xa2, 0x61, 0xcc, 0x67, 0x56, 0x36, 0x85, 0xc4, - 0xd6, 0xaf, 0x43, 0x5c, 0xc7, 0x26, 0x71, 0xb2, 0x3e, 0x65, 0x33, 0x95, 0x8d, 0xdf, 0xe6, 0xd1, - 0xdf, 0x0d, 0xec, 0x0f, 0x0b, 0xbd, 0x8a, 0xb2, 0x94, 0x47, 0xa9, 0x32, 0x68, 0x2a, 0xcf, 0xa0, - 0x5f, 0xe5, 0xf1, 0x5f, 0xa6, 0x2e, 0xcd, 0xf0, 0xf7, 0x23, 0xb3, 0x06, 0x73, 0x16, 0x89, 0x2c, - 0x62, 0x4b, 0x2b, 0x52, 0x64, 0x01, 0x28, 0x08, 0xfd, 0x80, 0x34, 0xb9, 0xa6, 0xdb, 0xbe, 0xeb, - 0x58, 0x7b, 0xc2, 0x5c, 0xef, 0x0f, 0x3d, 0xc4, 0x9f, 0x2e, 0x26, 0xfe, 0x4c, 0x1e, 0xf6, 0x71, - 0xa8, 0x6e, 0xed, 0x79, 0xd6, 0xeb, 0x01, 0xcf, 0xf5, 0x6c, 0xc7, 0x3a, 0x31, 0x6d, 0x45, 0x1a, - 0xe2, 0x79, 0x21, 0x11, 0x8c, 0xf7, 0x67, 0x60, 0x51, 0x99, 0x1b, 0x1b, 0x50, 0x34, 0xb3, 0xa2, - 0xe8, 0xb2, 0x08, 0xb3, 0x76, 0xb8, 0x67, 0xb6, 0x3d, 0x41, 0x00, 0x21, 0x31, 0xc3, 0x41, 0xd8, - 0xf6, 0x12, 0xf8, 0x65, 0x33, 0x11, 0xf0, 0x36, 0x94, 0xa3, 0x98, 0x65, 0xf7, 0xe6, 0x1e, 0x07, - 0x5e, 0x6d, 0x7c, 0x66, 0xbc, 0x45, 0x67, 0xd0, 0xb7, 0x84, 0x46, 0x33, 0xd5, 0x8d, 0xef, 0x43, - 0x45, 0x46, 0xe3, 0x48, 0x9b, 0x5b, 0x9e, 0x5a, 0xa9, 0x36, 0xb6, 0xc6, 0x37, 0xf4, 0x7a, 0xc0, - 0x4e, 0x26, 0x4a, 0xe6, 0x31, 0x33, 0x2b, 0x78, 0x09, 0x2a, 0x2d, 0x11, 0x1f, 0x22, 0x91, 0x85, - 0xb3, 0x06, 0xfc, 0x05, 0x98, 0x71, 0xbc, 0x6d, 0x3f, 0xd2, 0x2a, 0x1c, 0xcc, 0xa5, 0xf1, 0xc0, - 0xdc, 0xf0, 0xb6, 0x7d, 0x33, 0x51, 0x88, 0xef, 0xc3, 0x42, 0x48, 0xe3, 0x70, 0x4f, 0x7a, 0x41, - 0x03, 0xee, 0xd7, 0xcf, 0x8e, 0x67, 0xc1, 0x54, 0x55, 0x9a, 0x79, 0x0b, 0x78, 0x1d, 0xaa, 0x51, - 0xc6, 0x31, 0xad, 0xca, 0x0d, 0x6a, 0x39, 0x45, 0x0a, 0x07, 0x4d, 0xb5, 0x73, 0x0f, 0xbb, 0xe7, - 0x8b, 0xd9, 0xbd, 0x90, 0x67, 0xf7, 0x7f, 0x10, 0x2c, 0xf5, 0x04, 0x95, 0xad, 0x80, 0x16, 0xd2, - 0x97, 0xc0, 0x74, 0x14, 0x50, 0x8b, 0x67, 0x98, 0x6a, 0xe3, 0xe6, 0xc4, 0xa2, 0x0c, 0xb7, 0xcb, - 0x55, 0x17, 0x05, 0xc2, 0x31, 0xf7, 0xf3, 0x8f, 0x10, 0x7c, 0x54, 0xb1, 0x79, 0x9b, 0xc4, 0xd6, - 0x4e, 0xd1, 0x64, 0xd9, 0xbe, 0x63, 0x7d, 0x44, 0x3e, 0x4d, 0x04, 0x46, 0x4e, 0xfe, 0x71, 0x67, - 0x2f, 0x60, 0x00, 0xd9, 0x2f, 0x59, 0xc3, 0x98, 0x87, 0x95, 0x9f, 0x23, 0xd0, 0xd5, 0xd8, 0xeb, - 0xbb, 0xee, 0x9b, 0xc4, 0xda, 0x2d, 0x02, 0x79, 0x00, 0x4a, 0x8e, 0xcd, 0x11, 0x4e, 0x99, 0x25, - 0xc7, 0xde, 0x67, 0x10, 0xe9, 0x86, 0x3b, 0x5b, 0x0c, 0x77, 0x2e, 0x0f, 0xf7, 0x83, 0x2e, 0xb8, - 0x72, 0x2b, 0x17, 0xc0, 0x5d, 0x82, 0x8a, 0xd7, 0x75, 0x70, 0xcc, 0x1a, 0xfa, 0x1c, 0x18, 0x4b, - 0x3d, 0x07, 0x46, 0x0d, 0xe6, 0x3a, 0xe9, 0xb5, 0x80, 0xfd, 0x2c, 0x45, 0x36, 0xc5, 0x66, 0xe8, - 0xb7, 0x03, 0xe1, 0xf4, 0x44, 0x60, 0x28, 0x76, 0x1d, 0xcf, 0xd6, 0x66, 0x13, 0x14, 0xec, 0x7b, - 0xff, 0x17, 0x81, 0xdc, 0xb4, 0x7f, 0x51, 0x82, 0x8f, 0xf5, 0x99, 0xf6, 0x50, 0x3e, 0x3d, 0x1d, - 0x73, 0x4f, 0x59, 0x3d, 0x37, 0x90, 0xd5, 0xe5, 0x61, 0xac, 0xae, 0x14, 0xfb, 0x0b, 0xf2, 0xfe, - 0xfa, 0x69, 0x09, 0x96, 0xfb, 0xf8, 0x6b, 0xf8, 0x31, 0xe0, 0xa9, 0x71, 0xd8, 0xb6, 0x1f, 0x0a, - 0x96, 0x94, 0xcd, 0x44, 0x60, 0xfb, 0xcc, 0x0f, 0x83, 0x1d, 0xe2, 0x71, 0x76, 0x94, 0x4d, 0x21, - 0x8d, 0xe9, 0xaa, 0x6f, 0x94, 0x40, 0x93, 0xfe, 0xb9, 0x68, 0x71, 0x6f, 0xb5, 0xbd, 0xa7, 0xdf, - 0x45, 0x8b, 0x30, 0x4b, 0x38, 0x5a, 0x41, 0x2a, 0x21, 0xf5, 0x38, 0xa3, 0x5c, 0xec, 0x8c, 0x4a, - 0xde, 0x19, 0x8f, 0x11, 0x1c, 0xcd, 0x3b, 0x23, 0xda, 0x74, 0xa2, 0x58, 0x1e, 0xea, 0xf1, 0x36, - 0xcc, 0x25, 0x76, 0x92, 0x23, 0x59, 0xb5, 0xb1, 0x39, 0x6e, 0xa2, 0xce, 0x39, 0x5e, 0x2a, 0x37, - 0x5e, 0x86, 0xa3, 0x7d, 0xa3, 0x9c, 0x80, 0xa1, 0x43, 0x59, 0x1e, 0x4e, 0xc4, 0xd2, 0xa4, 0xb2, - 0xf1, 0x78, 0x3a, 0x9f, 0x72, 0x7c, 0x7b, 0xd3, 0x6f, 0x16, 0xdc, 0xaf, 0x8b, 0x97, 0x93, 0xb9, - 0xca, 0xb7, 0x95, 0xab, 0xb4, 0x14, 0xd9, 0x38, 0xcb, 0xf7, 0x62, 0xe2, 0x78, 0x34, 0x14, 0x59, - 0x31, 0x6b, 0x60, 0xcb, 0x10, 0x39, 0x9e, 0x45, 0xb7, 0xa8, 0xe5, 0x7b, 0x76, 0xc4, 0xd7, 0x73, - 0xca, 0xcc, 0xb5, 0xe1, 0xeb, 0x50, 0xe1, 0xf2, 0x1d, 0xa7, 0x95, 0xa4, 0x81, 0x6a, 0x63, 0xb5, - 0x96, 0xd4, 0xac, 0x6a, 0x6a, 0xcd, 0x2a, 0xf3, 0x61, 0x8b, 0xc6, 0xa4, 0xd6, 0x39, 0x57, 0x63, - 0x23, 0xcc, 0x6c, 0x30, 0xc3, 0x12, 0x13, 0xc7, 0xdd, 0x74, 0x3c, 0x7e, 0x60, 0x64, 0xa6, 0xb2, - 0x06, 0x46, 0x95, 0x6d, 0xdf, 0x75, 0xfd, 0x07, 0x72, 0xdf, 0x24, 0x12, 0x1b, 0xd5, 0xf6, 0x62, - 0xc7, 0xe5, 0xf6, 0x13, 0x22, 0x64, 0x0d, 0x7c, 0x94, 0xe3, 0xc6, 0x34, 0x14, 0x1b, 0x46, 0x48, - 0x29, 0x19, 0xab, 0x49, 0x19, 0x46, 0xee, 0xd7, 0x84, 0xb6, 0xf3, 0x2a, 0x6d, 0xbb, 0xb7, 0xc2, - 0x42, 0x9f, 0x5a, 0x04, 0xaf, 0x4a, 0xd1, 0x8e, 0xe3, 0xb7, 0x23, 0xed, 0x40, 0x72, 0xf4, 0x90, - 0x72, 0x0f, 0x95, 0x0f, 0x16, 0x53, 0xf9, 0x50, 0x9e, 0xca, 0xbf, 0x43, 0x50, 0xde, 0xf4, 0x9b, - 0x57, 0xbc, 0x38, 0xdc, 0xe3, 0xb7, 0x1b, 0xdf, 0x8b, 0xa9, 0x27, 0xf9, 0x22, 0x45, 0xb6, 0x08, - 0xb1, 0xd3, 0xa2, 0x5b, 0x31, 0x69, 0x05, 0xe2, 0x8c, 0xb5, 0xaf, 0x45, 0x48, 0x07, 0x33, 0xc7, - 0xb8, 0x24, 0x8a, 0xf9, 0x8e, 0x2f, 0x9b, 0xfc, 0x9b, 0x4d, 0x21, 0xed, 0xb0, 0x15, 0x87, 0x62, - 0xbb, 0xe7, 0xda, 0x54, 0x8a, 0xcd, 0x24, 0xd8, 0x84, 0x68, 0xb4, 0xe0, 0xb9, 0xf4, 0xd0, 0x7e, - 0x87, 0x86, 0x2d, 0xc7, 0x23, 0xc5, 0xd1, 0x7b, 0x84, 0x72, 0x58, 0xc1, 0x9d, 0xd1, 0xcf, 0x6d, - 0x3a, 0x76, 0x06, 0xbe, 0xe7, 0x78, 0xb6, 0xff, 0xa0, 0x60, 0xf3, 0x8c, 0x67, 0xf0, 0xaf, 0xf9, - 0x8a, 0x98, 0x62, 0x31, 0xdd, 0xe9, 0xd7, 0x61, 0x81, 0xc5, 0x84, 0x0e, 0x15, 0x3f, 0x88, 0xb0, - 0x63, 0x0c, 0x2a, 0x72, 0x64, 0x3a, 0xcc, 0xfc, 0x40, 0xbc, 0x09, 0x07, 0x49, 0x14, 0x39, 0x4d, - 0x8f, 0xda, 0x52, 0x57, 0x69, 0x64, 0x5d, 0xdd, 0x43, 0x93, 0xeb, 0x32, 0xef, 0x21, 0xd6, 0x5b, - 0x8a, 0xc6, 0xd7, 0x10, 0x1c, 0xe9, 0xab, 0x24, 0xdd, 0x39, 0x48, 0x09, 0xe3, 0x3a, 0x94, 0x23, - 0x6b, 0x87, 0xda, 0x6d, 0x97, 0xca, 0x1a, 0x92, 0x94, 0xd9, 0x6f, 0x76, 0x3b, 0x59, 0x7d, 0x91, - 0x46, 0x52, 0x19, 0x1f, 0x03, 0x68, 0x11, 0xaf, 0x4d, 0x5c, 0x0e, 0x61, 0x9a, 0x43, 0x50, 0x5a, - 0x8c, 0x25, 0xd0, 0xfb, 0x51, 0x47, 0xd4, 0x66, 0xfe, 0x8d, 0xe0, 0x80, 0x0c, 0xaa, 0x62, 0x75, - 0x57, 0xe0, 0xa0, 0xe2, 0x86, 0x5b, 0xd9, 0x42, 0x77, 0x37, 0x0f, 0x09, 0x98, 0x92, 0x25, 0x53, - 0xf9, 0xa2, 0x74, 0x27, 0x57, 0x56, 0x1e, 0x39, 0xdf, 0xa1, 0x09, 0x9d, 0x1f, 0xbf, 0x0a, 0xda, - 0x4d, 0xe2, 0x91, 0x26, 0xb5, 0xd3, 0x69, 0xa7, 0x14, 0xfb, 0xb2, 0x5a, 0x64, 0x18, 0xfb, 0x4a, - 0x9f, 0x1e, 0xb5, 0x9c, 0xed, 0x6d, 0x59, 0xb0, 0x08, 0xa1, 0xbc, 0xe9, 0x78, 0xbb, 0xec, 0xde, - 0xcb, 0x66, 0x1c, 0x3b, 0xb1, 0x2b, 0xbd, 0x9b, 0x08, 0xf8, 0x10, 0x4c, 0xb5, 0x43, 0x57, 0x30, - 0x80, 0x7d, 0xe2, 0x65, 0xa8, 0xda, 0x34, 0xb2, 0x42, 0x27, 0x10, 0xeb, 0xcf, 0x8b, 0xb4, 0x4a, - 0x13, 0x5b, 0x07, 0xc7, 0xf2, 0xbd, 0x0d, 0x97, 0x44, 0x91, 0x4c, 0x40, 0x69, 0x83, 0xf1, 0x2a, - 0x2c, 0x30, 0x9b, 0xd9, 0x34, 0x4f, 0xe7, 0xa7, 0x79, 0x24, 0x07, 0x5f, 0xc2, 0x93, 0x88, 0x09, - 0x3c, 0xc3, 0xf2, 0xfe, 0xc5, 0x20, 0x10, 0x4a, 0x46, 0x3c, 0x0e, 0x4d, 0xf5, 0xcb, 0x9f, 0x7d, - 0x6b, 0x9c, 0x8d, 0xbf, 0x1f, 0x07, 0xac, 0xee, 0x13, 0x1a, 0x76, 0x1c, 0x8b, 0xe2, 0xef, 0x20, - 0x98, 0x66, 0xa6, 0xf1, 0xf3, 0x83, 0xb6, 0x25, 0xe7, 0xab, 0x3e, 0xb9, 0x8b, 0x30, 0xb3, 0x66, - 0x2c, 0xbd, 0xf5, 0xb7, 0x7f, 0x7e, 0xb7, 0xb4, 0x88, 0x9f, 0xe5, 0x2f, 0x4a, 0x9d, 0x73, 0xea, - 0xeb, 0x4e, 0x84, 0xdf, 0x46, 0x80, 0xc5, 0x39, 0x48, 0xa9, 0xd9, 0xe3, 0xd3, 0x83, 0x20, 0xf6, - 0xa9, 0xed, 0xeb, 0xcf, 0x2b, 0x59, 0xa5, 0x66, 0xf9, 0x21, 0x65, 0x39, 0x84, 0x77, 0xe0, 0x00, - 0x56, 0x39, 0x80, 0x13, 0xd8, 0xe8, 0x07, 0xa0, 0xfe, 0x90, 0x79, 0xf4, 0x51, 0x9d, 0x26, 0x76, - 0xdf, 0x45, 0x30, 0x73, 0x8f, 0xdf, 0x21, 0x86, 0x38, 0x69, 0x6b, 0x62, 0x4e, 0xe2, 0xe6, 0x38, - 0x5a, 0xe3, 0x38, 0x47, 0xfa, 0x3c, 0x3e, 0x2a, 0x91, 0x46, 0x71, 0x48, 0x49, 0x2b, 0x07, 0xf8, - 0x2c, 0xc2, 0xef, 0x21, 0x98, 0x4d, 0x8a, 0xbe, 0xf8, 0xe4, 0x20, 0x94, 0xb9, 0xa2, 0xb0, 0x3e, - 0xb9, 0x0a, 0xaa, 0xf1, 0x12, 0xc7, 0x78, 0xdc, 0xe8, 0xbb, 0x9c, 0xeb, 0xb9, 0xfa, 0xea, 0x3b, - 0x08, 0xa6, 0xae, 0xd1, 0xa1, 0x7c, 0x9b, 0x20, 0xb8, 0x1e, 0x07, 0xf6, 0x59, 0x6a, 0xfc, 0x13, - 0x04, 0xcf, 0x5d, 0xa3, 0x71, 0xff, 0xf4, 0x88, 0x57, 0x86, 0xe7, 0x2c, 0x41, 0xbb, 0xd3, 0x23, - 0xf4, 0x4c, 0xf3, 0x42, 0x9d, 0x23, 0x7b, 0x09, 0x9f, 0x2a, 0x22, 0x61, 0xb4, 0xe7, 0x59, 0x0f, - 0x04, 0x8e, 0x3f, 0x21, 0x38, 0xd4, 0xfd, 0xb6, 0x86, 0xf3, 0x09, 0xb5, 0xef, 0xd3, 0x9b, 0x7e, - 0x6b, 0xdc, 0x28, 0x9b, 0x57, 0x6a, 0x5c, 0xe4, 0xc8, 0x5f, 0xc1, 0x2f, 0x17, 0x21, 0x97, 0x65, - 0xdf, 0xa8, 0xfe, 0x50, 0x7e, 0x3e, 0xe2, 0xef, 0xc0, 0x1c, 0xf6, 0x9f, 0x11, 0x3c, 0x2b, 0xf5, - 0x6e, 0xec, 0x90, 0x30, 0xbe, 0x4c, 0xd9, 0x19, 0x3a, 0x1a, 0x69, 0x3e, 0x63, 0x66, 0x0d, 0xd5, - 0x9e, 0x71, 0x85, 0xcf, 0xe5, 0x53, 0xf8, 0xb5, 0x7d, 0xcf, 0xc5, 0x62, 0x6a, 0x6c, 0x01, 0xfb, - 0x2d, 0x04, 0xf3, 0xd7, 0x68, 0x7c, 0x33, 0xad, 0xe2, 0x9e, 0x1c, 0xe9, 0x65, 0x48, 0x5f, 0xaa, - 0x29, 0xcf, 0xcf, 0xf2, 0xa7, 0x94, 0x22, 0x6b, 0x1c, 0xdc, 0x29, 0x7c, 0xb2, 0x08, 0x5c, 0x56, - 0x39, 0x7e, 0x17, 0xc1, 0x11, 0x15, 0x44, 0xf6, 0xa2, 0xf6, 0x89, 0xfd, 0xbd, 0x53, 0x89, 0xd7, - 0xae, 0x21, 0xe8, 0x1a, 0x1c, 0xdd, 0x19, 0xa3, 0x3f, 0x81, 0x5b, 0x3d, 0x28, 0xd6, 0xd1, 0xea, - 0x0a, 0xc2, 0xbf, 0x47, 0x30, 0x9b, 0x14, 0x63, 0x07, 0xfb, 0x28, 0xf7, 0x02, 0x34, 0xc9, 0x68, - 0x20, 0x56, 0x5b, 0x3f, 0xdb, 0xdf, 0xa1, 0xea, 0x78, 0x49, 0xd5, 0x1a, 0xf7, 0x72, 0x3e, 0x8c, - 0xbd, 0x8f, 0x00, 0xb2, 0x82, 0x32, 0x7e, 0xa9, 0x78, 0x1e, 0x4a, 0xd1, 0x59, 0x9f, 0x6c, 0x49, - 0xd9, 0xa8, 0xf1, 0xf9, 0xac, 0xe8, 0xcb, 0x85, 0x31, 0x24, 0xa0, 0xd6, 0x7a, 0x52, 0x7c, 0xfe, - 0x31, 0x82, 0x19, 0x5e, 0xc7, 0xc3, 0x27, 0x06, 0x61, 0x56, 0xcb, 0x7c, 0x93, 0x74, 0xfd, 0x8b, - 0x1c, 0xea, 0x72, 0xa3, 0x28, 0x10, 0xaf, 0xa3, 0x55, 0xdc, 0x81, 0xd9, 0xa4, 0x72, 0x36, 0x98, - 0x1e, 0xb9, 0xca, 0x9a, 0xbe, 0x5c, 0x70, 0x30, 0x48, 0x88, 0x2a, 0x72, 0xc0, 0xea, 0xb0, 0x1c, - 0x30, 0xcd, 0xc2, 0x34, 0x3e, 0x5e, 0x14, 0xc4, 0xff, 0x0f, 0x8e, 0x39, 0xcd, 0xd1, 0x9d, 0x34, - 0x96, 0x87, 0xe5, 0x01, 0xe6, 0x9d, 0xef, 0x21, 0x38, 0xd4, 0x7d, 0xb8, 0xc6, 0x47, 0xbb, 0x62, - 0xa6, 0x7a, 0xd7, 0xd0, 0xf3, 0x5e, 0x1c, 0x74, 0x30, 0x37, 0x3e, 0xcd, 0x51, 0xac, 0xe3, 0x0b, - 0x43, 0x77, 0xc6, 0x2d, 0x19, 0x75, 0x98, 0xa2, 0xb5, 0xec, 0x55, 0xeb, 0xd7, 0x08, 0xe6, 0xa5, - 0xde, 0x3b, 0x21, 0xa5, 0xc5, 0xb0, 0x26, 0xb7, 0x11, 0x98, 0x2d, 0xe3, 0x55, 0x0e, 0xff, 0x93, - 0xf8, 0xfc, 0x88, 0xf0, 0x25, 0xec, 0xb5, 0x98, 0x21, 0xfd, 0x03, 0x82, 0xc3, 0xf7, 0x12, 0xde, - 0x7f, 0x48, 0xf8, 0x37, 0x38, 0xfe, 0xd7, 0xf0, 0x2b, 0x05, 0xe7, 0xbc, 0x61, 0xd3, 0x38, 0x8b, - 0xf0, 0x2f, 0x11, 0x94, 0xe5, 0xab, 0x0a, 0x3e, 0x35, 0x70, 0x63, 0xe4, 0xdf, 0x5d, 0x26, 0x49, - 0x66, 0x71, 0xa8, 0x31, 0x4e, 0x14, 0xa6, 0x53, 0x61, 0x9f, 0x11, 0xfa, 0x1d, 0x04, 0x38, 0xbd, - 0x33, 0xa7, 0xb7, 0x68, 0xfc, 0x62, 0xce, 0xd4, 0xc0, 0xc2, 0x8c, 0x7e, 0x6a, 0x68, 0xbf, 0x7c, - 0x2a, 0x5d, 0x2d, 0x4c, 0xa5, 0x7e, 0x6a, 0xff, 0x9b, 0x08, 0xaa, 0xd7, 0x68, 0x7a, 0x07, 0x29, - 0xf0, 0x65, 0xfe, 0x51, 0x48, 0x5f, 0x19, 0xde, 0x51, 0x20, 0x3a, 0xc3, 0x11, 0xbd, 0x88, 0x8b, - 0x5d, 0x25, 0x01, 0xfc, 0x00, 0xc1, 0xc2, 0x6d, 0x95, 0xa2, 0xf8, 0xcc, 0x30, 0x4b, 0xb9, 0x48, - 0x3e, 0x3a, 0xae, 0x8f, 0x73, 0x5c, 0x6b, 0xc6, 0x48, 0xb8, 0xd6, 0xc5, 0xfb, 0xca, 0x0f, 0x51, - 0x72, 0x89, 0xed, 0xaa, 0x67, 0xff, 0xaf, 0x7e, 0x2b, 0x28, 0x8b, 0x1b, 0xe7, 0x39, 0xbe, 0x1a, - 0x3e, 0x33, 0x0a, 0xbe, 0xba, 0x28, 0x72, 0xe3, 0xef, 0x23, 0x38, 0xcc, 0xdf, 0x1a, 0x54, 0xc5, - 0x5d, 0x29, 0x66, 0xd0, 0xcb, 0xc4, 0x08, 0x29, 0x46, 0xc4, 0x1f, 0x63, 0x5f, 0xa0, 0xd6, 0xe5, - 0x3b, 0xc2, 0xb7, 0x10, 0x1c, 0x90, 0x49, 0x4d, 0xac, 0xee, 0xda, 0x30, 0xc7, 0xed, 0x37, 0x09, - 0x0a, 0xba, 0xad, 0x8e, 0x46, 0xb7, 0xf7, 0x10, 0xcc, 0x89, 0x6a, 0x7e, 0xc1, 0x51, 0x41, 0x29, - 0xf7, 0xeb, 0x5d, 0x35, 0x0e, 0x51, 0x0c, 0x36, 0xbe, 0xc8, 0xcd, 0xde, 0xc5, 0xf5, 0x22, 0xb3, - 0x81, 0x6f, 0x47, 0xf5, 0x87, 0xa2, 0x12, 0xfb, 0xa8, 0xee, 0xfa, 0xcd, 0xe8, 0x0d, 0x03, 0x17, - 0x26, 0x44, 0xd6, 0xe7, 0x2c, 0xc2, 0x31, 0x54, 0x18, 0x39, 0x78, 0xe1, 0x04, 0x2f, 0x77, 0x95, - 0x59, 0x7a, 0x6a, 0x2a, 0xba, 0xde, 0x53, 0x88, 0xc9, 0x32, 0xa0, 0xb8, 0xc6, 0xe2, 0x17, 0x0a, - 0xcd, 0x72, 0x43, 0x6f, 0x23, 0x38, 0xac, 0xb2, 0x3d, 0x31, 0x3f, 0x32, 0xd7, 0x8b, 0x50, 0x88, - 0x43, 0x35, 0x5e, 0x1d, 0x89, 0x48, 0x1c, 0xce, 0xa5, 0xab, 0x7f, 0x7c, 0x72, 0x0c, 0xfd, 0xe5, - 0xc9, 0x31, 0xf4, 0x8f, 0x27, 0xc7, 0xd0, 0x1b, 0x17, 0x46, 0xfb, 0x4f, 0xad, 0xe5, 0x3a, 0xd4, - 0x8b, 0x55, 0xf5, 0xff, 0x0d, 0x00, 0x00, 0xff, 0xff, 0x30, 0xc0, 0x40, 0x7a, 0x39, 0x2c, 0x00, - 0x00, + 0x15, 0xa7, 0x66, 0xbf, 0x66, 0xde, 0xac, 0xbf, 0x2a, 0xf1, 0xd2, 0x69, 0xaf, 0xcd, 0xba, 0xfd, + 0xb5, 0x5e, 0x7b, 0x67, 0xec, 0xc1, 0x20, 0x67, 0x13, 0x04, 0xb6, 0xe3, 0x2f, 0x58, 0x3b, 0xa6, + 0xd7, 0xc6, 0x28, 0x1c, 0xa0, 0xd2, 0x53, 0x3b, 0xdb, 0x6c, 0x4f, 0x77, 0xbb, 0xbb, 0x67, 0xac, + 0x91, 0xf1, 0x25, 0x88, 0x13, 0x51, 0x90, 0x92, 0x1c, 0x50, 0x14, 0x21, 0x94, 0x28, 0x17, 0x2e, + 0xdc, 0x10, 0x12, 0x17, 0xb8, 0x20, 0x90, 0x38, 0x20, 0x3e, 0x2e, 0x9c, 0x90, 0xc5, 0x8d, 0x0b, + 0x07, 0xfe, 0x00, 0x54, 0xd5, 0x55, 0xdd, 0xd5, 0x33, 0x3d, 0x3d, 0xbd, 0xec, 0x46, 0xf1, 0xad, + 0x5e, 0x4d, 0xd5, 0x7b, 0xbf, 0x7a, 0xf5, 0xbe, 0xea, 0xf5, 0xc0, 0xc9, 0x90, 0x06, 0x7d, 0x1a, + 0x34, 0x89, 0xef, 0x3b, 0xb6, 0x45, 0x22, 0xdb, 0x73, 0xd5, 0x71, 0xc3, 0x0f, 0xbc, 0xc8, 0xc3, + 0x75, 0x65, 0x4a, 0x5f, 0xec, 0x78, 0x5e, 0xc7, 0xa1, 0x4d, 0xe2, 0xdb, 0x4d, 0xe2, 0xba, 0x5e, + 0xc4, 0xa7, 0xc3, 0x78, 0xa9, 0x6e, 0x6c, 0x5f, 0x0e, 0x1b, 0xb6, 0xc7, 0x7f, 0xb5, 0xbc, 0x80, + 0x36, 0xfb, 0x17, 0x9b, 0x1d, 0xea, 0xd2, 0x80, 0x44, 0xb4, 0x2d, 0xd6, 0x5c, 0x4a, 0xd7, 0x74, + 0x89, 0xb5, 0x65, 0xbb, 0x34, 0x18, 0x34, 0xfd, 0xed, 0x0e, 0x9b, 0x08, 0x9b, 0x5d, 0x1a, 0x91, + 0xbc, 0x5d, 0xeb, 0x1d, 0x3b, 0xda, 0xea, 0xbd, 0xd9, 0xb0, 0xbc, 0x6e, 0x93, 0x04, 0x1d, 0xcf, + 0x0f, 0xbc, 0xef, 0xf3, 0xc1, 0xaa, 0xd5, 0x6e, 0xf6, 0x5b, 0x29, 0x03, 0xf5, 0x2c, 0xfd, 0x8b, + 0xc4, 0xf1, 0xb7, 0xc8, 0x28, 0xb7, 0xeb, 0x13, 0xb8, 0x05, 0xd4, 0xf7, 0x84, 0x6e, 0xf8, 0xd0, + 0x8e, 0xbc, 0x60, 0xa0, 0x0c, 0x63, 0x36, 0xc6, 0x7f, 0x11, 0x1c, 0xbc, 0x92, 0xca, 0xfb, 0x66, + 0x8f, 0x06, 0x03, 0x8c, 0x61, 0xda, 0x25, 0x5d, 0xaa, 0xa1, 0x25, 0xb4, 0x5c, 0x33, 0xf9, 0x18, + 0x6b, 0x30, 0x17, 0xd0, 0xcd, 0x80, 0x86, 0x5b, 0x5a, 0x85, 0x4f, 0x4b, 0x12, 0xeb, 0x50, 0x65, + 0xc2, 0xa9, 0x15, 0x85, 0xda, 0xd4, 0xd2, 0xd4, 0x72, 0xcd, 0x4c, 0x68, 0xbc, 0x0c, 0x07, 0x02, + 0x1a, 0x7a, 0xbd, 0xc0, 0xa2, 0xdf, 0xa2, 0x41, 0x68, 0x7b, 0xae, 0x36, 0xcd, 0x77, 0x0f, 0x4f, + 0x33, 0x2e, 0x21, 0x75, 0xa8, 0x15, 0x79, 0x81, 0x36, 0xc3, 0x97, 0x24, 0x34, 0xc3, 0xc3, 0x80, + 0x6b, 0xb3, 0x31, 0x1e, 0x36, 0xc6, 0x06, 0xcc, 0x13, 0xdf, 0xbf, 0x4b, 0xba, 0x34, 0xf4, 0x89, + 0x45, 0xb5, 0x39, 0xfe, 0x5b, 0x66, 0x8e, 0x61, 0x16, 0x48, 0xb4, 0x2a, 0x07, 0x26, 0x49, 0xe3, + 0x1a, 0xd4, 0xee, 0x7a, 0x6d, 0x3a, 0xfe, 0xb8, 0xc3, 0xec, 0x2b, 0xa3, 0xec, 0x8d, 0x6d, 0x38, + 0x6c, 0xd2, 0xbe, 0xcd, 0xe0, 0xdf, 0xa1, 0x11, 0x69, 0x93, 0x88, 0x0c, 0x33, 0xac, 0x24, 0x0c, + 0x75, 0xa8, 0x06, 0x62, 0xb1, 0x56, 0xe1, 0xf3, 0x09, 0x3d, 0x22, 0x6c, 0x2a, 0x47, 0xd8, 0x9f, + 0x10, 0x1c, 0x53, 0x2e, 0xca, 0x14, 0xea, 0xbb, 0xde, 0xa7, 0x6e, 0x14, 0x8e, 0x17, 0x7b, 0x1e, + 0x0e, 0x49, 0x4d, 0x0f, 0x1f, 0x66, 0xf4, 0x07, 0x06, 0x44, 0x9d, 0x94, 0x40, 0xd4, 0x39, 0xbc, + 0x04, 0x75, 0x49, 0x3f, 0xb8, 0xfd, 0x9a, 0xb8, 0x4e, 0x75, 0x6a, 0xe4, 0x38, 0x33, 0x39, 0xc7, + 0x71, 0x41, 0x53, 0x4e, 0x73, 0x87, 0xb8, 0xf6, 0x26, 0x0d, 0xa3, 0xb2, 0xea, 0x43, 0x3b, 0x56, + 0xdf, 0x71, 0xa8, 0xdd, 0xb0, 0x1d, 0x7a, 0x6d, 0xab, 0xe7, 0x6e, 0xe3, 0x17, 0x61, 0xc6, 0x62, + 0x03, 0x2e, 0x61, 0xde, 0x8c, 0x09, 0xe3, 0x31, 0x1c, 0x1f, 0x07, 0xe9, 0xa1, 0x1d, 0x6d, 0xb1, + 0xed, 0xe1, 0x38, 0x6c, 0xd6, 0x16, 0xb5, 0xb6, 0xc3, 0x5e, 0x57, 0x5e, 0xad, 0xa4, 0x4b, 0x61, + 0xfb, 0x05, 0x82, 0xe5, 0x89, 0x92, 0x1f, 0x06, 0xc4, 0xf7, 0x69, 0x80, 0x6f, 0xc0, 0xcc, 0x23, + 0xf6, 0x03, 0xb7, 0xd6, 0x7a, 0xab, 0xd1, 0x50, 0xa3, 0xdd, 0x44, 0x2e, 0xb7, 0x3e, 0x67, 0xc6, + 0xdb, 0x71, 0x43, 0xea, 0xa0, 0xc2, 0xf9, 0x2c, 0x64, 0xf8, 0x24, 0xaa, 0x62, 0xeb, 0xf9, 0xb2, + 0xab, 0xb3, 0x30, 0xed, 0x93, 0x20, 0x32, 0x0e, 0xc3, 0x0b, 0x59, 0x33, 0xf4, 0x3d, 0x37, 0xa4, + 0xc6, 0x6f, 0x50, 0xe6, 0x42, 0xaf, 0x05, 0x94, 0x44, 0xd4, 0xa4, 0x8f, 0x7a, 0x34, 0x8c, 0xf0, + 0x36, 0xa8, 0x01, 0x98, 0xeb, 0xae, 0xde, 0xba, 0xdd, 0x48, 0x23, 0x58, 0x43, 0x46, 0x30, 0x3e, + 0xf8, 0xae, 0xd5, 0x6e, 0xf4, 0x5b, 0x0d, 0x7f, 0xbb, 0xd3, 0x60, 0xf1, 0x30, 0x83, 0x4c, 0xc6, + 0x43, 0xf5, 0xa8, 0xa6, 0xca, 0x1d, 0x2f, 0xc0, 0x6c, 0xcf, 0x0f, 0x69, 0x10, 0xf1, 0x93, 0x55, + 0x4d, 0x41, 0xb1, 0x5b, 0xea, 0x13, 0xc7, 0x6e, 0x93, 0x28, 0xbe, 0x85, 0xaa, 0x99, 0xd0, 0xc6, + 0xc7, 0x59, 0xf4, 0x0f, 0xfc, 0xf6, 0x67, 0x85, 0x5e, 0x45, 0x59, 0x19, 0x42, 0xf9, 0x41, 0x16, + 0xe5, 0x6b, 0xd4, 0xa1, 0x29, 0xca, 0x3c, 0xc3, 0xd4, 0x60, 0xce, 0x22, 0xa1, 0x45, 0xda, 0x92, + 0x97, 0x24, 0x59, 0x58, 0xf0, 0x03, 0xcf, 0x27, 0x1d, 0xce, 0xe9, 0x9e, 0xe7, 0xd8, 0xd6, 0x40, + 0xd8, 0xe6, 0xe8, 0x0f, 0x23, 0x46, 0x3c, 0x9d, 0x63, 0xc4, 0x27, 0xa0, 0xbe, 0x31, 0x70, 0xad, + 0xd7, 0x7d, 0x9e, 0x4c, 0x99, 0x8b, 0xd9, 0x11, 0xed, 0x86, 0x1a, 0xe2, 0x81, 0x37, 0x26, 0x8c, + 0x0f, 0x67, 0x60, 0x41, 0x39, 0x01, 0xdb, 0x50, 0x84, 0xbf, 0xc8, 0xe9, 0x17, 0x60, 0xb6, 0x1d, + 0x0c, 0xcc, 0x9e, 0x2b, 0x2e, 0x53, 0x50, 0x4c, 0xb0, 0x1f, 0xf4, 0xdc, 0x18, 0x64, 0xd5, 0x8c, + 0x09, 0xbc, 0x09, 0xd5, 0x30, 0x62, 0xe9, 0xb3, 0x33, 0xe0, 0xe1, 0xa8, 0xde, 0xfa, 0xfa, 0xee, + 0x2e, 0x90, 0x41, 0xdf, 0x10, 0x1c, 0xcd, 0x84, 0x37, 0x7e, 0x04, 0x35, 0x19, 0x09, 0x43, 0x6d, + 0x6e, 0x69, 0x6a, 0xb9, 0xde, 0xda, 0xd8, 0xbd, 0xa0, 0xd7, 0x7d, 0x96, 0xfa, 0x95, 0xa8, 0x6f, + 0xa6, 0x52, 0xf0, 0x22, 0xd4, 0xba, 0xc2, 0xd7, 0x43, 0x91, 0xe6, 0xd2, 0x09, 0xfc, 0x6d, 0x98, + 0xb1, 0xdd, 0x4d, 0x2f, 0xd4, 0x6a, 0x1c, 0xcc, 0xd5, 0xdd, 0x81, 0xb9, 0xed, 0x6e, 0x7a, 0x66, + 0xcc, 0x10, 0x3f, 0x82, 0x7d, 0x01, 0x8d, 0x82, 0x81, 0xd4, 0x82, 0x06, 0x5c, 0xaf, 0xdf, 0xd8, + 0x9d, 0x04, 0x53, 0x65, 0x69, 0x66, 0x25, 0xe0, 0x35, 0xa8, 0x87, 0xa9, 0x8d, 0x69, 0x75, 0x2e, + 0x50, 0xcb, 0x30, 0x52, 0x6c, 0xd0, 0x54, 0x17, 0x8f, 0xd8, 0xf0, 0x7c, 0x8e, 0x0d, 0xff, 0x1d, + 0xc1, 0xe2, 0x48, 0x18, 0xd8, 0xf0, 0x69, 0xa1, 0x91, 0x12, 0x98, 0x0e, 0x7d, 0x6a, 0xf1, 0xc8, + 0x5f, 0x6f, 0xdd, 0xd9, 0xb3, 0xb8, 0xc0, 0xe5, 0x72, 0xd6, 0x45, 0xa1, 0xab, 0x94, 0x6f, 0xfe, + 0x08, 0xc1, 0xe7, 0x15, 0xce, 0xf7, 0x48, 0x64, 0x6d, 0x15, 0x1d, 0x89, 0xf9, 0x10, 0x5b, 0x23, + 0xb2, 0x59, 0x4c, 0x30, 0x43, 0xe3, 0x83, 0xfb, 0x03, 0x9f, 0xc1, 0x60, 0xbf, 0xa4, 0x13, 0xa5, + 0x92, 0xfe, 0xbb, 0x08, 0x74, 0x35, 0xf2, 0x79, 0x8e, 0xf3, 0x26, 0xb1, 0xb6, 0x8b, 0xa0, 0xec, + 0x87, 0x8a, 0xdd, 0xe6, 0x38, 0xa6, 0xcc, 0x8a, 0xdd, 0xde, 0xa1, 0xdb, 0x0f, 0x83, 0x9a, 0xcd, + 0x01, 0xf5, 0x8f, 0x21, 0x50, 0xd2, 0xc5, 0x0a, 0x40, 0x2d, 0x42, 0xcd, 0x1d, 0x2a, 0xa6, 0xd2, + 0x89, 0x9c, 0x22, 0xaa, 0x32, 0x52, 0x44, 0x69, 0x30, 0xd7, 0x4f, 0xea, 0x61, 0xf6, 0xb3, 0x24, + 0xd9, 0x41, 0x3a, 0x81, 0xd7, 0xf3, 0x85, 0x02, 0x63, 0x82, 0xa1, 0xd8, 0xb6, 0xdd, 0xb6, 0x36, + 0x1b, 0xa3, 0x60, 0xe3, 0x32, 0x15, 0xb0, 0xf1, 0x5e, 0x05, 0xbe, 0x90, 0x73, 0xb8, 0x89, 0x16, + 0xf0, 0x7c, 0x9c, 0x30, 0xb1, 0xc3, 0xb9, 0xb1, 0x76, 0x58, 0x9d, 0x64, 0x87, 0xb5, 0x1c, 0xad, + 0xbc, 0x53, 0x81, 0xa5, 0x1c, 0xad, 0x4c, 0x4e, 0xa8, 0xcf, 0x8d, 0x5a, 0x36, 0xbd, 0x40, 0xdc, + 0x78, 0xd5, 0x8c, 0x09, 0xe6, 0x19, 0x5e, 0xe0, 0x6f, 0x11, 0x57, 0xab, 0xc6, 0x9e, 0x11, 0x53, + 0xa5, 0x14, 0xf2, 0x1f, 0x04, 0x9a, 0xd4, 0xc2, 0x15, 0x8b, 0xeb, 0xa4, 0xe7, 0x3e, 0xff, 0x8a, + 0x58, 0x80, 0x59, 0xc2, 0xd1, 0x0a, 0x03, 0x11, 0xd4, 0xc8, 0x91, 0xab, 0xf9, 0x31, 0xf1, 0x48, + 0xf6, 0xc8, 0xe1, 0xba, 0x1d, 0x46, 0xb2, 0xa0, 0xc5, 0x9b, 0x30, 0x17, 0x73, 0x8b, 0x4b, 0x98, + 0x7a, 0x6b, 0x7d, 0xb7, 0x89, 0x2d, 0xa3, 0x5e, 0xc9, 0xdc, 0x78, 0x19, 0x8e, 0xe4, 0x46, 0x1f, + 0x01, 0x43, 0x87, 0xaa, 0x4c, 0xe6, 0xe2, 0x02, 0x12, 0xda, 0xf8, 0xf7, 0x54, 0x36, 0xac, 0x7b, + 0xed, 0x75, 0xaf, 0x53, 0xf0, 0x16, 0x2c, 0xbe, 0x34, 0xf6, 0x58, 0xf6, 0xda, 0xca, 0xb3, 0x4f, + 0x92, 0x6c, 0x9f, 0xe5, 0xb9, 0x11, 0xb1, 0x5d, 0x1a, 0x88, 0xfc, 0x92, 0x4e, 0x30, 0x65, 0x87, + 0xb6, 0x6b, 0xd1, 0x0d, 0x6a, 0x79, 0x6e, 0x3b, 0xe4, 0xb7, 0x36, 0x65, 0x66, 0xe6, 0xf0, 0x2d, + 0xa8, 0x71, 0xfa, 0xbe, 0xdd, 0x8d, 0x83, 0x70, 0xbd, 0xb5, 0xd2, 0x88, 0x9b, 0x28, 0x0d, 0xb5, + 0x89, 0x92, 0xea, 0xb0, 0x4b, 0x23, 0xd2, 0xe8, 0x5f, 0x6c, 0xb0, 0x1d, 0x66, 0xba, 0x99, 0x61, + 0x89, 0x88, 0xed, 0xac, 0xdb, 0x2e, 0x2f, 0xb0, 0x98, 0xa8, 0x74, 0x82, 0x19, 0xc4, 0xa6, 0xe7, + 0x38, 0xde, 0x63, 0xe9, 0x03, 0x31, 0xc5, 0x76, 0xf5, 0xdc, 0xc8, 0x76, 0xb8, 0xfc, 0xd8, 0x01, + 0xd2, 0x09, 0xbe, 0xcb, 0x76, 0x22, 0x1a, 0xf0, 0x12, 0xa6, 0x66, 0x0a, 0x2a, 0x31, 0xb9, 0x7a, + 0xdc, 0x17, 0x90, 0xbe, 0x17, 0x1b, 0xe7, 0xbc, 0x6a, 0x9c, 0xc3, 0x06, 0xbf, 0x2f, 0xe7, 0xdd, + 0xcc, 0xdb, 0x24, 0xb4, 0x6f, 0x7b, 0xbd, 0x50, 0xdb, 0x1f, 0x27, 0x71, 0x49, 0x8f, 0x18, 0xec, + 0x81, 0x1c, 0x83, 0xfd, 0x2d, 0x82, 0xea, 0xba, 0xd7, 0xb9, 0xee, 0x46, 0xc1, 0x80, 0x57, 0xf6, + 0x9e, 0x1b, 0x51, 0x57, 0x5a, 0x85, 0x24, 0x99, 0xaa, 0x23, 0xbb, 0x4b, 0x37, 0x22, 0xd2, 0xf5, + 0x45, 0x4d, 0xb2, 0x23, 0x55, 0x27, 0x9b, 0xd9, 0xf1, 0x1d, 0x12, 0x46, 0xdc, 0x7b, 0xab, 0x26, + 0x1f, 0x33, 0xa0, 0xc9, 0x82, 0x8d, 0x28, 0x10, 0xae, 0x9b, 0x99, 0x53, 0x0d, 0x69, 0x26, 0xc6, + 0x26, 0x48, 0x63, 0x03, 0x5e, 0x4a, 0x4a, 0xd9, 0xfb, 0x34, 0xe8, 0xda, 0x2e, 0x29, 0x8e, 0xb7, + 0x65, 0xba, 0x30, 0x0f, 0x32, 0x0e, 0xc4, 0xea, 0xbf, 0x87, 0xb6, 0xdb, 0xf6, 0x1e, 0x17, 0x38, + 0x42, 0x19, 0xb6, 0x7f, 0xc9, 0xf6, 0x5b, 0x14, 0xbe, 0x89, 0x6f, 0xde, 0x82, 0x7d, 0xcc, 0x8b, + 0xfb, 0x54, 0xfc, 0x20, 0x02, 0x85, 0x31, 0xee, 0x49, 0x9e, 0xf2, 0x30, 0xb3, 0x1b, 0xf1, 0x3a, + 0x1c, 0x20, 0x61, 0x68, 0x77, 0x5c, 0xda, 0x96, 0xbc, 0x2a, 0xa5, 0x79, 0x0d, 0x6f, 0x8d, 0x9f, + 0x7d, 0x7c, 0x85, 0xb8, 0x3b, 0x49, 0x1a, 0x3f, 0x44, 0x70, 0x38, 0x97, 0x49, 0x62, 0xeb, 0x48, + 0x09, 0xaf, 0x3a, 0x54, 0x43, 0x6b, 0x8b, 0xb6, 0x7b, 0x0e, 0x95, 0x7d, 0x0d, 0x49, 0xb3, 0xdf, + 0xda, 0xbd, 0xf8, 0x26, 0x45, 0x78, 0x4f, 0x68, 0x7c, 0x0c, 0xa0, 0x4b, 0xdc, 0x1e, 0x71, 0x38, + 0x84, 0x69, 0x0e, 0x41, 0x99, 0x31, 0x16, 0x41, 0xcf, 0x33, 0x03, 0xd1, 0x49, 0xf8, 0x1b, 0x82, + 0xfd, 0x32, 0x0c, 0x8a, 0x3b, 0x5c, 0x86, 0x03, 0x8a, 0x1a, 0xee, 0xa6, 0xd7, 0x39, 0x3c, 0x3d, + 0x21, 0xc4, 0x49, 0x5b, 0x98, 0xca, 0xf6, 0x35, 0xfb, 0x99, 0xce, 0x64, 0xe9, 0x3c, 0x84, 0x76, + 0x54, 0x89, 0xfd, 0x00, 0xb4, 0x3b, 0xc4, 0x25, 0x1d, 0xda, 0x4e, 0x0e, 0x97, 0x18, 0xd2, 0xf7, + 0xd4, 0xc7, 0xf2, 0xae, 0x9f, 0xa6, 0x49, 0x39, 0x63, 0x6f, 0x6e, 0xca, 0x87, 0x77, 0x00, 0xd5, + 0x75, 0xdb, 0xdd, 0x66, 0xef, 0x37, 0x76, 0xae, 0xc8, 0x8e, 0x1c, 0xa9, 0xc3, 0x98, 0xc0, 0x07, + 0x61, 0xaa, 0x17, 0x38, 0xe2, 0x9e, 0xd9, 0x10, 0x2f, 0x41, 0xbd, 0x4d, 0x43, 0x2b, 0xb0, 0x7d, + 0x71, 0xcb, 0xbc, 0xd1, 0xa7, 0x4c, 0x31, 0x6d, 0xdb, 0x96, 0xe7, 0x5e, 0x73, 0x48, 0x18, 0xca, + 0xc4, 0x90, 0x4c, 0x18, 0xaf, 0xc2, 0x3e, 0x26, 0x33, 0x3d, 0xe6, 0xb9, 0xec, 0x31, 0x0f, 0x67, + 0xe0, 0x4b, 0x78, 0x12, 0xf1, 0x4d, 0x78, 0x81, 0xe5, 0xe3, 0x2b, 0xbe, 0x2f, 0x98, 0x94, 0x2c, + 0x46, 0xa6, 0x86, 0x2e, 0xbd, 0xf5, 0x63, 0x03, 0xb0, 0x6a, 0xf3, 0x34, 0xe8, 0xdb, 0x16, 0xc5, + 0xef, 0x22, 0x98, 0x66, 0x02, 0xf0, 0xd1, 0x71, 0x2e, 0xc6, 0x6d, 0x4f, 0xdf, 0xbb, 0x07, 0x1d, + 0x93, 0x66, 0x2c, 0xbe, 0xf5, 0xd7, 0x7f, 0xbd, 0x57, 0x59, 0xc0, 0x2f, 0xf2, 0x0f, 0x0c, 0xfd, + 0x8b, 0x6a, 0xb3, 0x3f, 0xc4, 0x6f, 0x23, 0xc0, 0xa2, 0x0a, 0x51, 0xba, 0xbb, 0xf8, 0xdc, 0x38, + 0x88, 0x39, 0x5d, 0x60, 0xfd, 0xa8, 0x12, 0xed, 0x1b, 0x96, 0x17, 0x50, 0x16, 0xdb, 0xf9, 0x02, + 0x0e, 0x60, 0x85, 0x03, 0x38, 0x89, 0x8d, 0x3c, 0x00, 0xcd, 0x27, 0x4c, 0x6f, 0x4f, 0x9b, 0x34, + 0x96, 0xfb, 0x11, 0x82, 0x99, 0x87, 0xbc, 0xe6, 0x9e, 0xa0, 0xa4, 0x8d, 0x3d, 0x53, 0x12, 0x17, + 0xc7, 0xd1, 0x1a, 0x27, 0x38, 0xd2, 0xa3, 0xf8, 0x88, 0x44, 0x1a, 0x46, 0x01, 0x25, 0xdd, 0x0c, + 0xe0, 0x0b, 0x08, 0x7f, 0x82, 0x60, 0x36, 0x6e, 0x37, 0xe2, 0x53, 0xe3, 0x50, 0x66, 0xda, 0x91, + 0xfa, 0xde, 0xf5, 0xee, 0x8c, 0xb3, 0x1c, 0xe3, 0x09, 0x23, 0xf7, 0x3a, 0xd7, 0x32, 0x9d, 0xbd, + 0xf7, 0x11, 0x4c, 0xdd, 0xa4, 0x13, 0xed, 0x6d, 0x0f, 0xc1, 0x8d, 0x28, 0x30, 0xe7, 0xaa, 0xf1, + 0xc7, 0x08, 0x5e, 0xba, 0x49, 0xa3, 0xfc, 0x54, 0x87, 0x97, 0x27, 0xe7, 0x1f, 0x61, 0x76, 0xe7, + 0x4a, 0xac, 0x4c, 0x62, 0x7c, 0x93, 0x23, 0x3b, 0x8b, 0xcf, 0x14, 0x19, 0x61, 0x38, 0x70, 0xad, + 0xc7, 0x02, 0xc7, 0x1f, 0x11, 0x1c, 0x1c, 0xfe, 0xd6, 0x82, 0xb3, 0xc9, 0x31, 0xf7, 0x53, 0x8c, + 0x7e, 0x77, 0xb7, 0xb1, 0x34, 0xcb, 0xd4, 0xb8, 0xc2, 0x91, 0xbf, 0x82, 0x5f, 0x2e, 0x42, 0x2e, + 0x9b, 0x94, 0x61, 0xf3, 0x89, 0x1c, 0x3e, 0xe5, 0x9f, 0x05, 0x39, 0xec, 0xb7, 0x10, 0xcc, 0xdf, + 0xa4, 0xd1, 0x9d, 0xa4, 0x47, 0x77, 0xaa, 0x54, 0x0f, 0x5f, 0x5f, 0x6c, 0x28, 0x5f, 0xef, 0xe4, + 0x4f, 0x89, 0x4a, 0x57, 0x39, 0xb0, 0x33, 0xf8, 0x54, 0x11, 0xb0, 0xb4, 0x2f, 0xf8, 0x11, 0x82, + 0xc3, 0x2a, 0x88, 0xf4, 0x0b, 0xc7, 0x97, 0x76, 0xf6, 0x45, 0x41, 0x7c, 0x97, 0x98, 0x80, 0xae, + 0xc5, 0xd1, 0x9d, 0x37, 0xf2, 0x2f, 0xbc, 0x3b, 0x82, 0x62, 0x0d, 0xad, 0x2c, 0x23, 0xfc, 0x3b, + 0x04, 0xb3, 0x71, 0x13, 0x6e, 0xbc, 0x8e, 0x32, 0xbd, 0xfa, 0xbd, 0xf4, 0x9e, 0xeb, 0x1c, 0xf2, + 0x57, 0xf5, 0x0b, 0xf9, 0x0a, 0x55, 0xf7, 0xcb, 0xab, 0x6d, 0x70, 0x2d, 0x67, 0xdd, 0xfe, 0x57, + 0x08, 0x20, 0x6d, 0x24, 0xe2, 0xb3, 0xc5, 0xe7, 0x50, 0x9a, 0x8d, 0xfa, 0xde, 0xb6, 0x12, 0x8d, + 0x06, 0x3f, 0xcf, 0xb2, 0xbe, 0x54, 0xe8, 0x73, 0x3e, 0xb5, 0xd6, 0xe2, 0xa6, 0xe3, 0xcf, 0x11, + 0xcc, 0xf0, 0x3e, 0x11, 0x3e, 0x39, 0x0e, 0xb3, 0xda, 0x46, 0xda, 0x4b, 0xd5, 0x9f, 0xe6, 0x50, + 0x97, 0x5a, 0x45, 0x81, 0x6b, 0x0d, 0xad, 0xe0, 0x3e, 0xcc, 0xc6, 0x3d, 0x9b, 0xf1, 0xe6, 0x91, + 0xe9, 0xe9, 0xe8, 0x4b, 0x05, 0x89, 0x34, 0x36, 0x54, 0x11, 0x33, 0x57, 0x26, 0xc5, 0xcc, 0x69, + 0x16, 0xd6, 0xf0, 0x89, 0xa2, 0xa0, 0xf7, 0x29, 0x28, 0xe6, 0x1c, 0x47, 0x77, 0xca, 0x58, 0x9a, + 0x14, 0x37, 0x99, 0x76, 0x7e, 0x8a, 0xe0, 0xe0, 0x70, 0xc9, 0x89, 0x8f, 0x0c, 0xc5, 0x4c, 0xb5, + 0xce, 0xd6, 0xb3, 0x5a, 0x1c, 0x57, 0xae, 0x1a, 0x5f, 0xe3, 0x28, 0xd6, 0xf0, 0xe5, 0x89, 0x9e, + 0x71, 0x57, 0x46, 0x1d, 0xc6, 0x68, 0x35, 0xfd, 0x66, 0xf1, 0x6b, 0x04, 0xf3, 0x92, 0xef, 0xfd, + 0x80, 0xd2, 0x62, 0x58, 0x7b, 0xe7, 0x08, 0x4c, 0x96, 0xf1, 0x2a, 0x87, 0xff, 0x65, 0x7c, 0xa9, + 0x24, 0x7c, 0x09, 0x7b, 0x35, 0x62, 0x48, 0x7f, 0x8f, 0xe0, 0xd0, 0xc3, 0xd8, 0xee, 0x3f, 0x23, + 0xfc, 0xd7, 0x38, 0xfe, 0xaf, 0xe0, 0x57, 0x0a, 0xea, 0xa2, 0x49, 0xc7, 0xb8, 0x80, 0xf0, 0x2f, + 0x11, 0x54, 0x65, 0x07, 0x1e, 0x9f, 0x19, 0xeb, 0x18, 0xd9, 0x1e, 0xfd, 0x5e, 0x1a, 0xb3, 0x28, + 0x02, 0x8c, 0x93, 0x85, 0xa9, 0x54, 0xc8, 0x67, 0x06, 0xfd, 0x3e, 0x02, 0x9c, 0xbc, 0x17, 0x93, + 0x17, 0x24, 0x3e, 0x9d, 0x11, 0x35, 0xb6, 0xc1, 0xa0, 0x9f, 0x99, 0xb8, 0x2e, 0x9b, 0x4a, 0x57, + 0x0a, 0x53, 0xa9, 0x97, 0xc8, 0x7f, 0x07, 0x41, 0xfd, 0x26, 0x4d, 0x6a, 0xf6, 0x02, 0x5d, 0x66, + 0x3f, 0x2d, 0xe8, 0xcb, 0x93, 0x17, 0x0a, 0x44, 0xe7, 0x39, 0xa2, 0xd3, 0xb8, 0x58, 0x55, 0x12, + 0xc0, 0x87, 0x08, 0xf6, 0xdd, 0x53, 0x4d, 0x14, 0x9f, 0x9f, 0x24, 0x29, 0x13, 0xc9, 0xcb, 0xe3, + 0xfa, 0x22, 0xc7, 0xb5, 0x6a, 0x94, 0xc2, 0xb5, 0x26, 0xfa, 0xf7, 0x3f, 0x43, 0xf1, 0xd3, 0x6e, + 0xa8, 0xfb, 0xfa, 0xff, 0xea, 0xad, 0xa0, 0x89, 0x6b, 0x5c, 0xe2, 0xf8, 0x1a, 0xf8, 0x7c, 0x19, + 0x7c, 0x4d, 0xd1, 0x92, 0xc5, 0x1f, 0x20, 0x38, 0xc4, 0xfb, 0xdf, 0x2a, 0xe3, 0xa1, 0x14, 0x33, + 0xae, 0x5b, 0x5e, 0x22, 0xc5, 0x88, 0xf8, 0x63, 0xec, 0x08, 0xd4, 0x9a, 0xec, 0x6d, 0xff, 0x04, + 0xc1, 0x7e, 0x99, 0xd4, 0xc4, 0xed, 0xae, 0x4e, 0x52, 0xdc, 0x4e, 0x93, 0xa0, 0x30, 0xb7, 0x95, + 0x72, 0xe6, 0xf6, 0x09, 0x82, 0x39, 0xd1, 0x7b, 0x2e, 0x28, 0x15, 0x94, 0xe6, 0xb4, 0x3e, 0xf4, + 0xf2, 0x17, 0x4d, 0x4d, 0xe3, 0x3b, 0x5c, 0xec, 0x03, 0xdc, 0x2c, 0x12, 0xeb, 0x7b, 0xed, 0xb0, + 0xf9, 0x44, 0x74, 0x14, 0x9f, 0x36, 0x1d, 0xaf, 0x13, 0xbe, 0x61, 0xe0, 0xc2, 0x84, 0xc8, 0xd6, + 0x5c, 0x40, 0x38, 0x82, 0x1a, 0x33, 0x0e, 0xde, 0x4e, 0xc0, 0x4b, 0x43, 0xcd, 0x87, 0x91, 0x4e, + 0x83, 0xae, 0x8f, 0xb4, 0x27, 0xd2, 0x0c, 0x28, 0x9e, 0x7d, 0xf8, 0x78, 0xa1, 0x58, 0x2e, 0xe8, + 0x6d, 0x04, 0x87, 0x54, 0x6b, 0x8f, 0xc5, 0x97, 0xb6, 0xf5, 0x22, 0x14, 0xa2, 0xa8, 0xc6, 0x2b, + 0xa5, 0x0c, 0x89, 0xc3, 0xb9, 0x7a, 0xe3, 0x0f, 0xcf, 0x8e, 0xa1, 0x3f, 0x3f, 0x3b, 0x86, 0xfe, + 0xf9, 0xec, 0x18, 0x7a, 0xe3, 0x72, 0xb9, 0xbf, 0x24, 0x5a, 0x8e, 0x4d, 0xdd, 0x48, 0x65, 0xff, + 0xbf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x96, 0x44, 0xa9, 0x6d, 0x78, 0x29, 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -2989,8 +2827,6 @@ type ApplicationServiceClient interface { GetApplicationSyncWindows(ctx context.Context, in *ApplicationSyncWindowsQuery, opts ...grpc.CallOption) (*ApplicationSyncWindowsResponse, error) // Get the meta-data (author, date, tags, message) for a specific revision of the application RevisionMetadata(ctx context.Context, in *RevisionMetadataQuery, opts ...grpc.CallOption) (*v1alpha1.RevisionMetadata, error) - // Get the chart metadata (description, maintainers, home) for a specific revision of the application - RevisionChartDetails(ctx context.Context, in *RevisionMetadataQuery, opts ...grpc.CallOption) (*v1alpha1.ChartDetails, error) // GetManifests returns application manifests GetManifests(ctx context.Context, in *ApplicationManifestQuery, opts ...grpc.CallOption) (*apiclient.ManifestResponse, error) // GetManifestsWithFiles returns application manifests using provided files to generate them @@ -3127,15 +2963,6 @@ func (c *applicationServiceClient) RevisionMetadata(ctx context.Context, in *Rev return out, nil } -func (c *applicationServiceClient) RevisionChartDetails(ctx context.Context, in *RevisionMetadataQuery, opts ...grpc.CallOption) (*v1alpha1.ChartDetails, error) { - out := new(v1alpha1.ChartDetails) - err := c.cc.Invoke(ctx, "/application.ApplicationService/RevisionChartDetails", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - func (c *applicationServiceClient) GetManifests(ctx context.Context, in *ApplicationManifestQuery, opts ...grpc.CallOption) (*apiclient.ManifestResponse, error) { out := new(apiclient.ManifestResponse) err := c.cc.Invoke(ctx, "/application.ApplicationService/GetManifests", in, out, opts...) @@ -3403,8 +3230,6 @@ type ApplicationServiceServer interface { GetApplicationSyncWindows(context.Context, *ApplicationSyncWindowsQuery) (*ApplicationSyncWindowsResponse, error) // Get the meta-data (author, date, tags, message) for a specific revision of the application RevisionMetadata(context.Context, *RevisionMetadataQuery) (*v1alpha1.RevisionMetadata, error) - // Get the chart metadata (description, maintainers, home) for a specific revision of the application - RevisionChartDetails(context.Context, *RevisionMetadataQuery) (*v1alpha1.ChartDetails, error) // GetManifests returns application manifests GetManifests(context.Context, *ApplicationManifestQuery) (*apiclient.ManifestResponse, error) // GetManifestsWithFiles returns application manifests using provided files to generate them @@ -3472,9 +3297,6 @@ func (*UnimplementedApplicationServiceServer) GetApplicationSyncWindows(ctx cont func (*UnimplementedApplicationServiceServer) RevisionMetadata(ctx context.Context, req *RevisionMetadataQuery) (*v1alpha1.RevisionMetadata, error) { return nil, status.Errorf(codes.Unimplemented, "method RevisionMetadata not implemented") } -func (*UnimplementedApplicationServiceServer) RevisionChartDetails(ctx context.Context, req *RevisionMetadataQuery) (*v1alpha1.ChartDetails, error) { - return nil, status.Errorf(codes.Unimplemented, "method RevisionChartDetails not implemented") -} func (*UnimplementedApplicationServiceServer) GetManifests(ctx context.Context, req *ApplicationManifestQuery) (*apiclient.ManifestResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method GetManifests not implemented") } @@ -3669,24 +3491,6 @@ func _ApplicationService_RevisionMetadata_Handler(srv interface{}, ctx context.C return interceptor(ctx, in, info, handler) } -func _ApplicationService_RevisionChartDetails_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(RevisionMetadataQuery) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(ApplicationServiceServer).RevisionChartDetails(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/application.ApplicationService/RevisionChartDetails", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(ApplicationServiceServer).RevisionChartDetails(ctx, req.(*RevisionMetadataQuery)) - } - return interceptor(ctx, in, info, handler) -} - func _ApplicationService_GetManifests_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { in := new(ApplicationManifestQuery) if err := dec(in); err != nil { @@ -4089,10 +3893,6 @@ var _ApplicationService_serviceDesc = grpc.ServiceDesc{ MethodName: "RevisionMetadata", Handler: _ApplicationService_RevisionMetadata_Handler, }, - { - MethodName: "RevisionChartDetails", - Handler: _ApplicationService_RevisionChartDetails_Handler, - }, { MethodName: "GetManifests", Handler: _ApplicationService_GetManifests_Handler, @@ -4339,13 +4139,6 @@ func (m *RevisionMetadataQuery) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x22 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -4398,13 +4191,6 @@ func (m *ApplicationResourceEventsQuery) MarshalToSizedBuffer(dAtA []byte) (int, i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x32 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -4469,13 +4255,6 @@ func (m *ApplicationManifestQuery) MarshalToSizedBuffer(dAtA []byte) (int, error i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x22 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -4562,13 +4341,6 @@ func (m *ApplicationManifestQueryWithFiles) MarshalToSizedBuffer(dAtA []byte) (i i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x22 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -4787,13 +4559,6 @@ func (m *ApplicationUpdateRequest) MarshalToSizedBuffer(dAtA []byte) (int, error i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x1a - } if m.Validate != nil { i-- if *m.Validate { @@ -4845,13 +4610,6 @@ func (m *ApplicationDeleteRequest) MarshalToSizedBuffer(dAtA []byte) (int, error i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x2a - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -4948,13 +4706,6 @@ func (m *ApplicationSyncRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x6a - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -5098,13 +4849,6 @@ func (m *ApplicationUpdateSpecRequest) MarshalToSizedBuffer(dAtA []byte) (int, e i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x2a - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -5172,13 +4916,6 @@ func (m *ApplicationPatchRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x32 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -5240,13 +4977,6 @@ func (m *ApplicationRollbackRequest) MarshalToSizedBuffer(dAtA []byte) (int, err i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x3a - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -5317,13 +5047,6 @@ func (m *ApplicationResourceRequest) MarshalToSizedBuffer(dAtA []byte) (int, err i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x42 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -5408,13 +5131,6 @@ func (m *ApplicationResourcePatchRequest) MarshalToSizedBuffer(dAtA []byte) (int i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x52 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -5517,13 +5233,6 @@ func (m *ApplicationResourceDeleteRequest) MarshalToSizedBuffer(dAtA []byte) (in i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x52 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -5628,13 +5337,6 @@ func (m *ResourceActionRunRequest) MarshalToSizedBuffer(dAtA []byte) (int, error i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x4a - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -5805,15 +5507,6 @@ func (m *ApplicationPodLogsQuery) MarshalToSizedBuffer(dAtA []byte) (int, error) i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x1 - i-- - dAtA[i] = 0x82 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -6035,13 +5728,6 @@ func (m *OperationTerminateRequest) MarshalToSizedBuffer(dAtA []byte) (int, erro i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x1a - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -6085,13 +5771,6 @@ func (m *ApplicationSyncWindowsQuery) MarshalToSizedBuffer(dAtA []byte) (int, er i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x1a - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -6295,13 +5974,6 @@ func (m *ResourcesQuery) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x42 - } if m.AppNamespace != nil { i -= len(*m.AppNamespace) copy(dAtA[i:], *m.AppNamespace) @@ -6521,13 +6193,6 @@ func (m *ListAppLinksRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if m.Project != nil { - i -= len(*m.Project) - copy(dAtA[i:], *m.Project) - i = encodeVarintApplication(dAtA, i, uint64(len(*m.Project))) - i-- - dAtA[i] = 0x22 - } if m.Namespace != nil { i -= len(*m.Namespace) copy(dAtA[i:], *m.Namespace) @@ -6644,10 +6309,6 @@ func (m *RevisionMetadataQuery) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -6680,10 +6341,6 @@ func (m *ApplicationResourceEventsQuery) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -6708,10 +6365,6 @@ func (m *ApplicationManifestQuery) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -6752,10 +6405,6 @@ func (m *ApplicationManifestQueryWithFiles) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -6848,10 +6497,6 @@ func (m *ApplicationUpdateRequest) Size() (n int) { if m.Validate != nil { n += 2 } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -6879,10 +6524,6 @@ func (m *ApplicationDeleteRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -6961,10 +6602,6 @@ func (m *ApplicationSyncRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -6992,10 +6629,6 @@ func (m *ApplicationUpdateSpecRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7024,10 +6657,6 @@ func (m *ApplicationPatchRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7057,10 +6686,6 @@ func (m *ApplicationRollbackRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7101,10 +6726,6 @@ func (m *ApplicationResourceRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7153,10 +6774,6 @@ func (m *ApplicationResourcePatchRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7203,10 +6820,6 @@ func (m *ApplicationResourceDeleteRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7251,10 +6864,6 @@ func (m *ResourceActionRunRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7357,10 +6966,6 @@ func (m *ApplicationPodLogsQuery) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 2 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7412,10 +7017,6 @@ func (m *OperationTerminateRequest) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7436,10 +7037,6 @@ func (m *ApplicationSyncWindowsQuery) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7546,10 +7143,6 @@ func (m *ResourcesQuery) Size() (n int) { l = len(*m.AppNamespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -7634,10 +7227,6 @@ func (m *ListAppLinksRequest) Size() (n int) { l = len(*m.Namespace) n += 1 + l + sovApplication(uint64(l)) } - if m.Project != nil { - l = len(*m.Project) - n += 1 + l + sovApplication(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -8211,39 +7800,6 @@ func (m *RevisionMetadataQuery) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -8468,50 +8024,17 @@ func (m *ApplicationResourceEventsQuery) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } + default: + iNdEx = preIndex + skippy, err := skipApplication(dAtA[iNdEx:]) + if err != nil { + return err } - intStringLen := int(stringLen) - if intStringLen < 0 { + if (skippy < 0) || (iNdEx+skippy) < 0 { return ErrInvalidLengthApplication } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipApplication(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthApplication - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF } m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) iNdEx += skippy @@ -8656,39 +8179,6 @@ func (m *ApplicationManifestQuery) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -8935,39 +8425,6 @@ func (m *ApplicationManifestQueryWithFiles) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -9390,39 +8847,6 @@ func (m *ApplicationUpdateRequest) Unmarshal(dAtA []byte) error { } b := bool(v != 0) m.Validate = &b - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -9599,39 +9023,6 @@ func (m *ApplicationDeleteRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -10120,39 +9511,6 @@ func (m *ApplicationSyncRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 13: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -10333,39 +9691,6 @@ func (m *ApplicationUpdateSpecRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -10559,39 +9884,6 @@ func (m *ApplicationPatchRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -10783,39 +10075,6 @@ func (m *ApplicationRollbackRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 7: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -11107,40 +10366,7 @@ func (m *ApplicationResourceRequest) Unmarshal(dAtA []byte) error { return io.ErrUnexpectedEOF } s := string(dAtA[iNdEx:postIndex]) - m.AppNamespace = &s - iNdEx = postIndex - case 8: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s + m.AppNamespace = &s iNdEx = postIndex default: iNdEx = preIndex @@ -11509,39 +10735,6 @@ func (m *ApplicationResourcePatchRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -11889,39 +11082,6 @@ func (m *ApplicationResourceDeleteRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -12255,39 +11415,6 @@ func (m *ResourceActionRunRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 9: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -12978,39 +12105,6 @@ func (m *ApplicationPodLogsQuery) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 16: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -13361,39 +12455,6 @@ func (m *OperationTerminateRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -13516,39 +12577,6 @@ func (m *ApplicationSyncWindowsQuery) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -14220,39 +13248,6 @@ func (m *ResourcesQuery) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.AppNamespace = &s iNdEx = postIndex - case 8: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) @@ -14737,39 +13732,6 @@ func (m *ListAppLinksRequest) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.Namespace = &s iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplication - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplication - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplication - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.Project = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplication(dAtA[iNdEx:]) diff --git a/pkg/apiclient/application/application.pb.gw.go b/pkg/apiclient/application/application.pb.gw.go index ed6064cadb9a2..80c86e4fc9a19 100644 --- a/pkg/apiclient/application/application.pb.gw.go +++ b/pkg/apiclient/application/application.pb.gw.go @@ -459,100 +459,6 @@ func local_request_ApplicationService_RevisionMetadata_0(ctx context.Context, ma } -var ( - filter_ApplicationService_RevisionChartDetails_0 = &utilities.DoubleArray{Encoding: map[string]int{"name": 0, "revision": 1}, Base: []int{1, 1, 2, 0, 0}, Check: []int{0, 1, 1, 2, 3}} -) - -func request_ApplicationService_RevisionChartDetails_0(ctx context.Context, marshaler runtime.Marshaler, client ApplicationServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { - var protoReq RevisionMetadataQuery - var metadata runtime.ServerMetadata - - var ( - val string - ok bool - err error - _ = err - ) - - val, ok = pathParams["name"] - if !ok { - return nil, metadata, status.Errorf(codes.InvalidArgument, "missing parameter %s", "name") - } - - protoReq.Name, err = runtime.StringP(val) - - if err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "name", err) - } - - val, ok = pathParams["revision"] - if !ok { - return nil, metadata, status.Errorf(codes.InvalidArgument, "missing parameter %s", "revision") - } - - protoReq.Revision, err = runtime.StringP(val) - - if err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "revision", err) - } - - if err := req.ParseForm(); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ApplicationService_RevisionChartDetails_0); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - - msg, err := client.RevisionChartDetails(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD)) - return msg, metadata, err - -} - -func local_request_ApplicationService_RevisionChartDetails_0(ctx context.Context, marshaler runtime.Marshaler, server ApplicationServiceServer, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { - var protoReq RevisionMetadataQuery - var metadata runtime.ServerMetadata - - var ( - val string - ok bool - err error - _ = err - ) - - val, ok = pathParams["name"] - if !ok { - return nil, metadata, status.Errorf(codes.InvalidArgument, "missing parameter %s", "name") - } - - protoReq.Name, err = runtime.StringP(val) - - if err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "name", err) - } - - val, ok = pathParams["revision"] - if !ok { - return nil, metadata, status.Errorf(codes.InvalidArgument, "missing parameter %s", "revision") - } - - protoReq.Revision, err = runtime.StringP(val) - - if err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "revision", err) - } - - if err := req.ParseForm(); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ApplicationService_RevisionChartDetails_0); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - - msg, err := server.RevisionChartDetails(ctx, &protoReq) - return msg, metadata, err - -} - var ( filter_ApplicationService_GetManifests_0 = &utilities.DoubleArray{Encoding: map[string]int{"name": 0}, Base: []int{1, 1, 0}, Check: []int{0, 1, 2}} ) @@ -2179,29 +2085,6 @@ func RegisterApplicationServiceHandlerServer(ctx context.Context, mux *runtime.S }) - mux.Handle("GET", pattern_ApplicationService_RevisionChartDetails_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { - ctx, cancel := context.WithCancel(req.Context()) - defer cancel() - var stream runtime.ServerTransportStream - ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) - inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req) - if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) - return - } - resp, md, err := local_request_ApplicationService_RevisionChartDetails_0(rctx, inboundMarshaler, server, req, pathParams) - md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) - if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) - return - } - - forward_ApplicationService_RevisionChartDetails_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) - - }) - mux.Handle("GET", pattern_ApplicationService_GetManifests_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { ctx, cancel := context.WithCancel(req.Context()) defer cancel() @@ -2802,26 +2685,6 @@ func RegisterApplicationServiceHandlerClient(ctx context.Context, mux *runtime.S }) - mux.Handle("GET", pattern_ApplicationService_RevisionChartDetails_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { - ctx, cancel := context.WithCancel(req.Context()) - defer cancel() - inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req) - if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) - return - } - resp, md, err := request_ApplicationService_RevisionChartDetails_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) - if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) - return - } - - forward_ApplicationService_RevisionChartDetails_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) - - }) - mux.Handle("GET", pattern_ApplicationService_GetManifests_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { ctx, cancel := context.WithCancel(req.Context()) defer cancel() @@ -3260,8 +3123,6 @@ var ( pattern_ApplicationService_RevisionMetadata_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 1, 0, 4, 1, 5, 3, 2, 4, 1, 0, 4, 1, 5, 5, 2, 6}, []string{"api", "v1", "applications", "name", "revisions", "revision", "metadata"}, "", runtime.AssumeColonVerbOpt(true))) - pattern_ApplicationService_RevisionChartDetails_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 1, 0, 4, 1, 5, 3, 2, 4, 1, 0, 4, 1, 5, 5, 2, 6}, []string{"api", "v1", "applications", "name", "revisions", "revision", "chartdetails"}, "", runtime.AssumeColonVerbOpt(true))) - pattern_ApplicationService_GetManifests_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 1, 0, 4, 1, 5, 3, 2, 4}, []string{"api", "v1", "applications", "name", "manifests"}, "", runtime.AssumeColonVerbOpt(true))) pattern_ApplicationService_GetManifestsWithFiles_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 2, 3}, []string{"api", "v1", "applications", "manifestsWithFiles"}, "", runtime.AssumeColonVerbOpt(true))) @@ -3320,8 +3181,6 @@ var ( forward_ApplicationService_RevisionMetadata_0 = runtime.ForwardResponseMessage - forward_ApplicationService_RevisionChartDetails_0 = runtime.ForwardResponseMessage - forward_ApplicationService_GetManifests_0 = runtime.ForwardResponseMessage forward_ApplicationService_GetManifestsWithFiles_0 = runtime.ForwardResponseMessage diff --git a/pkg/apiclient/applicationset/applicationset.pb.go b/pkg/apiclient/applicationset/applicationset.pb.go index 8f717d1f6920f..f24e802789c2d 100644 --- a/pkg/apiclient/applicationset/applicationset.pb.go +++ b/pkg/apiclient/applicationset/applicationset.pb.go @@ -35,9 +35,7 @@ const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package // ApplicationSetGetQuery is a query for applicationset resources type ApplicationSetGetQuery struct { // the applicationsets's name - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // The application set namespace. Default empty is argocd control plane namespace - AppsetNamespace string `protobuf:"bytes,2,opt,name=appsetNamespace,proto3" json:"appsetNamespace,omitempty"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -83,20 +81,11 @@ func (m *ApplicationSetGetQuery) GetName() string { return "" } -func (m *ApplicationSetGetQuery) GetAppsetNamespace() string { - if m != nil { - return m.AppsetNamespace - } - return "" -} - type ApplicationSetListQuery struct { // the project names to restrict returned list applicationsets Projects []string `protobuf:"bytes,1,rep,name=projects,proto3" json:"projects,omitempty"` // the selector to restrict returned list to applications only with matched labels - Selector string `protobuf:"bytes,2,opt,name=selector,proto3" json:"selector,omitempty"` - // The application set namespace. Default empty is argocd control plane namespace - AppsetNamespace string `protobuf:"bytes,3,opt,name=appsetNamespace,proto3" json:"appsetNamespace,omitempty"` + Selector string `protobuf:"bytes,2,opt,name=selector,proto3" json:"selector,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -149,13 +138,6 @@ func (m *ApplicationSetListQuery) GetSelector() string { return "" } -func (m *ApplicationSetListQuery) GetAppsetNamespace() string { - if m != nil { - return m.AppsetNamespace - } - return "" -} - type ApplicationSetResponse struct { Project string `protobuf:"bytes,1,opt,name=project,proto3" json:"project,omitempty"` Applicationset *v1alpha1.ApplicationSet `protobuf:"bytes,2,opt,name=applicationset,proto3" json:"applicationset,omitempty"` @@ -267,9 +249,7 @@ func (m *ApplicationSetCreateRequest) GetUpsert() bool { } type ApplicationSetDeleteRequest struct { - Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` - // The application set namespace. Default empty is argocd control plane namespace - AppsetNamespace string `protobuf:"bytes,2,opt,name=appsetNamespace,proto3" json:"appsetNamespace,omitempty"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -315,13 +295,6 @@ func (m *ApplicationSetDeleteRequest) GetName() string { return "" } -func (m *ApplicationSetDeleteRequest) GetAppsetNamespace() string { - if m != nil { - return m.AppsetNamespace - } - return "" -} - func init() { proto.RegisterType((*ApplicationSetGetQuery)(nil), "applicationset.ApplicationSetGetQuery") proto.RegisterType((*ApplicationSetListQuery)(nil), "applicationset.ApplicationSetListQuery") @@ -335,40 +308,39 @@ func init() { } var fileDescriptor_eacb9df0ce5738fa = []byte{ - // 526 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x94, 0xdf, 0x8a, 0x13, 0x31, - 0x14, 0xc6, 0xc9, 0x76, 0xad, 0xbb, 0x11, 0x14, 0x02, 0xee, 0xd6, 0x51, 0x6a, 0x99, 0x8b, 0xb5, - 0xae, 0x98, 0xd0, 0x7a, 0xa7, 0x57, 0xfe, 0x81, 0x45, 0x28, 0xa2, 0xb3, 0xe0, 0x85, 0x5e, 0x48, - 0x76, 0x7a, 0x98, 0x1d, 0x77, 0x3a, 0x89, 0x49, 0x3a, 0x20, 0x8b, 0x37, 0x82, 0x4f, 0xe0, 0x13, - 0xa8, 0x37, 0x82, 0xb7, 0x3e, 0x84, 0x97, 0x82, 0x2f, 0x20, 0xc5, 0x07, 0x91, 0xc9, 0xcc, 0xb4, - 0x3b, 0xa1, 0xdb, 0x0a, 0x76, 0xef, 0x72, 0x26, 0x99, 0x73, 0x7e, 0xf9, 0xf2, 0x9d, 0x83, 0x77, - 0x35, 0xa8, 0x0c, 0x14, 0xe3, 0x52, 0x26, 0x71, 0xc8, 0x4d, 0x2c, 0x52, 0x0d, 0xc6, 0x09, 0xa9, - 0x54, 0xc2, 0x08, 0x72, 0xb1, 0xfe, 0xd5, 0xbb, 0x16, 0x09, 0x11, 0x25, 0xc0, 0xb8, 0x8c, 0x19, - 0x4f, 0x53, 0x61, 0x8a, 0x9d, 0xe2, 0xb4, 0x37, 0x88, 0x62, 0x73, 0x38, 0x3e, 0xa0, 0xa1, 0x18, - 0x31, 0xae, 0x22, 0x21, 0x95, 0x78, 0x6d, 0x17, 0xb7, 0xc3, 0x21, 0xcb, 0xfa, 0x4c, 0x1e, 0x45, - 0xf9, 0x9f, 0xfa, 0x64, 0x2d, 0x96, 0xf5, 0x78, 0x22, 0x0f, 0x79, 0x8f, 0x45, 0x90, 0x82, 0xe2, - 0x06, 0x86, 0x45, 0x36, 0xff, 0x39, 0xde, 0xba, 0x3f, 0x3b, 0xb7, 0x0f, 0x66, 0x0f, 0xcc, 0xb3, - 0x31, 0xa8, 0xb7, 0x84, 0xe0, 0xf5, 0x94, 0x8f, 0xa0, 0x85, 0x3a, 0xa8, 0xbb, 0x19, 0xd8, 0x35, - 0xe9, 0xe2, 0x4b, 0x5c, 0x4a, 0x0d, 0xe6, 0x09, 0x1f, 0x81, 0x96, 0x3c, 0x84, 0xd6, 0x9a, 0xdd, - 0x76, 0x3f, 0xfb, 0xc7, 0x78, 0xbb, 0x9e, 0x77, 0x10, 0xeb, 0x32, 0xb1, 0x87, 0x37, 0x72, 0x66, - 0x08, 0x8d, 0x6e, 0xa1, 0x4e, 0xa3, 0xbb, 0x19, 0x4c, 0xe3, 0x7c, 0x4f, 0x43, 0x02, 0xa1, 0x11, - 0xaa, 0xcc, 0x3c, 0x8d, 0xe7, 0x15, 0x6f, 0xcc, 0x2f, 0xfe, 0x15, 0xb9, 0xb7, 0x0a, 0x40, 0xcb, - 0x5c, 0x5c, 0xd2, 0xc2, 0xe7, 0xcb, 0x62, 0xe5, 0xc5, 0xaa, 0x90, 0x18, 0xec, 0xbc, 0x83, 0x05, - 0xb8, 0xd0, 0x1f, 0xd0, 0x99, 0xe0, 0xb4, 0x12, 0xdc, 0x2e, 0x5e, 0x85, 0x43, 0x9a, 0xf5, 0xa9, - 0x3c, 0x8a, 0x68, 0x2e, 0x38, 0x3d, 0xf1, 0x3b, 0xad, 0x04, 0xa7, 0x0e, 0x87, 0x53, 0xc3, 0xff, - 0x86, 0xf0, 0xd5, 0xfa, 0x91, 0x87, 0x0a, 0xb8, 0x81, 0x00, 0xde, 0x8c, 0x41, 0xcf, 0xa3, 0x42, - 0x67, 0x4f, 0x45, 0xb6, 0x70, 0x73, 0x2c, 0x35, 0xa8, 0x42, 0x83, 0x8d, 0xa0, 0x8c, 0xfc, 0x97, - 0x2e, 0xec, 0x23, 0x48, 0x60, 0x06, 0xfb, 0x5f, 0x96, 0xe9, 0x7f, 0x3a, 0x87, 0x2f, 0xd7, 0xb3, - 0xef, 0x83, 0xca, 0xe2, 0x10, 0xc8, 0x17, 0x84, 0x1b, 0x7b, 0x60, 0xc8, 0x0e, 0x75, 0xfa, 0x67, - 0xbe, 0x75, 0xbd, 0x95, 0x8a, 0xe3, 0xef, 0xbc, 0xff, 0xf5, 0xe7, 0xe3, 0x5a, 0x87, 0xb4, 0x6d, - 0x43, 0x66, 0x3d, 0xa7, 0x89, 0x35, 0x3b, 0xce, 0x2f, 0xfa, 0x8e, 0x7c, 0x46, 0x78, 0x3d, 0x77, - 0x39, 0xb9, 0xb1, 0x18, 0x73, 0xda, 0x09, 0xde, 0xd3, 0x55, 0x72, 0xe6, 0x69, 0xfd, 0xeb, 0x96, - 0xf5, 0x0a, 0xd9, 0x3e, 0x85, 0x95, 0x7c, 0x47, 0xb8, 0x59, 0x38, 0x8c, 0xdc, 0x5a, 0x8c, 0x59, - 0xf3, 0xe1, 0x8a, 0x25, 0x65, 0x16, 0xf3, 0xa6, 0x7f, 0x1a, 0xe6, 0x5d, 0xd7, 0x90, 0x1f, 0x10, - 0x6e, 0x16, 0x5e, 0x5b, 0x86, 0x5d, 0x73, 0xa4, 0xb7, 0xc4, 0x31, 0xd5, 0x58, 0xa8, 0xde, 0x78, - 0x77, 0xc9, 0x1b, 0x3f, 0x78, 0xfc, 0x63, 0xd2, 0x46, 0x3f, 0x27, 0x6d, 0xf4, 0x7b, 0xd2, 0x46, - 0x2f, 0xee, 0xfd, 0xdb, 0x28, 0x0e, 0x93, 0x18, 0x52, 0x77, 0xf6, 0x1f, 0x34, 0xed, 0x00, 0xbe, - 0xf3, 0x37, 0x00, 0x00, 0xff, 0xff, 0x96, 0x3f, 0x16, 0xa7, 0x2a, 0x06, 0x00, 0x00, + // 501 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x94, 0xcf, 0x6e, 0x13, 0x31, + 0x10, 0xc6, 0xe5, 0xb6, 0x84, 0xd6, 0x48, 0x1c, 0x2c, 0xd1, 0x86, 0x05, 0x85, 0x68, 0x0f, 0xa5, + 0x14, 0xb0, 0x95, 0x70, 0x83, 0x13, 0x7f, 0xa4, 0x0a, 0x29, 0x07, 0xba, 0xbd, 0x71, 0x41, 0xae, + 0x33, 0xda, 0x2e, 0xdd, 0xae, 0x8d, 0xed, 0xac, 0x84, 0x10, 0x17, 0x24, 0x9e, 0x80, 0x27, 0x00, + 0x2e, 0x48, 0x5c, 0x79, 0x08, 0x8e, 0x48, 0xbc, 0x00, 0x8a, 0x78, 0x10, 0x64, 0x6f, 0x36, 0xe9, + 0x5a, 0x69, 0xc3, 0x21, 0xbd, 0x79, 0xd6, 0xe3, 0xf1, 0x6f, 0x3f, 0x7f, 0x33, 0x78, 0xd7, 0x80, + 0x2e, 0x41, 0x33, 0xae, 0x54, 0x9e, 0x09, 0x6e, 0x33, 0x59, 0x18, 0xb0, 0x41, 0x48, 0x95, 0x96, + 0x56, 0x92, 0xab, 0xcd, 0xaf, 0xd1, 0xcd, 0x54, 0xca, 0x34, 0x07, 0xc6, 0x55, 0xc6, 0x78, 0x51, + 0x48, 0x5b, 0xed, 0x54, 0xd9, 0xd1, 0x20, 0xcd, 0xec, 0xd1, 0xe8, 0x90, 0x0a, 0x79, 0xc2, 0xb8, + 0x4e, 0xa5, 0xd2, 0xf2, 0xb5, 0x5f, 0xdc, 0x17, 0x43, 0x56, 0xf6, 0x99, 0x3a, 0x4e, 0xdd, 0x49, + 0x73, 0xfa, 0x2e, 0x56, 0xf6, 0x78, 0xae, 0x8e, 0x78, 0x8f, 0xa5, 0x50, 0x80, 0xe6, 0x16, 0x86, + 0x55, 0xb5, 0xf8, 0x1e, 0xde, 0x7c, 0x3c, 0xcb, 0x3b, 0x00, 0xbb, 0x07, 0x76, 0x7f, 0x04, 0xfa, + 0x2d, 0x21, 0x78, 0xad, 0xe0, 0x27, 0xd0, 0x46, 0x5d, 0xb4, 0xb3, 0x91, 0xf8, 0x75, 0xbc, 0x8f, + 0xb7, 0x9a, 0xd9, 0x83, 0xcc, 0x4c, 0xd2, 0x23, 0xbc, 0xee, 0x48, 0x40, 0x58, 0xd3, 0x46, 0xdd, + 0xd5, 0x9d, 0x8d, 0x64, 0x1a, 0xbb, 0x3d, 0x03, 0x39, 0x08, 0x2b, 0x75, 0x7b, 0xc5, 0x97, 0x9b, + 0xc6, 0xf1, 0x37, 0x14, 0x12, 0x24, 0x60, 0x94, 0x13, 0x82, 0xb4, 0xf1, 0xe5, 0x49, 0x89, 0x09, + 0x44, 0x1d, 0x12, 0x8b, 0x03, 0xcd, 0x7c, 0xd9, 0x2b, 0xfd, 0x01, 0x9d, 0x89, 0x43, 0x6b, 0x71, + 0xfc, 0xe2, 0x95, 0x18, 0xd2, 0xb2, 0x4f, 0xd5, 0x71, 0x4a, 0x9d, 0x38, 0xf4, 0xd4, 0x71, 0x5a, + 0x8b, 0x43, 0x03, 0x8e, 0xe0, 0x8e, 0xf8, 0x3b, 0xc2, 0x37, 0x9a, 0x29, 0x4f, 0x35, 0x70, 0x0b, + 0x09, 0xbc, 0x19, 0x81, 0x99, 0x47, 0x85, 0x2e, 0x9e, 0x8a, 0x6c, 0xe2, 0xd6, 0x48, 0x19, 0xd0, + 0x95, 0x06, 0xeb, 0xc9, 0x24, 0x8a, 0x7b, 0x21, 0xec, 0x33, 0xc8, 0x61, 0x06, 0x3b, 0xe7, 0x79, + 0xfb, 0x9f, 0x2f, 0xe1, 0x6b, 0xcd, 0x33, 0x07, 0xa0, 0xcb, 0x4c, 0x00, 0xf9, 0x8a, 0xf0, 0xea, + 0x1e, 0x58, 0xb2, 0x4d, 0x03, 0x07, 0xcf, 0x37, 0x4f, 0xb4, 0xd4, 0x5f, 0x8e, 0xb7, 0x3f, 0xfc, + 0xfe, 0xfb, 0x69, 0xa5, 0x4b, 0x3a, 0xbe, 0x25, 0xca, 0x5e, 0xd0, 0x46, 0x86, 0xbd, 0x73, 0xf8, + 0xef, 0xc9, 0x17, 0x84, 0xd7, 0x9c, 0x23, 0xc9, 0xed, 0xf3, 0x31, 0xa7, 0xae, 0x8d, 0x5e, 0x2c, + 0x93, 0xd3, 0x95, 0x8d, 0x6f, 0x79, 0xd6, 0xeb, 0x64, 0xeb, 0x0c, 0x56, 0xf2, 0x03, 0xe1, 0x56, + 0xe5, 0x1b, 0x72, 0xf7, 0x7c, 0xcc, 0x86, 0xbb, 0x96, 0x2c, 0x29, 0xf3, 0x98, 0x77, 0xe2, 0xb3, + 0x30, 0x1f, 0x86, 0x36, 0xfb, 0x88, 0x70, 0xab, 0x72, 0xd0, 0x22, 0xec, 0x86, 0xcf, 0xa2, 0x05, + 0x8e, 0xa9, 0x9b, 0xbd, 0x7e, 0xe3, 0xdd, 0x05, 0x6f, 0xfc, 0xe4, 0xf9, 0xcf, 0x71, 0x07, 0xfd, + 0x1a, 0x77, 0xd0, 0x9f, 0x71, 0x07, 0xbd, 0x7c, 0xf4, 0x7f, 0xc3, 0x50, 0xe4, 0x19, 0x14, 0xe1, + 0xf4, 0x3d, 0x6c, 0xf9, 0x11, 0xf8, 0xe0, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xb1, 0x22, 0xb1, + 0x96, 0xac, 0x05, 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -591,13 +563,6 @@ func (m *ApplicationSetGetQuery) MarshalToSizedBuffer(dAtA []byte) (int, error) i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if len(m.AppsetNamespace) > 0 { - i -= len(m.AppsetNamespace) - copy(dAtA[i:], m.AppsetNamespace) - i = encodeVarintApplicationset(dAtA, i, uint64(len(m.AppsetNamespace))) - i-- - dAtA[i] = 0x12 - } if len(m.Name) > 0 { i -= len(m.Name) copy(dAtA[i:], m.Name) @@ -632,13 +597,6 @@ func (m *ApplicationSetListQuery) MarshalToSizedBuffer(dAtA []byte) (int, error) i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if len(m.AppsetNamespace) > 0 { - i -= len(m.AppsetNamespace) - copy(dAtA[i:], m.AppsetNamespace) - i = encodeVarintApplicationset(dAtA, i, uint64(len(m.AppsetNamespace))) - i-- - dAtA[i] = 0x1a - } if len(m.Selector) > 0 { i -= len(m.Selector) copy(dAtA[i:], m.Selector) @@ -777,13 +735,6 @@ func (m *ApplicationSetDeleteRequest) MarshalToSizedBuffer(dAtA []byte) (int, er i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if len(m.AppsetNamespace) > 0 { - i -= len(m.AppsetNamespace) - copy(dAtA[i:], m.AppsetNamespace) - i = encodeVarintApplicationset(dAtA, i, uint64(len(m.AppsetNamespace))) - i-- - dAtA[i] = 0x12 - } if len(m.Name) > 0 { i -= len(m.Name) copy(dAtA[i:], m.Name) @@ -815,10 +766,6 @@ func (m *ApplicationSetGetQuery) Size() (n int) { if l > 0 { n += 1 + l + sovApplicationset(uint64(l)) } - l = len(m.AppsetNamespace) - if l > 0 { - n += 1 + l + sovApplicationset(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -841,10 +788,6 @@ func (m *ApplicationSetListQuery) Size() (n int) { if l > 0 { n += 1 + l + sovApplicationset(uint64(l)) } - l = len(m.AppsetNamespace) - if l > 0 { - n += 1 + l + sovApplicationset(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -900,10 +843,6 @@ func (m *ApplicationSetDeleteRequest) Size() (n int) { if l > 0 { n += 1 + l + sovApplicationset(uint64(l)) } - l = len(m.AppsetNamespace) - if l > 0 { - n += 1 + l + sovApplicationset(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -977,38 +916,6 @@ func (m *ApplicationSetGetQuery) Unmarshal(dAtA []byte) error { } m.Name = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AppsetNamespace", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplicationset - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplicationset - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplicationset - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AppsetNamespace = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplicationset(dAtA[iNdEx:]) @@ -1124,38 +1031,6 @@ func (m *ApplicationSetListQuery) Unmarshal(dAtA []byte) error { } m.Selector = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AppsetNamespace", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplicationset - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplicationset - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplicationset - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AppsetNamespace = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplicationset(dAtA[iNdEx:]) @@ -1465,38 +1340,6 @@ func (m *ApplicationSetDeleteRequest) Unmarshal(dAtA []byte) error { } m.Name = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AppsetNamespace", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowApplicationset - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthApplicationset - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthApplicationset - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AppsetNamespace = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipApplicationset(dAtA[iNdEx:]) diff --git a/pkg/apiclient/applicationset/applicationset.pb.gw.go b/pkg/apiclient/applicationset/applicationset.pb.gw.go index 5e4c73f7add3b..db537f548cb30 100644 --- a/pkg/apiclient/applicationset/applicationset.pb.gw.go +++ b/pkg/apiclient/applicationset/applicationset.pb.gw.go @@ -33,10 +33,6 @@ var _ = utilities.NewDoubleArray var _ = descriptor.ForMessage var _ = metadata.Join -var ( - filter_ApplicationSetService_Get_0 = &utilities.DoubleArray{Encoding: map[string]int{"name": 0}, Base: []int{1, 1, 0}, Check: []int{0, 1, 2}} -) - func request_ApplicationSetService_Get_0(ctx context.Context, marshaler runtime.Marshaler, client ApplicationSetServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { var protoReq ApplicationSetGetQuery var metadata runtime.ServerMetadata @@ -59,13 +55,6 @@ func request_ApplicationSetService_Get_0(ctx context.Context, marshaler runtime. return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "name", err) } - if err := req.ParseForm(); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ApplicationSetService_Get_0); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - msg, err := client.Get(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD)) return msg, metadata, err @@ -93,13 +82,6 @@ func local_request_ApplicationSetService_Get_0(ctx context.Context, marshaler ru return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "name", err) } - if err := req.ParseForm(); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ApplicationSetService_Get_0); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - msg, err := server.Get(ctx, &protoReq) return msg, metadata, err @@ -193,10 +175,6 @@ func local_request_ApplicationSetService_Create_0(ctx context.Context, marshaler } -var ( - filter_ApplicationSetService_Delete_0 = &utilities.DoubleArray{Encoding: map[string]int{"name": 0}, Base: []int{1, 1, 0}, Check: []int{0, 1, 2}} -) - func request_ApplicationSetService_Delete_0(ctx context.Context, marshaler runtime.Marshaler, client ApplicationSetServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { var protoReq ApplicationSetDeleteRequest var metadata runtime.ServerMetadata @@ -219,13 +197,6 @@ func request_ApplicationSetService_Delete_0(ctx context.Context, marshaler runti return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "name", err) } - if err := req.ParseForm(); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ApplicationSetService_Delete_0); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - msg, err := client.Delete(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD)) return msg, metadata, err @@ -253,13 +224,6 @@ func local_request_ApplicationSetService_Delete_0(ctx context.Context, marshaler return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "name", err) } - if err := req.ParseForm(); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ApplicationSetService_Delete_0); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - msg, err := server.Delete(ctx, &protoReq) return msg, metadata, err diff --git a/pkg/apiclient/settings/settings.pb.go b/pkg/apiclient/settings/settings.pb.go index be5d129f6834f..5fdb92a10f9f9 100644 --- a/pkg/apiclient/settings/settings.pb.go +++ b/pkg/apiclient/settings/settings.pb.go @@ -84,10 +84,9 @@ type Settings struct { GoogleAnalytics *GoogleAnalyticsConfig `protobuf:"bytes,7,opt,name=googleAnalytics,proto3" json:"googleAnalytics,omitempty"` KustomizeOptions *v1alpha1.KustomizeOptions `protobuf:"bytes,8,opt,name=kustomizeOptions,proto3" json:"kustomizeOptions,omitempty"` // Help settings - Help *Help `protobuf:"bytes,9,opt,name=help,proto3" json:"help,omitempty"` - Plugins []*Plugin `protobuf:"bytes,10,rep,name=plugins,proto3" json:"plugins,omitempty"` - UserLoginsDisabled bool `protobuf:"varint,11,opt,name=userLoginsDisabled,proto3" json:"userLoginsDisabled,omitempty"` - // Deprecated: use sidecar plugins instead. + Help *Help `protobuf:"bytes,9,opt,name=help,proto3" json:"help,omitempty"` + Plugins []*Plugin `protobuf:"bytes,10,rep,name=plugins,proto3" json:"plugins,omitempty"` + UserLoginsDisabled bool `protobuf:"varint,11,opt,name=userLoginsDisabled,proto3" json:"userLoginsDisabled,omitempty"` ConfigManagementPlugins []*v1alpha1.ConfigManagementPlugin `protobuf:"bytes,12,rep,name=configManagementPlugins,proto3" json:"configManagementPlugins,omitempty"` KustomizeVersions []string `protobuf:"bytes,13,rep,name=kustomizeVersions,proto3" json:"kustomizeVersions,omitempty"` UiCssURL string `protobuf:"bytes,14,opt,name=uiCssURL,proto3" json:"uiCssURL,omitempty"` diff --git a/pkg/apiclient/version/version.pb.go b/pkg/apiclient/version/version.pb.go index 0b58bf4a6cede..35474d63124ed 100644 --- a/pkg/apiclient/version/version.pb.go +++ b/pkg/apiclient/version/version.pb.go @@ -46,7 +46,6 @@ type VersionMessage struct { HelmVersion string `protobuf:"bytes,11,opt,name=HelmVersion,proto3" json:"HelmVersion,omitempty"` KubectlVersion string `protobuf:"bytes,12,opt,name=KubectlVersion,proto3" json:"KubectlVersion,omitempty"` JsonnetVersion string `protobuf:"bytes,13,opt,name=JsonnetVersion,proto3" json:"JsonnetVersion,omitempty"` - ExtraBuildInfo string `protobuf:"bytes,14,opt,name=ExtraBuildInfo,proto3" json:"ExtraBuildInfo,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -169,13 +168,6 @@ func (m *VersionMessage) GetJsonnetVersion() string { return "" } -func (m *VersionMessage) GetExtraBuildInfo() string { - if m != nil { - return m.ExtraBuildInfo - } - return "" -} - func init() { proto.RegisterType((*VersionMessage)(nil), "version.VersionMessage") } @@ -183,33 +175,32 @@ func init() { func init() { proto.RegisterFile("server/version/version.proto", fileDescriptor_8be80977d07a4107) } var fileDescriptor_8be80977d07a4107 = []byte{ - // 415 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x92, 0xd1, 0x6a, 0x14, 0x31, - 0x18, 0x85, 0x99, 0x56, 0x77, 0xdb, 0x74, 0x5d, 0x24, 0x48, 0x0d, 0xeb, 0xb2, 0x94, 0xbd, 0x10, - 0x11, 0x9c, 0x81, 0xea, 0x13, 0x6c, 0x2d, 0x55, 0x8b, 0x50, 0xac, 0x78, 0xe1, 0x5d, 0x66, 0xfa, - 0xef, 0x18, 0x9d, 0xe4, 0x1f, 0x32, 0xff, 0x2c, 0xea, 0xa5, 0xaf, 0xe0, 0xfb, 0x78, 0xed, 0xa5, - 0xe0, 0x0b, 0xc8, 0xe2, 0x83, 0x48, 0x92, 0xc9, 0xe8, 0xd8, 0xab, 0xcd, 0x39, 0xe7, 0xdb, 0x43, - 0x98, 0x13, 0x36, 0x6f, 0xc0, 0x6e, 0xc0, 0x66, 0x1b, 0xb0, 0x8d, 0x42, 0x13, 0x7f, 0xd3, 0xda, - 0x22, 0x21, 0x1f, 0x77, 0x72, 0x36, 0x2f, 0x11, 0xcb, 0x0a, 0x32, 0x59, 0xab, 0x4c, 0x1a, 0x83, - 0x24, 0x49, 0xa1, 0x69, 0x02, 0x36, 0xbb, 0xd7, 0xa5, 0x5e, 0xe5, 0xed, 0x3a, 0x03, 0x5d, 0xd3, - 0xa7, 0x10, 0x2e, 0xbf, 0xed, 0xb2, 0xe9, 0x9b, 0x50, 0xf3, 0x12, 0x9a, 0x46, 0x96, 0xc0, 0x05, - 0x1b, 0x77, 0x8e, 0x48, 0x8e, 0x92, 0x07, 0xfb, 0xaf, 0xa2, 0xe4, 0x73, 0xb6, 0xbf, 0x6a, 0x55, - 0x75, 0xf5, 0x54, 0x12, 0x88, 0x1d, 0x9f, 0xfd, 0x35, 0x5c, 0x7a, 0xa6, 0xe8, 0x04, 0xb5, 0x56, - 0x24, 0x76, 0x43, 0xda, 0x1b, 0xfc, 0x90, 0x8d, 0xce, 0x14, 0xbd, 0x96, 0xa5, 0xb8, 0xe1, 0xa3, - 0x4e, 0xf1, 0x25, 0x9b, 0xb8, 0x93, 0x05, 0xb8, 0x24, 0x57, 0x7b, 0xd3, 0xa7, 0x03, 0xcf, 0x37, - 0x63, 0xbc, 0xd3, 0xa8, 0x6b, 0x8e, 0x06, 0x9f, 0xb1, 0xbd, 0x13, 0xd4, 0xb5, 0xaa, 0xc0, 0x8a, - 0xb1, 0x0f, 0x7b, 0xed, 0xb2, 0x8b, 0x4a, 0xd2, 0x1a, 0xad, 0x16, 0x7b, 0x21, 0x8b, 0x9a, 0x3f, - 0x64, 0xb7, 0xcf, 0xdb, 0x86, 0x50, 0xab, 0xcf, 0x10, 0xcb, 0x99, 0x67, 0xae, 0xf9, 0xfc, 0x88, - 0x1d, 0x3c, 0x83, 0x4a, 0x47, 0xec, 0xc0, 0x63, 0xff, 0x5a, 0xfc, 0x3e, 0x9b, 0x9e, 0xb7, 0x39, - 0x14, 0x54, 0x45, 0x68, 0xe2, 0xa1, 0xff, 0x5c, 0xc7, 0xbd, 0x68, 0xd0, 0x18, 0xa0, 0xc8, 0xdd, - 0x0a, 0xdc, 0xd0, 0x75, 0xdc, 0xe9, 0x47, 0xb2, 0xd2, 0x7f, 0xdf, 0xe7, 0x66, 0x8d, 0x62, 0x1a, - 0xb8, 0xa1, 0x7b, 0x9c, 0xf7, 0xfb, 0x5d, 0x82, 0xdd, 0xa8, 0x02, 0xf8, 0x45, 0xbf, 0x1f, 0x3f, - 0x4c, 0xc3, 0xf6, 0x69, 0xdc, 0x3e, 0x3d, 0x75, 0xdb, 0xcf, 0xee, 0xa6, 0xf1, 0x25, 0x0d, 0xb7, - 0x5f, 0xde, 0xf9, 0xf2, 0xf3, 0xf7, 0xd7, 0x9d, 0x29, 0x9f, 0xf8, 0xb7, 0xd4, 0x41, 0xab, 0xd5, - 0xf7, 0xed, 0x22, 0xf9, 0xb1, 0x5d, 0x24, 0xbf, 0xb6, 0x8b, 0xe4, 0xed, 0x93, 0x52, 0xd1, 0xbb, - 0x36, 0x4f, 0x0b, 0xd4, 0x99, 0xb4, 0x25, 0xd6, 0x16, 0xdf, 0xfb, 0xc3, 0xa3, 0xe2, 0x2a, 0xdb, - 0x1c, 0x67, 0xf5, 0x87, 0xd2, 0xfd, 0xbb, 0xa8, 0x14, 0x18, 0x8a, 0x1d, 0xf9, 0xc8, 0x5f, 0xe1, - 0xf1, 0x9f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xd2, 0x21, 0xc0, 0xd1, 0xd3, 0x02, 0x00, 0x00, + // 399 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x92, 0xdf, 0x6a, 0xdb, 0x30, + 0x18, 0xc5, 0x71, 0xb2, 0xe5, 0x8f, 0x92, 0x85, 0x21, 0x46, 0x66, 0xbc, 0x10, 0x42, 0x2e, 0xc6, + 0x18, 0xcc, 0x86, 0x6c, 0x4f, 0x90, 0x6c, 0x64, 0x2c, 0x0c, 0xc2, 0x32, 0x7a, 0xd1, 0x3b, 0xd9, + 0xf9, 0xe2, 0xaa, 0xb5, 0xfc, 0x19, 0x59, 0x36, 0xb4, 0x97, 0x7d, 0x85, 0x42, 0x9f, 0xa9, 0x97, + 0x85, 0xbe, 0x40, 0x09, 0x7d, 0x90, 0x62, 0xd9, 0x72, 0x9b, 0xf6, 0xca, 0x3a, 0xe7, 0xfc, 0x7c, + 0x10, 0x1c, 0x91, 0x51, 0x0a, 0x32, 0x07, 0xe9, 0xe5, 0x20, 0x53, 0x8e, 0xb1, 0xf9, 0xba, 0x89, + 0x44, 0x85, 0xb4, 0x5d, 0x49, 0x67, 0x14, 0x22, 0x86, 0x11, 0x78, 0x2c, 0xe1, 0x1e, 0x8b, 0x63, + 0x54, 0x4c, 0x71, 0x8c, 0xd3, 0x12, 0x73, 0x3e, 0x55, 0xa9, 0x56, 0x7e, 0xb6, 0xf3, 0x40, 0x24, + 0xea, 0xbc, 0x0c, 0xa7, 0xd7, 0x4d, 0x32, 0x38, 0x2a, 0x6b, 0xfe, 0x42, 0x9a, 0xb2, 0x10, 0xa8, + 0x4d, 0xda, 0x95, 0x63, 0x5b, 0x13, 0xeb, 0x4b, 0xf7, 0x9f, 0x91, 0x74, 0x44, 0xba, 0xf3, 0x8c, + 0x47, 0xdb, 0x9f, 0x4c, 0x81, 0xdd, 0xd0, 0xd9, 0x93, 0x51, 0xa4, 0x4b, 0xae, 0x16, 0x28, 0x04, + 0x57, 0x76, 0xb3, 0x4c, 0x6b, 0x83, 0x0e, 0x49, 0x6b, 0xc9, 0xd5, 0x7f, 0x16, 0xda, 0x6f, 0x74, + 0x54, 0x29, 0x3a, 0x25, 0xfd, 0xe2, 0x24, 0x01, 0x36, 0xaa, 0xa8, 0x7d, 0xab, 0xd3, 0x03, 0x4f, + 0x37, 0xa3, 0xb9, 0x53, 0xab, 0x6a, 0x36, 0x06, 0x75, 0x48, 0x67, 0x81, 0x22, 0xe1, 0x11, 0x48, + 0xbb, 0xad, 0xc3, 0x5a, 0x17, 0xd9, 0x3a, 0x62, 0x6a, 0x87, 0x52, 0xd8, 0x9d, 0x32, 0x33, 0x9a, + 0x7e, 0x25, 0xef, 0x57, 0x59, 0xaa, 0x50, 0xf0, 0x0b, 0x30, 0xe5, 0x44, 0x33, 0xaf, 0x7c, 0x3a, + 0x21, 0xbd, 0xdf, 0x10, 0x09, 0x83, 0xf5, 0x34, 0xf6, 0xdc, 0xa2, 0x9f, 0xc9, 0x60, 0x95, 0xf9, + 0x10, 0xa8, 0xc8, 0x40, 0x7d, 0x0d, 0xbd, 0x70, 0x0b, 0xee, 0x4f, 0x8a, 0x71, 0x0c, 0xca, 0x70, + 0xef, 0x4a, 0xee, 0xd0, 0x9d, 0xf9, 0xf5, 0x2e, 0x1b, 0x90, 0x39, 0x0f, 0x80, 0xae, 0xeb, 0x5d, + 0xe8, 0xd0, 0x2d, 0x37, 0x75, 0xcd, 0xa6, 0xee, 0xaf, 0x62, 0x53, 0xe7, 0xa3, 0x6b, 0x5e, 0xc8, + 0xe1, 0xa6, 0xd3, 0x0f, 0x97, 0x77, 0x0f, 0x57, 0x8d, 0x01, 0xed, 0xeb, 0x37, 0x52, 0x41, 0xf3, + 0xf9, 0xcd, 0x7e, 0x6c, 0xdd, 0xee, 0xc7, 0xd6, 0xfd, 0x7e, 0x6c, 0x1d, 0xff, 0x08, 0xb9, 0x3a, + 0xc9, 0x7c, 0x37, 0x40, 0xe1, 0x31, 0x19, 0x62, 0x22, 0xf1, 0x54, 0x1f, 0xbe, 0x05, 0x5b, 0x2f, + 0x9f, 0x79, 0xc9, 0x59, 0x58, 0xfc, 0x1d, 0x44, 0x1c, 0x62, 0x65, 0x3a, 0xfc, 0x96, 0xbe, 0xc2, + 0xf7, 0xc7, 0x00, 0x00, 0x00, 0xff, 0xff, 0x9e, 0x97, 0xec, 0x06, 0xab, 0x02, 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -318,13 +309,6 @@ func (m *VersionMessage) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if len(m.ExtraBuildInfo) > 0 { - i -= len(m.ExtraBuildInfo) - copy(dAtA[i:], m.ExtraBuildInfo) - i = encodeVarintVersion(dAtA, i, uint64(len(m.ExtraBuildInfo))) - i-- - dAtA[i] = 0x72 - } if len(m.JsonnetVersion) > 0 { i -= len(m.JsonnetVersion) copy(dAtA[i:], m.JsonnetVersion) @@ -477,10 +461,6 @@ func (m *VersionMessage) Size() (n int) { if l > 0 { n += 1 + l + sovVersion(uint64(l)) } - l = len(m.ExtraBuildInfo) - if l > 0 { - n += 1 + l + sovVersion(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -906,38 +886,6 @@ func (m *VersionMessage) Unmarshal(dAtA []byte) error { } m.JsonnetVersion = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 14: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ExtraBuildInfo", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowVersion - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthVersion - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthVersion - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ExtraBuildInfo = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipVersion(dAtA[iNdEx:]) diff --git a/pkg/apis/api-rules/violation_exceptions.list b/pkg/apis/api-rules/violation_exceptions.list index a0e70f14d4d6c..43dd3de01b1d7 100644 --- a/pkg/apis/api-rules/violation_exceptions.list +++ b/pkg/apis/api-rules/violation_exceptions.list @@ -12,7 +12,6 @@ API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/ap API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSetRolloutStep,MatchExpressions API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSetRolloutStrategy,Steps API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSetSpec,Generators -API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSetSpec,GoTemplateOptions API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSetStatus,ApplicationStatus API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSetStatus,Conditions API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSetTemplateMeta,Finalizers @@ -22,6 +21,7 @@ API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/ap API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,ExtVars API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,Libs API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,TLAs +API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSpec,IgnoreDifferences API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationSpec,Info API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationStatus,Conditions API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationStatus,Resources @@ -31,7 +31,6 @@ API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/ap API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationTree,Hosts API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationTree,Nodes API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ApplicationTree,OrphanedNodes -API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ChartDetails,Maintainers API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,Cluster,Namespaces API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ClusterInfo,APIVersions API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,Command,Args @@ -57,7 +56,6 @@ API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/ap API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ProjectRole,JWTTokens API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ProjectRole,Policies API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,PullRequestGenerator,Filters -API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,PullRequestGeneratorAzureDevOps,Labels API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,PullRequestGeneratorGitLab,Labels API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,PullRequestGeneratorGithub,Labels API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,RepositoryCertificate,CertData @@ -76,7 +74,6 @@ API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/ap API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,RevisionHistory,Revisions API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,RevisionMetadata,Tags API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,SCMProviderGenerator,Filters -API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,SCMProviderGeneratorAWSCodeCommit,TagFilters API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,SCMProviderGeneratorFilter,PathsDoNotExist API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,SCMProviderGeneratorFilter,PathsExist API rule violation: list_type_missing,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,SyncOperation,Manifests @@ -100,7 +97,6 @@ API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/applicat API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,JWTToken,IssuedAt API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,KustomizeOptions,BinaryPath API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,KustomizeOptions,BuildOptions -API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,PullRequestGenerator,AzureDevOps API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,PullRequestGenerator,GitLab API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,RefTarget,Chart API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,RefTarget,Repo @@ -117,7 +113,6 @@ API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/applicat API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ResourceOverride,Actions API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ResourceOverride,HealthLua API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ResourceOverride,IgnoreDifferences -API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ResourceOverride,IgnoreResourceUpdates API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ResourceOverride,KnownTypeFields API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,ResourceOverride,UseOpenLibs API rule violation: names_match,github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1,objectMeta,Name diff --git a/pkg/apis/application/v1alpha1/applicationset_types.go b/pkg/apis/application/v1alpha1/applicationset_types.go index 8d1395be69c46..ea4e99f2af27a 100644 --- a/pkg/apis/application/v1alpha1/applicationset_types.go +++ b/pkg/apis/application/v1alpha1/applicationset_types.go @@ -22,7 +22,6 @@ import ( "sort" "github.com/argoproj/argo-cd/v2/common" - "github.com/argoproj/argo-cd/v2/util/security" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -49,21 +48,18 @@ type ApplicationSet struct { } // RBACName formats fully qualified application name for RBAC check. -func (a *ApplicationSet) RBACName(defaultNS string) string { - return security.RBACName(defaultNS, a.Spec.Template.Spec.GetProject(), a.Namespace, a.Name) +func (a *ApplicationSet) RBACName() string { + return fmt.Sprintf("%s/%s", a.Spec.Template.Spec.GetProject(), a.ObjectMeta.Name) } // ApplicationSetSpec represents a class of application set state. type ApplicationSetSpec struct { - GoTemplate bool `json:"goTemplate,omitempty" protobuf:"bytes,1,name=goTemplate"` - Generators []ApplicationSetGenerator `json:"generators" protobuf:"bytes,2,name=generators"` - Template ApplicationSetTemplate `json:"template" protobuf:"bytes,3,name=template"` - SyncPolicy *ApplicationSetSyncPolicy `json:"syncPolicy,omitempty" protobuf:"bytes,4,name=syncPolicy"` - Strategy *ApplicationSetStrategy `json:"strategy,omitempty" protobuf:"bytes,5,opt,name=strategy"` - PreservedFields *ApplicationPreservedFields `json:"preservedFields,omitempty" protobuf:"bytes,6,opt,name=preservedFields"` - GoTemplateOptions []string `json:"goTemplateOptions,omitempty" protobuf:"bytes,7,opt,name=goTemplateOptions"` - // ApplyNestedSelectors enables selectors defined within the generators of two level-nested matrix or merge generators - ApplyNestedSelectors bool `json:"applyNestedSelectors,omitempty" protobuf:"bytes,8,name=applyNestedSelectors"` + GoTemplate bool `json:"goTemplate,omitempty" protobuf:"bytes,1,name=goTemplate"` + Generators []ApplicationSetGenerator `json:"generators" protobuf:"bytes,2,name=generators"` + Template ApplicationSetTemplate `json:"template" protobuf:"bytes,3,name=template"` + SyncPolicy *ApplicationSetSyncPolicy `json:"syncPolicy,omitempty" protobuf:"bytes,4,name=syncPolicy"` + Strategy *ApplicationSetStrategy `json:"strategy,omitempty" protobuf:"bytes,5,opt,name=strategy"` + PreservedFields *ApplicationPreservedFields `json:"preservedFields,omitempty" protobuf:"bytes,6,opt,name=preservedFields"` } type ApplicationPreservedFields struct { @@ -91,39 +87,11 @@ type ApplicationMatchExpression struct { Values []string `json:"values,omitempty" protobuf:"bytes,3,opt,name=values"` } -// ApplicationsSyncPolicy representation -// "create-only" means applications are only created. If the generator's result contains update, applications won't be updated -// "create-update" means applications are only created/Updated. If the generator's result contains update, applications will be updated, but not deleted -// "create-delete" means applications are only created/deleted. If the generator's result contains update, applications won't be updated, if it results in deleted applications, the applications will be deleted -// "sync" means create/update/deleted. If the generator's result contains update, applications will be updated, if it results in deleted applications, the applications will be deleted -// If no ApplicationsSyncPolicy is defined, it defaults it to sync -type ApplicationsSyncPolicy string - -// sync / create-only / create-update / create-delete -const ( - ApplicationsSyncPolicyCreateOnly ApplicationsSyncPolicy = "create-only" - ApplicationsSyncPolicyCreateUpdate ApplicationsSyncPolicy = "create-update" - ApplicationsSyncPolicyCreateDelete ApplicationsSyncPolicy = "create-delete" - ApplicationsSyncPolicySync ApplicationsSyncPolicy = "sync" -) - -func (s ApplicationsSyncPolicy) AllowUpdate() bool { - return s == ApplicationsSyncPolicyCreateUpdate || s == ApplicationsSyncPolicySync -} - -func (s ApplicationsSyncPolicy) AllowDelete() bool { - return s == ApplicationsSyncPolicySync || s == ApplicationsSyncPolicyCreateDelete -} - // ApplicationSetSyncPolicy configures how generated Applications will relate to their // ApplicationSet. type ApplicationSetSyncPolicy struct { // PreserveResourcesOnDeletion will preserve resources on deletion. If PreserveResourcesOnDeletion is set to true, these Applications will not be deleted. PreserveResourcesOnDeletion bool `json:"preserveResourcesOnDeletion,omitempty" protobuf:"bytes,1,name=syncPolicy"` - // ApplicationsSync represents the policy applied on the generated applications. Possible values are create-only, create-update, create-delete, sync - // +kubebuilder:validation:Optional - // +kubebuilder:validation:Enum=create-only;create-update;create-delete;sync - ApplicationsSync *ApplicationsSyncPolicy `json:"applicationsSync,omitempty" protobuf:"bytes,2,opt,name=applicationsSync,casttype=ApplicationsSyncPolicy"` } // ApplicationSetTemplate represents argocd ApplicationSpec @@ -155,8 +123,6 @@ type ApplicationSetGenerator struct { // Selector allows to post-filter all generator. Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,9,name=selector"` - - Plugin *PluginGenerator `json:"plugin,omitempty" protobuf:"bytes,10,name=plugin"` } // ApplicationSetNestedGenerator represents a generator nested within a combination-type generator (MatrixGenerator or @@ -177,8 +143,6 @@ type ApplicationSetNestedGenerator struct { // Selector allows to post-filter all generator. Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,9,name=selector"` - - Plugin *PluginGenerator `json:"plugin,omitempty" protobuf:"bytes,10,name=plugin"` } type ApplicationSetNestedGenerators []ApplicationSetNestedGenerator @@ -194,10 +158,6 @@ type ApplicationSetTerminalGenerator struct { SCMProvider *SCMProviderGenerator `json:"scmProvider,omitempty" protobuf:"bytes,4,name=scmProvider"` ClusterDecisionResource *DuckTypeGenerator `json:"clusterDecisionResource,omitempty" protobuf:"bytes,5,name=clusterDecisionResource"` PullRequest *PullRequestGenerator `json:"pullRequest,omitempty" protobuf:"bytes,6,name=pullRequest"` - Plugin *PluginGenerator `json:"plugin,omitempty" protobuf:"bytes,7,name=pullRequest"` - - // Selector allows to post-filter all generator. - Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,8,name=selector"` } type ApplicationSetTerminalGenerators []ApplicationSetTerminalGenerator @@ -215,8 +175,6 @@ func (g ApplicationSetTerminalGenerators) toApplicationSetNestedGenerators() []A SCMProvider: terminalGenerator.SCMProvider, ClusterDecisionResource: terminalGenerator.ClusterDecisionResource, PullRequest: terminalGenerator.PullRequest, - Plugin: terminalGenerator.Plugin, - Selector: terminalGenerator.Selector, } } return nestedGenerators @@ -362,9 +320,6 @@ type GitGenerator struct { RequeueAfterSeconds *int64 `json:"requeueAfterSeconds,omitempty" protobuf:"bytes,5,name=requeueAfterSeconds"` Template ApplicationSetTemplate `json:"template,omitempty" protobuf:"bytes,6,name=template"` PathParamPrefix string `json:"pathParamPrefix,omitempty" protobuf:"bytes,7,name=pathParamPrefix"` - - // Values contains key/value pairs which are passed directly as parameters to the template - Values map[string]string `json:"values,omitempty" protobuf:"bytes,8,name=values"` } type GitDirectoryGeneratorItem struct { @@ -393,10 +348,6 @@ type SCMProviderGenerator struct { // Standard parameters. RequeueAfterSeconds *int64 `json:"requeueAfterSeconds,omitempty" protobuf:"varint,9,opt,name=requeueAfterSeconds"` Template ApplicationSetTemplate `json:"template,omitempty" protobuf:"bytes,10,opt,name=template"` - - // Values contains key/value pairs which are passed directly as parameters to the template - Values map[string]string `json:"values,omitempty" protobuf:"bytes,11,name=values"` - AWSCodeCommit *SCMProviderGeneratorAWSCodeCommit `json:"awsCodeCommit,omitempty" protobuf:"bytes,12,opt,name=awsCodeCommit"` } // SCMProviderGeneratorGitea defines a connection info specific to Gitea. @@ -439,16 +390,6 @@ type SCMProviderGeneratorGitlab struct { TokenRef *SecretRef `json:"tokenRef,omitempty" protobuf:"bytes,4,opt,name=tokenRef"` // Scan all branches instead of just the default branch. AllBranches bool `json:"allBranches,omitempty" protobuf:"varint,5,opt,name=allBranches"` - // Skips validating the SCM provider's TLS certificate - useful for self-signed certificates.; default: false - Insecure bool `json:"insecure,omitempty" protobuf:"varint,6,opt,name=insecure"` - // When recursing through subgroups, also include shared Projects (true) or scan only the subgroups under same path (false). Defaults to "true" - IncludeSharedProjects *bool `json:"includeSharedProjects,omitempty" protobuf:"varint,7,opt,name=includeSharedProjects"` - // Filter repos list based on Gitlab Topic. - Topic string `json:"topic,omitempty" protobuf:"bytes,8,opt,name=topic"` -} - -func (s *SCMProviderGeneratorGitlab) WillIncludeSharedProjects() bool { - return s.IncludeSharedProjects == nil || *s.IncludeSharedProjects } // SCMProviderGeneratorBitbucket defines connection info specific to Bitbucket Cloud (API version 2). @@ -489,25 +430,6 @@ type SCMProviderGeneratorAzureDevOps struct { AllBranches bool `json:"allBranches,omitempty" protobuf:"varint,9,opt,name=allBranches"` } -type TagFilter struct { - Key string `json:"key" protobuf:"bytes,1,opt,name=key"` - Value string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"` -} - -// SCMProviderGeneratorAWSCodeCommit defines connection info specific to AWS CodeCommit. -type SCMProviderGeneratorAWSCodeCommit struct { - // TagFilters provides the tag filter(s) for repo discovery - TagFilters []*TagFilter `json:"tagFilters,omitempty" protobuf:"bytes,1,opt,name=tagFilters"` - // Role provides the AWS IAM role to assume, for cross-account repo discovery - // if not provided, AppSet controller will use its pod/node identity to discover. - Role string `json:"role,omitempty" protobuf:"bytes,2,opt,name=role"` - // Region provides the AWS region to discover repos. - // if not provided, AppSet controller will infer the current region from environment. - Region string `json:"region,omitempty" protobuf:"bytes,3,opt,name=region"` - // Scan all branches instead of just the default branch. - AllBranches bool `json:"allBranches,omitempty" protobuf:"varint,4,opt,name=allBranches"` -} - // SCMProviderGeneratorFilter is a single repository filter. // If multiple filter types are set on a single struct, they will be AND'd together. All filters must // pass for a repo to be included. @@ -534,14 +456,11 @@ type PullRequestGenerator struct { // Filters for which pull requests should be considered. Filters []PullRequestGeneratorFilter `json:"filters,omitempty" protobuf:"bytes,5,rep,name=filters"` // Standard parameters. - RequeueAfterSeconds *int64 `json:"requeueAfterSeconds,omitempty" protobuf:"varint,6,opt,name=requeueAfterSeconds"` - Template ApplicationSetTemplate `json:"template,omitempty" protobuf:"bytes,7,opt,name=template"` - Bitbucket *PullRequestGeneratorBitbucket `json:"bitbucket,omitempty" protobuf:"bytes,8,opt,name=bitbucket"` - // Additional provider to use and config for it. - AzureDevOps *PullRequestGeneratorAzureDevOps `json:"azuredevops,omitempty" protobuf:"bytes,9,opt,name=azuredevops"` + RequeueAfterSeconds *int64 `json:"requeueAfterSeconds,omitempty" protobuf:"varint,6,opt,name=requeueAfterSeconds"` + Template ApplicationSetTemplate `json:"template,omitempty" protobuf:"bytes,7,opt,name=template"` } -// PullRequestGeneratorGitea defines connection info specific to Gitea. +// PullRequestGenerator defines connection info specific to Gitea. type PullRequestGeneratorGitea struct { // Gitea org or user to scan. Required. Owner string `json:"owner" protobuf:"bytes,1,opt,name=owner"` @@ -555,22 +474,6 @@ type PullRequestGeneratorGitea struct { Insecure bool `json:"insecure,omitempty" protobuf:"varint,5,opt,name=insecure"` } -// PullRequestGeneratorAzureDevOps defines connection info specific to AzureDevOps. -type PullRequestGeneratorAzureDevOps struct { - // Azure DevOps org to scan. Required. - Organization string `json:"organization" protobuf:"bytes,1,opt,name=organization"` - // Azure DevOps project name to scan. Required. - Project string `json:"project" protobuf:"bytes,2,opt,name=project"` - // Azure DevOps repo name to scan. Required. - Repo string `json:"repo" protobuf:"bytes,3,opt,name=repo"` - // The Azure DevOps API URL to talk to. If blank, use https://dev.azure.com/. - API string `json:"api,omitempty" protobuf:"bytes,4,opt,name=api"` - // Authentication token reference. - TokenRef *SecretRef `json:"tokenRef,omitempty" protobuf:"bytes,5,opt,name=tokenRef"` - // Labels is used to filter the PRs that you want to target - Labels []string `json:"labels,omitempty" protobuf:"bytes,6,rep,name=labels"` -} - // PullRequestGenerator defines connection info specific to GitHub. type PullRequestGeneratorGithub struct { // GitHub org or user to scan. Required. @@ -599,11 +502,9 @@ type PullRequestGeneratorGitLab struct { Labels []string `json:"labels,omitempty" protobuf:"bytes,4,rep,name=labels"` // PullRequestState is an additional MRs filter to get only those with a certain state. Default: "" (all states) PullRequestState string `json:"pullRequestState,omitempty" protobuf:"bytes,5,rep,name=pullRequestState"` - // Skips validating the SCM provider's TLS certificate - useful for self-signed certificates.; default: false - Insecure bool `json:"insecure,omitempty" protobuf:"varint,6,opt,name=insecure"` } -// PullRequestGeneratorBitbucketServer defines connection info specific to BitbucketServer. +// PullRequestGenerator defines connection info specific to BitbucketServer. type PullRequestGeneratorBitbucketServer struct { // Project to scan. Required. Project string `json:"project" protobuf:"bytes,1,opt,name=project"` @@ -615,26 +516,6 @@ type PullRequestGeneratorBitbucketServer struct { BasicAuth *BasicAuthBitbucketServer `json:"basicAuth,omitempty" protobuf:"bytes,4,opt,name=basicAuth"` } -// PullRequestGeneratorBitbucket defines connection info specific to Bitbucket. -type PullRequestGeneratorBitbucket struct { - // Workspace to scan. Required. - Owner string `json:"owner" protobuf:"bytes,1,opt,name=owner"` - // Repo name to scan. Required. - Repo string `json:"repo" protobuf:"bytes,2,opt,name=repo"` - // The Bitbucket REST API URL to talk to. If blank, uses https://api.bitbucket.org/2.0. - API string `json:"api,omitempty" protobuf:"bytes,3,opt,name=api"` - // Credentials for Basic auth - BasicAuth *BasicAuthBitbucketServer `json:"basicAuth,omitempty" protobuf:"bytes,4,opt,name=basicAuth"` - // Credentials for AppToken (Bearer auth) - BearerToken *BearerTokenBitbucketCloud `json:"bearerToken,omitempty" protobuf:"bytes,5,opt,name=bearerToken"` -} - -// BearerTokenBitbucketCloud defines the Bearer token for BitBucket AppToken auth. -type BearerTokenBitbucketCloud struct { - // Password (or personal access token) reference. - TokenRef *SecretRef `json:"tokenRef" protobuf:"bytes,1,opt,name=tokenRef"` -} - // BasicAuthBitbucketServer defines the username/(password or personal access token) for Basic auth. type BasicAuthBitbucketServer struct { // Username for Basic auth @@ -647,34 +528,7 @@ type BasicAuthBitbucketServer struct { // If multiple filter types are set on a single struct, they will be AND'd together. All filters must // pass for a pull request to be included. type PullRequestGeneratorFilter struct { - BranchMatch *string `json:"branchMatch,omitempty" protobuf:"bytes,1,opt,name=branchMatch"` - TargetBranchMatch *string `json:"targetBranchMatch,omitempty" protobuf:"bytes,2,opt,name=targetBranchMatch"` -} - -type PluginConfigMapRef struct { - // Name of the ConfigMap - Name string `json:"name" protobuf:"bytes,1,opt,name=name"` -} - -type PluginParameters map[string]apiextensionsv1.JSON - -type PluginInput struct { - // Parameters contains the information to pass to the plugin. It is a map. The keys must be strings, and the - // values can be any type. - Parameters PluginParameters `json:"parameters,omitempty" protobuf:"bytes,1,name=parameters"` -} - -// PluginGenerator defines connection info specific to Plugin. -type PluginGenerator struct { - ConfigMapRef PluginConfigMapRef `json:"configMapRef" protobuf:"bytes,1,name=configMapRef"` - Input PluginInput `json:"input,omitempty" protobuf:"bytes,2,name=input"` - // RequeueAfterSeconds determines how long the ApplicationSet controller will wait before reconciling the ApplicationSet again. - RequeueAfterSeconds *int64 `json:"requeueAfterSeconds,omitempty" protobuf:"varint,3,opt,name=requeueAfterSeconds"` - Template ApplicationSetTemplate `json:"template,omitempty" protobuf:"bytes,4,name=template"` - - // Values contains key/value pairs which are passed directly as parameters to the template. These values will not be - // sent as parameters to the plugin. - Values map[string]string `json:"values,omitempty" protobuf:"bytes,5,name=values"` + BranchMatch *string `json:"branchMatch,omitempty" protobuf:"bytes,1,opt,name=branchMatch"` } // ApplicationSetStatus defines the observed state of ApplicationSet @@ -827,14 +681,3 @@ func (status *ApplicationSetStatus) SetApplicationStatus(newStatus ApplicationSe } status.ApplicationStatus = append(status.ApplicationStatus, newStatus) } - -// QualifiedName returns the full qualified name of the applicationset, including -// the name of the namespace it is created in delimited by a forward slash, -// i.e. / -func (a *ApplicationSet) QualifiedName() string { - if a.Namespace == "" { - return a.Name - } else { - return a.Namespace + "/" + a.Name - } -} diff --git a/pkg/apis/application/v1alpha1/applicationset_types_test.go b/pkg/apis/application/v1alpha1/applicationset_types_test.go index 1f9dc64b1fdb3..67fc502470a06 100644 --- a/pkg/apis/application/v1alpha1/applicationset_types_test.go +++ b/pkg/apis/application/v1alpha1/applicationset_types_test.go @@ -6,7 +6,6 @@ import ( "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/utils/pointer" ) func testAppSetCond(t ApplicationSetConditionType, msg string, lastTransitionTime *metav1.Time, status ApplicationSetConditionStatus, reason string) ApplicationSetCondition { @@ -39,42 +38,6 @@ func newTestAppSet(name, namespace, repo string) *ApplicationSet { return a } -func TestApplicationsSyncPolicy(t *testing.T) { - assert.False(t, ApplicationsSyncPolicyCreateOnly.AllowDelete()) - assert.False(t, ApplicationsSyncPolicyCreateOnly.AllowUpdate()) - - assert.False(t, ApplicationsSyncPolicyCreateUpdate.AllowDelete()) - assert.True(t, ApplicationsSyncPolicyCreateUpdate.AllowUpdate()) - - assert.True(t, ApplicationsSyncPolicySync.AllowDelete()) - assert.True(t, ApplicationsSyncPolicySync.AllowUpdate()) -} - -func TestApplicationSetRBACName(t *testing.T) { - testRepo := "https://github.com/org/repo" - - t.Run("Test RBAC name with namespace", func(t *testing.T) { - namespace := "guestbook" - a := newTestAppSet("test-appset", namespace, testRepo) - a.Spec.Template.Spec.Project = "test" - assert.Equal(t, "test/guestbook/test-appset", a.RBACName("argocd")) - }) - - t.Run("Test RBAC name default ns", func(t *testing.T) { - namespace := "argocd" - a := newTestAppSet("test-appset", namespace, testRepo) - a.Spec.Template.Spec.Project = "test" - assert.Equal(t, "test/test-appset", a.RBACName("argocd")) - }) - - t.Run("Test RBAC no ns", func(t *testing.T) { - a := newTestAppSet("test-appset", "", testRepo) - a.Spec.Template.Spec.Project = "test" - assert.Equal(t, "test/test-appset", a.RBACName("argocd")) - }) - -} - func TestApplicationSetSetConditions(t *testing.T) { fiveMinsAgo := &metav1.Time{Time: time.Now().Add(-5 * time.Minute)} tenMinsAgo := &metav1.Time{Time: time.Now().Add(-10 * time.Minute)} @@ -168,14 +131,3 @@ func assertAppSetConditions(t *testing.T, expected []ApplicationSetCondition, ac assert.Equal(t, expected[i].Message, actual[i].Message) } } - -func TestSCMProviderGeneratorGitlab_WillIncludeSharedProjects(t *testing.T) { - settings := SCMProviderGeneratorGitlab{} - assert.True(t, settings.WillIncludeSharedProjects()) - - settings.IncludeSharedProjects = pointer.BoolPtr(false) - assert.False(t, settings.WillIncludeSharedProjects()) - - settings.IncludeSharedProjects = pointer.BoolPtr(true) - assert.True(t, settings.WillIncludeSharedProjects()) -} diff --git a/pkg/apis/application/v1alpha1/generated.pb.go b/pkg/apis/application/v1alpha1/generated.pb.go index 65f4303cccb98..62dc81f7325d9 100644 --- a/pkg/apis/application/v1alpha1/generated.pb.go +++ b/pkg/apis/application/v1alpha1/generated.pb.go @@ -17,7 +17,6 @@ import ( v12 "k8s.io/api/core/v1" v11 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" math "math" math_bits "math/bits" @@ -1159,66 +1158,10 @@ func (m *BasicAuthBitbucketServer) XXX_DiscardUnknown() { var xxx_messageInfo_BasicAuthBitbucketServer proto.InternalMessageInfo -func (m *BearerTokenBitbucketCloud) Reset() { *m = BearerTokenBitbucketCloud{} } -func (*BearerTokenBitbucketCloud) ProtoMessage() {} -func (*BearerTokenBitbucketCloud) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{40} -} -func (m *BearerTokenBitbucketCloud) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *BearerTokenBitbucketCloud) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *BearerTokenBitbucketCloud) XXX_Merge(src proto.Message) { - xxx_messageInfo_BearerTokenBitbucketCloud.Merge(m, src) -} -func (m *BearerTokenBitbucketCloud) XXX_Size() int { - return m.Size() -} -func (m *BearerTokenBitbucketCloud) XXX_DiscardUnknown() { - xxx_messageInfo_BearerTokenBitbucketCloud.DiscardUnknown(m) -} - -var xxx_messageInfo_BearerTokenBitbucketCloud proto.InternalMessageInfo - -func (m *ChartDetails) Reset() { *m = ChartDetails{} } -func (*ChartDetails) ProtoMessage() {} -func (*ChartDetails) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{41} -} -func (m *ChartDetails) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *ChartDetails) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *ChartDetails) XXX_Merge(src proto.Message) { - xxx_messageInfo_ChartDetails.Merge(m, src) -} -func (m *ChartDetails) XXX_Size() int { - return m.Size() -} -func (m *ChartDetails) XXX_DiscardUnknown() { - xxx_messageInfo_ChartDetails.DiscardUnknown(m) -} - -var xxx_messageInfo_ChartDetails proto.InternalMessageInfo - func (m *Cluster) Reset() { *m = Cluster{} } func (*Cluster) ProtoMessage() {} func (*Cluster) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{42} + return fileDescriptor_030104ce3b95bcac, []int{40} } func (m *Cluster) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1246,7 +1189,7 @@ var xxx_messageInfo_Cluster proto.InternalMessageInfo func (m *ClusterCacheInfo) Reset() { *m = ClusterCacheInfo{} } func (*ClusterCacheInfo) ProtoMessage() {} func (*ClusterCacheInfo) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{43} + return fileDescriptor_030104ce3b95bcac, []int{41} } func (m *ClusterCacheInfo) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1274,7 +1217,7 @@ var xxx_messageInfo_ClusterCacheInfo proto.InternalMessageInfo func (m *ClusterConfig) Reset() { *m = ClusterConfig{} } func (*ClusterConfig) ProtoMessage() {} func (*ClusterConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{44} + return fileDescriptor_030104ce3b95bcac, []int{42} } func (m *ClusterConfig) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1302,7 +1245,7 @@ var xxx_messageInfo_ClusterConfig proto.InternalMessageInfo func (m *ClusterGenerator) Reset() { *m = ClusterGenerator{} } func (*ClusterGenerator) ProtoMessage() {} func (*ClusterGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{45} + return fileDescriptor_030104ce3b95bcac, []int{43} } func (m *ClusterGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1330,7 +1273,7 @@ var xxx_messageInfo_ClusterGenerator proto.InternalMessageInfo func (m *ClusterInfo) Reset() { *m = ClusterInfo{} } func (*ClusterInfo) ProtoMessage() {} func (*ClusterInfo) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{46} + return fileDescriptor_030104ce3b95bcac, []int{44} } func (m *ClusterInfo) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1358,7 +1301,7 @@ var xxx_messageInfo_ClusterInfo proto.InternalMessageInfo func (m *ClusterList) Reset() { *m = ClusterList{} } func (*ClusterList) ProtoMessage() {} func (*ClusterList) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{47} + return fileDescriptor_030104ce3b95bcac, []int{45} } func (m *ClusterList) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1386,7 +1329,7 @@ var xxx_messageInfo_ClusterList proto.InternalMessageInfo func (m *Command) Reset() { *m = Command{} } func (*Command) ProtoMessage() {} func (*Command) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{48} + return fileDescriptor_030104ce3b95bcac, []int{46} } func (m *Command) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1414,7 +1357,7 @@ var xxx_messageInfo_Command proto.InternalMessageInfo func (m *ComparedTo) Reset() { *m = ComparedTo{} } func (*ComparedTo) ProtoMessage() {} func (*ComparedTo) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{49} + return fileDescriptor_030104ce3b95bcac, []int{47} } func (m *ComparedTo) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1442,7 +1385,7 @@ var xxx_messageInfo_ComparedTo proto.InternalMessageInfo func (m *ComponentParameter) Reset() { *m = ComponentParameter{} } func (*ComponentParameter) ProtoMessage() {} func (*ComponentParameter) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{50} + return fileDescriptor_030104ce3b95bcac, []int{48} } func (m *ComponentParameter) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1470,7 +1413,7 @@ var xxx_messageInfo_ComponentParameter proto.InternalMessageInfo func (m *ConfigManagementPlugin) Reset() { *m = ConfigManagementPlugin{} } func (*ConfigManagementPlugin) ProtoMessage() {} func (*ConfigManagementPlugin) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{51} + return fileDescriptor_030104ce3b95bcac, []int{49} } func (m *ConfigManagementPlugin) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1498,7 +1441,7 @@ var xxx_messageInfo_ConfigManagementPlugin proto.InternalMessageInfo func (m *ConnectionState) Reset() { *m = ConnectionState{} } func (*ConnectionState) ProtoMessage() {} func (*ConnectionState) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{52} + return fileDescriptor_030104ce3b95bcac, []int{50} } func (m *ConnectionState) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1526,7 +1469,7 @@ var xxx_messageInfo_ConnectionState proto.InternalMessageInfo func (m *DuckTypeGenerator) Reset() { *m = DuckTypeGenerator{} } func (*DuckTypeGenerator) ProtoMessage() {} func (*DuckTypeGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{53} + return fileDescriptor_030104ce3b95bcac, []int{51} } func (m *DuckTypeGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1554,7 +1497,7 @@ var xxx_messageInfo_DuckTypeGenerator proto.InternalMessageInfo func (m *EnvEntry) Reset() { *m = EnvEntry{} } func (*EnvEntry) ProtoMessage() {} func (*EnvEntry) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{54} + return fileDescriptor_030104ce3b95bcac, []int{52} } func (m *EnvEntry) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1582,7 +1525,7 @@ var xxx_messageInfo_EnvEntry proto.InternalMessageInfo func (m *ExecProviderConfig) Reset() { *m = ExecProviderConfig{} } func (*ExecProviderConfig) ProtoMessage() {} func (*ExecProviderConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{55} + return fileDescriptor_030104ce3b95bcac, []int{53} } func (m *ExecProviderConfig) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1610,7 +1553,7 @@ var xxx_messageInfo_ExecProviderConfig proto.InternalMessageInfo func (m *GitDirectoryGeneratorItem) Reset() { *m = GitDirectoryGeneratorItem{} } func (*GitDirectoryGeneratorItem) ProtoMessage() {} func (*GitDirectoryGeneratorItem) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{56} + return fileDescriptor_030104ce3b95bcac, []int{54} } func (m *GitDirectoryGeneratorItem) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1638,7 +1581,7 @@ var xxx_messageInfo_GitDirectoryGeneratorItem proto.InternalMessageInfo func (m *GitFileGeneratorItem) Reset() { *m = GitFileGeneratorItem{} } func (*GitFileGeneratorItem) ProtoMessage() {} func (*GitFileGeneratorItem) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{57} + return fileDescriptor_030104ce3b95bcac, []int{55} } func (m *GitFileGeneratorItem) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1666,7 +1609,7 @@ var xxx_messageInfo_GitFileGeneratorItem proto.InternalMessageInfo func (m *GitGenerator) Reset() { *m = GitGenerator{} } func (*GitGenerator) ProtoMessage() {} func (*GitGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{58} + return fileDescriptor_030104ce3b95bcac, []int{56} } func (m *GitGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1694,7 +1637,7 @@ var xxx_messageInfo_GitGenerator proto.InternalMessageInfo func (m *GnuPGPublicKey) Reset() { *m = GnuPGPublicKey{} } func (*GnuPGPublicKey) ProtoMessage() {} func (*GnuPGPublicKey) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{59} + return fileDescriptor_030104ce3b95bcac, []int{57} } func (m *GnuPGPublicKey) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1722,7 +1665,7 @@ var xxx_messageInfo_GnuPGPublicKey proto.InternalMessageInfo func (m *GnuPGPublicKeyList) Reset() { *m = GnuPGPublicKeyList{} } func (*GnuPGPublicKeyList) ProtoMessage() {} func (*GnuPGPublicKeyList) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{60} + return fileDescriptor_030104ce3b95bcac, []int{58} } func (m *GnuPGPublicKeyList) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1750,7 +1693,7 @@ var xxx_messageInfo_GnuPGPublicKeyList proto.InternalMessageInfo func (m *HealthStatus) Reset() { *m = HealthStatus{} } func (*HealthStatus) ProtoMessage() {} func (*HealthStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{61} + return fileDescriptor_030104ce3b95bcac, []int{59} } func (m *HealthStatus) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1778,7 +1721,7 @@ var xxx_messageInfo_HealthStatus proto.InternalMessageInfo func (m *HelmFileParameter) Reset() { *m = HelmFileParameter{} } func (*HelmFileParameter) ProtoMessage() {} func (*HelmFileParameter) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{62} + return fileDescriptor_030104ce3b95bcac, []int{60} } func (m *HelmFileParameter) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1806,7 +1749,7 @@ var xxx_messageInfo_HelmFileParameter proto.InternalMessageInfo func (m *HelmOptions) Reset() { *m = HelmOptions{} } func (*HelmOptions) ProtoMessage() {} func (*HelmOptions) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{63} + return fileDescriptor_030104ce3b95bcac, []int{61} } func (m *HelmOptions) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1834,7 +1777,7 @@ var xxx_messageInfo_HelmOptions proto.InternalMessageInfo func (m *HelmParameter) Reset() { *m = HelmParameter{} } func (*HelmParameter) ProtoMessage() {} func (*HelmParameter) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{64} + return fileDescriptor_030104ce3b95bcac, []int{62} } func (m *HelmParameter) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1862,7 +1805,7 @@ var xxx_messageInfo_HelmParameter proto.InternalMessageInfo func (m *HostInfo) Reset() { *m = HostInfo{} } func (*HostInfo) ProtoMessage() {} func (*HostInfo) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{65} + return fileDescriptor_030104ce3b95bcac, []int{63} } func (m *HostInfo) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1890,7 +1833,7 @@ var xxx_messageInfo_HostInfo proto.InternalMessageInfo func (m *HostResourceInfo) Reset() { *m = HostResourceInfo{} } func (*HostResourceInfo) ProtoMessage() {} func (*HostResourceInfo) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{66} + return fileDescriptor_030104ce3b95bcac, []int{64} } func (m *HostResourceInfo) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1918,7 +1861,7 @@ var xxx_messageInfo_HostResourceInfo proto.InternalMessageInfo func (m *Info) Reset() { *m = Info{} } func (*Info) ProtoMessage() {} func (*Info) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{67} + return fileDescriptor_030104ce3b95bcac, []int{65} } func (m *Info) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1946,7 +1889,7 @@ var xxx_messageInfo_Info proto.InternalMessageInfo func (m *InfoItem) Reset() { *m = InfoItem{} } func (*InfoItem) ProtoMessage() {} func (*InfoItem) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{68} + return fileDescriptor_030104ce3b95bcac, []int{66} } func (m *InfoItem) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1974,7 +1917,7 @@ var xxx_messageInfo_InfoItem proto.InternalMessageInfo func (m *JWTToken) Reset() { *m = JWTToken{} } func (*JWTToken) ProtoMessage() {} func (*JWTToken) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{69} + return fileDescriptor_030104ce3b95bcac, []int{67} } func (m *JWTToken) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2002,7 +1945,7 @@ var xxx_messageInfo_JWTToken proto.InternalMessageInfo func (m *JWTTokens) Reset() { *m = JWTTokens{} } func (*JWTTokens) ProtoMessage() {} func (*JWTTokens) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{70} + return fileDescriptor_030104ce3b95bcac, []int{68} } func (m *JWTTokens) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2030,7 +1973,7 @@ var xxx_messageInfo_JWTTokens proto.InternalMessageInfo func (m *JsonnetVar) Reset() { *m = JsonnetVar{} } func (*JsonnetVar) ProtoMessage() {} func (*JsonnetVar) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{71} + return fileDescriptor_030104ce3b95bcac, []int{69} } func (m *JsonnetVar) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2058,7 +2001,7 @@ var xxx_messageInfo_JsonnetVar proto.InternalMessageInfo func (m *KnownTypeField) Reset() { *m = KnownTypeField{} } func (*KnownTypeField) ProtoMessage() {} func (*KnownTypeField) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{72} + return fileDescriptor_030104ce3b95bcac, []int{70} } func (m *KnownTypeField) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2086,7 +2029,7 @@ var xxx_messageInfo_KnownTypeField proto.InternalMessageInfo func (m *KustomizeOptions) Reset() { *m = KustomizeOptions{} } func (*KustomizeOptions) ProtoMessage() {} func (*KustomizeOptions) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{73} + return fileDescriptor_030104ce3b95bcac, []int{71} } func (m *KustomizeOptions) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2114,7 +2057,7 @@ var xxx_messageInfo_KustomizeOptions proto.InternalMessageInfo func (m *KustomizeReplica) Reset() { *m = KustomizeReplica{} } func (*KustomizeReplica) ProtoMessage() {} func (*KustomizeReplica) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{74} + return fileDescriptor_030104ce3b95bcac, []int{72} } func (m *KustomizeReplica) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2142,7 +2085,7 @@ var xxx_messageInfo_KustomizeReplica proto.InternalMessageInfo func (m *ListGenerator) Reset() { *m = ListGenerator{} } func (*ListGenerator) ProtoMessage() {} func (*ListGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{75} + return fileDescriptor_030104ce3b95bcac, []int{73} } func (m *ListGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2170,7 +2113,7 @@ var xxx_messageInfo_ListGenerator proto.InternalMessageInfo func (m *ManagedNamespaceMetadata) Reset() { *m = ManagedNamespaceMetadata{} } func (*ManagedNamespaceMetadata) ProtoMessage() {} func (*ManagedNamespaceMetadata) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{76} + return fileDescriptor_030104ce3b95bcac, []int{74} } func (m *ManagedNamespaceMetadata) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2198,7 +2141,7 @@ var xxx_messageInfo_ManagedNamespaceMetadata proto.InternalMessageInfo func (m *MatrixGenerator) Reset() { *m = MatrixGenerator{} } func (*MatrixGenerator) ProtoMessage() {} func (*MatrixGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{77} + return fileDescriptor_030104ce3b95bcac, []int{75} } func (m *MatrixGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2226,7 +2169,7 @@ var xxx_messageInfo_MatrixGenerator proto.InternalMessageInfo func (m *MergeGenerator) Reset() { *m = MergeGenerator{} } func (*MergeGenerator) ProtoMessage() {} func (*MergeGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{78} + return fileDescriptor_030104ce3b95bcac, []int{76} } func (m *MergeGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2254,7 +2197,7 @@ var xxx_messageInfo_MergeGenerator proto.InternalMessageInfo func (m *NestedMatrixGenerator) Reset() { *m = NestedMatrixGenerator{} } func (*NestedMatrixGenerator) ProtoMessage() {} func (*NestedMatrixGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{79} + return fileDescriptor_030104ce3b95bcac, []int{77} } func (m *NestedMatrixGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2282,7 +2225,7 @@ var xxx_messageInfo_NestedMatrixGenerator proto.InternalMessageInfo func (m *NestedMergeGenerator) Reset() { *m = NestedMergeGenerator{} } func (*NestedMergeGenerator) ProtoMessage() {} func (*NestedMergeGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{80} + return fileDescriptor_030104ce3b95bcac, []int{78} } func (m *NestedMergeGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2310,7 +2253,7 @@ var xxx_messageInfo_NestedMergeGenerator proto.InternalMessageInfo func (m *Operation) Reset() { *m = Operation{} } func (*Operation) ProtoMessage() {} func (*Operation) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{81} + return fileDescriptor_030104ce3b95bcac, []int{79} } func (m *Operation) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2338,7 +2281,7 @@ var xxx_messageInfo_Operation proto.InternalMessageInfo func (m *OperationInitiator) Reset() { *m = OperationInitiator{} } func (*OperationInitiator) ProtoMessage() {} func (*OperationInitiator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{82} + return fileDescriptor_030104ce3b95bcac, []int{80} } func (m *OperationInitiator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2366,7 +2309,7 @@ var xxx_messageInfo_OperationInitiator proto.InternalMessageInfo func (m *OperationState) Reset() { *m = OperationState{} } func (*OperationState) ProtoMessage() {} func (*OperationState) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{83} + return fileDescriptor_030104ce3b95bcac, []int{81} } func (m *OperationState) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2394,7 +2337,7 @@ var xxx_messageInfo_OperationState proto.InternalMessageInfo func (m *OptionalArray) Reset() { *m = OptionalArray{} } func (*OptionalArray) ProtoMessage() {} func (*OptionalArray) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{84} + return fileDescriptor_030104ce3b95bcac, []int{82} } func (m *OptionalArray) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2422,7 +2365,7 @@ var xxx_messageInfo_OptionalArray proto.InternalMessageInfo func (m *OptionalMap) Reset() { *m = OptionalMap{} } func (*OptionalMap) ProtoMessage() {} func (*OptionalMap) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{85} + return fileDescriptor_030104ce3b95bcac, []int{83} } func (m *OptionalMap) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2450,7 +2393,7 @@ var xxx_messageInfo_OptionalMap proto.InternalMessageInfo func (m *OrphanedResourceKey) Reset() { *m = OrphanedResourceKey{} } func (*OrphanedResourceKey) ProtoMessage() {} func (*OrphanedResourceKey) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{86} + return fileDescriptor_030104ce3b95bcac, []int{84} } func (m *OrphanedResourceKey) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2478,7 +2421,7 @@ var xxx_messageInfo_OrphanedResourceKey proto.InternalMessageInfo func (m *OrphanedResourcesMonitorSettings) Reset() { *m = OrphanedResourcesMonitorSettings{} } func (*OrphanedResourcesMonitorSettings) ProtoMessage() {} func (*OrphanedResourcesMonitorSettings) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{87} + return fileDescriptor_030104ce3b95bcac, []int{85} } func (m *OrphanedResourcesMonitorSettings) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2506,7 +2449,7 @@ var xxx_messageInfo_OrphanedResourcesMonitorSettings proto.InternalMessageInfo func (m *OverrideIgnoreDiff) Reset() { *m = OverrideIgnoreDiff{} } func (*OverrideIgnoreDiff) ProtoMessage() {} func (*OverrideIgnoreDiff) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{88} + return fileDescriptor_030104ce3b95bcac, []int{86} } func (m *OverrideIgnoreDiff) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2531,94 +2474,10 @@ func (m *OverrideIgnoreDiff) XXX_DiscardUnknown() { var xxx_messageInfo_OverrideIgnoreDiff proto.InternalMessageInfo -func (m *PluginConfigMapRef) Reset() { *m = PluginConfigMapRef{} } -func (*PluginConfigMapRef) ProtoMessage() {} -func (*PluginConfigMapRef) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{89} -} -func (m *PluginConfigMapRef) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PluginConfigMapRef) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PluginConfigMapRef) XXX_Merge(src proto.Message) { - xxx_messageInfo_PluginConfigMapRef.Merge(m, src) -} -func (m *PluginConfigMapRef) XXX_Size() int { - return m.Size() -} -func (m *PluginConfigMapRef) XXX_DiscardUnknown() { - xxx_messageInfo_PluginConfigMapRef.DiscardUnknown(m) -} - -var xxx_messageInfo_PluginConfigMapRef proto.InternalMessageInfo - -func (m *PluginGenerator) Reset() { *m = PluginGenerator{} } -func (*PluginGenerator) ProtoMessage() {} -func (*PluginGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{90} -} -func (m *PluginGenerator) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PluginGenerator) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PluginGenerator) XXX_Merge(src proto.Message) { - xxx_messageInfo_PluginGenerator.Merge(m, src) -} -func (m *PluginGenerator) XXX_Size() int { - return m.Size() -} -func (m *PluginGenerator) XXX_DiscardUnknown() { - xxx_messageInfo_PluginGenerator.DiscardUnknown(m) -} - -var xxx_messageInfo_PluginGenerator proto.InternalMessageInfo - -func (m *PluginInput) Reset() { *m = PluginInput{} } -func (*PluginInput) ProtoMessage() {} -func (*PluginInput) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{91} -} -func (m *PluginInput) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PluginInput) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PluginInput) XXX_Merge(src proto.Message) { - xxx_messageInfo_PluginInput.Merge(m, src) -} -func (m *PluginInput) XXX_Size() int { - return m.Size() -} -func (m *PluginInput) XXX_DiscardUnknown() { - xxx_messageInfo_PluginInput.DiscardUnknown(m) -} - -var xxx_messageInfo_PluginInput proto.InternalMessageInfo - func (m *ProjectRole) Reset() { *m = ProjectRole{} } func (*ProjectRole) ProtoMessage() {} func (*ProjectRole) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{92} + return fileDescriptor_030104ce3b95bcac, []int{87} } func (m *ProjectRole) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2646,7 +2505,7 @@ var xxx_messageInfo_ProjectRole proto.InternalMessageInfo func (m *PullRequestGenerator) Reset() { *m = PullRequestGenerator{} } func (*PullRequestGenerator) ProtoMessage() {} func (*PullRequestGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{93} + return fileDescriptor_030104ce3b95bcac, []int{88} } func (m *PullRequestGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2671,66 +2530,10 @@ func (m *PullRequestGenerator) XXX_DiscardUnknown() { var xxx_messageInfo_PullRequestGenerator proto.InternalMessageInfo -func (m *PullRequestGeneratorAzureDevOps) Reset() { *m = PullRequestGeneratorAzureDevOps{} } -func (*PullRequestGeneratorAzureDevOps) ProtoMessage() {} -func (*PullRequestGeneratorAzureDevOps) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{94} -} -func (m *PullRequestGeneratorAzureDevOps) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PullRequestGeneratorAzureDevOps) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PullRequestGeneratorAzureDevOps) XXX_Merge(src proto.Message) { - xxx_messageInfo_PullRequestGeneratorAzureDevOps.Merge(m, src) -} -func (m *PullRequestGeneratorAzureDevOps) XXX_Size() int { - return m.Size() -} -func (m *PullRequestGeneratorAzureDevOps) XXX_DiscardUnknown() { - xxx_messageInfo_PullRequestGeneratorAzureDevOps.DiscardUnknown(m) -} - -var xxx_messageInfo_PullRequestGeneratorAzureDevOps proto.InternalMessageInfo - -func (m *PullRequestGeneratorBitbucket) Reset() { *m = PullRequestGeneratorBitbucket{} } -func (*PullRequestGeneratorBitbucket) ProtoMessage() {} -func (*PullRequestGeneratorBitbucket) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{95} -} -func (m *PullRequestGeneratorBitbucket) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *PullRequestGeneratorBitbucket) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *PullRequestGeneratorBitbucket) XXX_Merge(src proto.Message) { - xxx_messageInfo_PullRequestGeneratorBitbucket.Merge(m, src) -} -func (m *PullRequestGeneratorBitbucket) XXX_Size() int { - return m.Size() -} -func (m *PullRequestGeneratorBitbucket) XXX_DiscardUnknown() { - xxx_messageInfo_PullRequestGeneratorBitbucket.DiscardUnknown(m) -} - -var xxx_messageInfo_PullRequestGeneratorBitbucket proto.InternalMessageInfo - func (m *PullRequestGeneratorBitbucketServer) Reset() { *m = PullRequestGeneratorBitbucketServer{} } func (*PullRequestGeneratorBitbucketServer) ProtoMessage() {} func (*PullRequestGeneratorBitbucketServer) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{96} + return fileDescriptor_030104ce3b95bcac, []int{89} } func (m *PullRequestGeneratorBitbucketServer) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2758,7 +2561,7 @@ var xxx_messageInfo_PullRequestGeneratorBitbucketServer proto.InternalMessageInf func (m *PullRequestGeneratorFilter) Reset() { *m = PullRequestGeneratorFilter{} } func (*PullRequestGeneratorFilter) ProtoMessage() {} func (*PullRequestGeneratorFilter) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{97} + return fileDescriptor_030104ce3b95bcac, []int{90} } func (m *PullRequestGeneratorFilter) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2786,7 +2589,7 @@ var xxx_messageInfo_PullRequestGeneratorFilter proto.InternalMessageInfo func (m *PullRequestGeneratorGitLab) Reset() { *m = PullRequestGeneratorGitLab{} } func (*PullRequestGeneratorGitLab) ProtoMessage() {} func (*PullRequestGeneratorGitLab) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{98} + return fileDescriptor_030104ce3b95bcac, []int{91} } func (m *PullRequestGeneratorGitLab) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2814,7 +2617,7 @@ var xxx_messageInfo_PullRequestGeneratorGitLab proto.InternalMessageInfo func (m *PullRequestGeneratorGitea) Reset() { *m = PullRequestGeneratorGitea{} } func (*PullRequestGeneratorGitea) ProtoMessage() {} func (*PullRequestGeneratorGitea) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{99} + return fileDescriptor_030104ce3b95bcac, []int{92} } func (m *PullRequestGeneratorGitea) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2842,7 +2645,7 @@ var xxx_messageInfo_PullRequestGeneratorGitea proto.InternalMessageInfo func (m *PullRequestGeneratorGithub) Reset() { *m = PullRequestGeneratorGithub{} } func (*PullRequestGeneratorGithub) ProtoMessage() {} func (*PullRequestGeneratorGithub) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{100} + return fileDescriptor_030104ce3b95bcac, []int{93} } func (m *PullRequestGeneratorGithub) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2870,7 +2673,7 @@ var xxx_messageInfo_PullRequestGeneratorGithub proto.InternalMessageInfo func (m *RefTarget) Reset() { *m = RefTarget{} } func (*RefTarget) ProtoMessage() {} func (*RefTarget) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{101} + return fileDescriptor_030104ce3b95bcac, []int{94} } func (m *RefTarget) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2898,7 +2701,7 @@ var xxx_messageInfo_RefTarget proto.InternalMessageInfo func (m *RepoCreds) Reset() { *m = RepoCreds{} } func (*RepoCreds) ProtoMessage() {} func (*RepoCreds) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{102} + return fileDescriptor_030104ce3b95bcac, []int{95} } func (m *RepoCreds) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2926,7 +2729,7 @@ var xxx_messageInfo_RepoCreds proto.InternalMessageInfo func (m *RepoCredsList) Reset() { *m = RepoCredsList{} } func (*RepoCredsList) ProtoMessage() {} func (*RepoCredsList) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{103} + return fileDescriptor_030104ce3b95bcac, []int{96} } func (m *RepoCredsList) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2954,7 +2757,7 @@ var xxx_messageInfo_RepoCredsList proto.InternalMessageInfo func (m *Repository) Reset() { *m = Repository{} } func (*Repository) ProtoMessage() {} func (*Repository) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{104} + return fileDescriptor_030104ce3b95bcac, []int{97} } func (m *Repository) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -2982,7 +2785,7 @@ var xxx_messageInfo_Repository proto.InternalMessageInfo func (m *RepositoryCertificate) Reset() { *m = RepositoryCertificate{} } func (*RepositoryCertificate) ProtoMessage() {} func (*RepositoryCertificate) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{105} + return fileDescriptor_030104ce3b95bcac, []int{98} } func (m *RepositoryCertificate) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3010,7 +2813,7 @@ var xxx_messageInfo_RepositoryCertificate proto.InternalMessageInfo func (m *RepositoryCertificateList) Reset() { *m = RepositoryCertificateList{} } func (*RepositoryCertificateList) ProtoMessage() {} func (*RepositoryCertificateList) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{106} + return fileDescriptor_030104ce3b95bcac, []int{99} } func (m *RepositoryCertificateList) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3038,7 +2841,7 @@ var xxx_messageInfo_RepositoryCertificateList proto.InternalMessageInfo func (m *RepositoryList) Reset() { *m = RepositoryList{} } func (*RepositoryList) ProtoMessage() {} func (*RepositoryList) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{107} + return fileDescriptor_030104ce3b95bcac, []int{100} } func (m *RepositoryList) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3066,7 +2869,7 @@ var xxx_messageInfo_RepositoryList proto.InternalMessageInfo func (m *ResourceAction) Reset() { *m = ResourceAction{} } func (*ResourceAction) ProtoMessage() {} func (*ResourceAction) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{108} + return fileDescriptor_030104ce3b95bcac, []int{101} } func (m *ResourceAction) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3094,7 +2897,7 @@ var xxx_messageInfo_ResourceAction proto.InternalMessageInfo func (m *ResourceActionDefinition) Reset() { *m = ResourceActionDefinition{} } func (*ResourceActionDefinition) ProtoMessage() {} func (*ResourceActionDefinition) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{109} + return fileDescriptor_030104ce3b95bcac, []int{102} } func (m *ResourceActionDefinition) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3122,7 +2925,7 @@ var xxx_messageInfo_ResourceActionDefinition proto.InternalMessageInfo func (m *ResourceActionParam) Reset() { *m = ResourceActionParam{} } func (*ResourceActionParam) ProtoMessage() {} func (*ResourceActionParam) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{110} + return fileDescriptor_030104ce3b95bcac, []int{103} } func (m *ResourceActionParam) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3150,7 +2953,7 @@ var xxx_messageInfo_ResourceActionParam proto.InternalMessageInfo func (m *ResourceActions) Reset() { *m = ResourceActions{} } func (*ResourceActions) ProtoMessage() {} func (*ResourceActions) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{111} + return fileDescriptor_030104ce3b95bcac, []int{104} } func (m *ResourceActions) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3178,7 +2981,7 @@ var xxx_messageInfo_ResourceActions proto.InternalMessageInfo func (m *ResourceDiff) Reset() { *m = ResourceDiff{} } func (*ResourceDiff) ProtoMessage() {} func (*ResourceDiff) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{112} + return fileDescriptor_030104ce3b95bcac, []int{105} } func (m *ResourceDiff) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3206,7 +3009,7 @@ var xxx_messageInfo_ResourceDiff proto.InternalMessageInfo func (m *ResourceIgnoreDifferences) Reset() { *m = ResourceIgnoreDifferences{} } func (*ResourceIgnoreDifferences) ProtoMessage() {} func (*ResourceIgnoreDifferences) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{113} + return fileDescriptor_030104ce3b95bcac, []int{106} } func (m *ResourceIgnoreDifferences) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3234,7 +3037,7 @@ var xxx_messageInfo_ResourceIgnoreDifferences proto.InternalMessageInfo func (m *ResourceNetworkingInfo) Reset() { *m = ResourceNetworkingInfo{} } func (*ResourceNetworkingInfo) ProtoMessage() {} func (*ResourceNetworkingInfo) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{114} + return fileDescriptor_030104ce3b95bcac, []int{107} } func (m *ResourceNetworkingInfo) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3262,7 +3065,7 @@ var xxx_messageInfo_ResourceNetworkingInfo proto.InternalMessageInfo func (m *ResourceNode) Reset() { *m = ResourceNode{} } func (*ResourceNode) ProtoMessage() {} func (*ResourceNode) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{115} + return fileDescriptor_030104ce3b95bcac, []int{108} } func (m *ResourceNode) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3290,7 +3093,7 @@ var xxx_messageInfo_ResourceNode proto.InternalMessageInfo func (m *ResourceOverride) Reset() { *m = ResourceOverride{} } func (*ResourceOverride) ProtoMessage() {} func (*ResourceOverride) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{116} + return fileDescriptor_030104ce3b95bcac, []int{109} } func (m *ResourceOverride) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3318,7 +3121,7 @@ var xxx_messageInfo_ResourceOverride proto.InternalMessageInfo func (m *ResourceRef) Reset() { *m = ResourceRef{} } func (*ResourceRef) ProtoMessage() {} func (*ResourceRef) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{117} + return fileDescriptor_030104ce3b95bcac, []int{110} } func (m *ResourceRef) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3346,7 +3149,7 @@ var xxx_messageInfo_ResourceRef proto.InternalMessageInfo func (m *ResourceResult) Reset() { *m = ResourceResult{} } func (*ResourceResult) ProtoMessage() {} func (*ResourceResult) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{118} + return fileDescriptor_030104ce3b95bcac, []int{111} } func (m *ResourceResult) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3374,7 +3177,7 @@ var xxx_messageInfo_ResourceResult proto.InternalMessageInfo func (m *ResourceStatus) Reset() { *m = ResourceStatus{} } func (*ResourceStatus) ProtoMessage() {} func (*ResourceStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{119} + return fileDescriptor_030104ce3b95bcac, []int{112} } func (m *ResourceStatus) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3402,7 +3205,7 @@ var xxx_messageInfo_ResourceStatus proto.InternalMessageInfo func (m *RetryStrategy) Reset() { *m = RetryStrategy{} } func (*RetryStrategy) ProtoMessage() {} func (*RetryStrategy) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{120} + return fileDescriptor_030104ce3b95bcac, []int{113} } func (m *RetryStrategy) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3430,7 +3233,7 @@ var xxx_messageInfo_RetryStrategy proto.InternalMessageInfo func (m *RevisionHistory) Reset() { *m = RevisionHistory{} } func (*RevisionHistory) ProtoMessage() {} func (*RevisionHistory) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{121} + return fileDescriptor_030104ce3b95bcac, []int{114} } func (m *RevisionHistory) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3458,7 +3261,7 @@ var xxx_messageInfo_RevisionHistory proto.InternalMessageInfo func (m *RevisionMetadata) Reset() { *m = RevisionMetadata{} } func (*RevisionMetadata) ProtoMessage() {} func (*RevisionMetadata) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{122} + return fileDescriptor_030104ce3b95bcac, []int{115} } func (m *RevisionMetadata) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3486,7 +3289,7 @@ var xxx_messageInfo_RevisionMetadata proto.InternalMessageInfo func (m *SCMProviderGenerator) Reset() { *m = SCMProviderGenerator{} } func (*SCMProviderGenerator) ProtoMessage() {} func (*SCMProviderGenerator) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{123} + return fileDescriptor_030104ce3b95bcac, []int{116} } func (m *SCMProviderGenerator) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3511,38 +3314,10 @@ func (m *SCMProviderGenerator) XXX_DiscardUnknown() { var xxx_messageInfo_SCMProviderGenerator proto.InternalMessageInfo -func (m *SCMProviderGeneratorAWSCodeCommit) Reset() { *m = SCMProviderGeneratorAWSCodeCommit{} } -func (*SCMProviderGeneratorAWSCodeCommit) ProtoMessage() {} -func (*SCMProviderGeneratorAWSCodeCommit) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{124} -} -func (m *SCMProviderGeneratorAWSCodeCommit) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *SCMProviderGeneratorAWSCodeCommit) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *SCMProviderGeneratorAWSCodeCommit) XXX_Merge(src proto.Message) { - xxx_messageInfo_SCMProviderGeneratorAWSCodeCommit.Merge(m, src) -} -func (m *SCMProviderGeneratorAWSCodeCommit) XXX_Size() int { - return m.Size() -} -func (m *SCMProviderGeneratorAWSCodeCommit) XXX_DiscardUnknown() { - xxx_messageInfo_SCMProviderGeneratorAWSCodeCommit.DiscardUnknown(m) -} - -var xxx_messageInfo_SCMProviderGeneratorAWSCodeCommit proto.InternalMessageInfo - func (m *SCMProviderGeneratorAzureDevOps) Reset() { *m = SCMProviderGeneratorAzureDevOps{} } func (*SCMProviderGeneratorAzureDevOps) ProtoMessage() {} func (*SCMProviderGeneratorAzureDevOps) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{125} + return fileDescriptor_030104ce3b95bcac, []int{117} } func (m *SCMProviderGeneratorAzureDevOps) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3570,7 +3345,7 @@ var xxx_messageInfo_SCMProviderGeneratorAzureDevOps proto.InternalMessageInfo func (m *SCMProviderGeneratorBitbucket) Reset() { *m = SCMProviderGeneratorBitbucket{} } func (*SCMProviderGeneratorBitbucket) ProtoMessage() {} func (*SCMProviderGeneratorBitbucket) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{126} + return fileDescriptor_030104ce3b95bcac, []int{118} } func (m *SCMProviderGeneratorBitbucket) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3598,7 +3373,7 @@ var xxx_messageInfo_SCMProviderGeneratorBitbucket proto.InternalMessageInfo func (m *SCMProviderGeneratorBitbucketServer) Reset() { *m = SCMProviderGeneratorBitbucketServer{} } func (*SCMProviderGeneratorBitbucketServer) ProtoMessage() {} func (*SCMProviderGeneratorBitbucketServer) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{127} + return fileDescriptor_030104ce3b95bcac, []int{119} } func (m *SCMProviderGeneratorBitbucketServer) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3626,7 +3401,7 @@ var xxx_messageInfo_SCMProviderGeneratorBitbucketServer proto.InternalMessageInf func (m *SCMProviderGeneratorFilter) Reset() { *m = SCMProviderGeneratorFilter{} } func (*SCMProviderGeneratorFilter) ProtoMessage() {} func (*SCMProviderGeneratorFilter) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{128} + return fileDescriptor_030104ce3b95bcac, []int{120} } func (m *SCMProviderGeneratorFilter) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3654,7 +3429,7 @@ var xxx_messageInfo_SCMProviderGeneratorFilter proto.InternalMessageInfo func (m *SCMProviderGeneratorGitea) Reset() { *m = SCMProviderGeneratorGitea{} } func (*SCMProviderGeneratorGitea) ProtoMessage() {} func (*SCMProviderGeneratorGitea) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{129} + return fileDescriptor_030104ce3b95bcac, []int{121} } func (m *SCMProviderGeneratorGitea) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3682,7 +3457,7 @@ var xxx_messageInfo_SCMProviderGeneratorGitea proto.InternalMessageInfo func (m *SCMProviderGeneratorGithub) Reset() { *m = SCMProviderGeneratorGithub{} } func (*SCMProviderGeneratorGithub) ProtoMessage() {} func (*SCMProviderGeneratorGithub) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{130} + return fileDescriptor_030104ce3b95bcac, []int{122} } func (m *SCMProviderGeneratorGithub) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3710,7 +3485,7 @@ var xxx_messageInfo_SCMProviderGeneratorGithub proto.InternalMessageInfo func (m *SCMProviderGeneratorGitlab) Reset() { *m = SCMProviderGeneratorGitlab{} } func (*SCMProviderGeneratorGitlab) ProtoMessage() {} func (*SCMProviderGeneratorGitlab) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{131} + return fileDescriptor_030104ce3b95bcac, []int{123} } func (m *SCMProviderGeneratorGitlab) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3738,7 +3513,7 @@ var xxx_messageInfo_SCMProviderGeneratorGitlab proto.InternalMessageInfo func (m *SecretRef) Reset() { *m = SecretRef{} } func (*SecretRef) ProtoMessage() {} func (*SecretRef) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{132} + return fileDescriptor_030104ce3b95bcac, []int{124} } func (m *SecretRef) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3766,7 +3541,7 @@ var xxx_messageInfo_SecretRef proto.InternalMessageInfo func (m *SignatureKey) Reset() { *m = SignatureKey{} } func (*SignatureKey) ProtoMessage() {} func (*SignatureKey) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{133} + return fileDescriptor_030104ce3b95bcac, []int{125} } func (m *SignatureKey) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3794,7 +3569,7 @@ var xxx_messageInfo_SignatureKey proto.InternalMessageInfo func (m *SyncOperation) Reset() { *m = SyncOperation{} } func (*SyncOperation) ProtoMessage() {} func (*SyncOperation) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{134} + return fileDescriptor_030104ce3b95bcac, []int{126} } func (m *SyncOperation) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3822,7 +3597,7 @@ var xxx_messageInfo_SyncOperation proto.InternalMessageInfo func (m *SyncOperationResource) Reset() { *m = SyncOperationResource{} } func (*SyncOperationResource) ProtoMessage() {} func (*SyncOperationResource) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{135} + return fileDescriptor_030104ce3b95bcac, []int{127} } func (m *SyncOperationResource) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3850,7 +3625,7 @@ var xxx_messageInfo_SyncOperationResource proto.InternalMessageInfo func (m *SyncOperationResult) Reset() { *m = SyncOperationResult{} } func (*SyncOperationResult) ProtoMessage() {} func (*SyncOperationResult) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{136} + return fileDescriptor_030104ce3b95bcac, []int{128} } func (m *SyncOperationResult) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3878,7 +3653,7 @@ var xxx_messageInfo_SyncOperationResult proto.InternalMessageInfo func (m *SyncPolicy) Reset() { *m = SyncPolicy{} } func (*SyncPolicy) ProtoMessage() {} func (*SyncPolicy) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{137} + return fileDescriptor_030104ce3b95bcac, []int{129} } func (m *SyncPolicy) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3906,7 +3681,7 @@ var xxx_messageInfo_SyncPolicy proto.InternalMessageInfo func (m *SyncPolicyAutomated) Reset() { *m = SyncPolicyAutomated{} } func (*SyncPolicyAutomated) ProtoMessage() {} func (*SyncPolicyAutomated) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{138} + return fileDescriptor_030104ce3b95bcac, []int{130} } func (m *SyncPolicyAutomated) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3934,7 +3709,7 @@ var xxx_messageInfo_SyncPolicyAutomated proto.InternalMessageInfo func (m *SyncStatus) Reset() { *m = SyncStatus{} } func (*SyncStatus) ProtoMessage() {} func (*SyncStatus) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{139} + return fileDescriptor_030104ce3b95bcac, []int{131} } func (m *SyncStatus) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3962,7 +3737,7 @@ var xxx_messageInfo_SyncStatus proto.InternalMessageInfo func (m *SyncStrategy) Reset() { *m = SyncStrategy{} } func (*SyncStrategy) ProtoMessage() {} func (*SyncStrategy) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{140} + return fileDescriptor_030104ce3b95bcac, []int{132} } func (m *SyncStrategy) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -3990,7 +3765,7 @@ var xxx_messageInfo_SyncStrategy proto.InternalMessageInfo func (m *SyncStrategyApply) Reset() { *m = SyncStrategyApply{} } func (*SyncStrategyApply) ProtoMessage() {} func (*SyncStrategyApply) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{141} + return fileDescriptor_030104ce3b95bcac, []int{133} } func (m *SyncStrategyApply) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -4018,7 +3793,7 @@ var xxx_messageInfo_SyncStrategyApply proto.InternalMessageInfo func (m *SyncStrategyHook) Reset() { *m = SyncStrategyHook{} } func (*SyncStrategyHook) ProtoMessage() {} func (*SyncStrategyHook) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{142} + return fileDescriptor_030104ce3b95bcac, []int{134} } func (m *SyncStrategyHook) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -4046,7 +3821,7 @@ var xxx_messageInfo_SyncStrategyHook proto.InternalMessageInfo func (m *SyncWindow) Reset() { *m = SyncWindow{} } func (*SyncWindow) ProtoMessage() {} func (*SyncWindow) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{143} + return fileDescriptor_030104ce3b95bcac, []int{135} } func (m *SyncWindow) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -4074,7 +3849,7 @@ var xxx_messageInfo_SyncWindow proto.InternalMessageInfo func (m *TLSClientConfig) Reset() { *m = TLSClientConfig{} } func (*TLSClientConfig) ProtoMessage() {} func (*TLSClientConfig) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{144} + return fileDescriptor_030104ce3b95bcac, []int{136} } func (m *TLSClientConfig) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -4099,34 +3874,6 @@ func (m *TLSClientConfig) XXX_DiscardUnknown() { var xxx_messageInfo_TLSClientConfig proto.InternalMessageInfo -func (m *TagFilter) Reset() { *m = TagFilter{} } -func (*TagFilter) ProtoMessage() {} -func (*TagFilter) Descriptor() ([]byte, []int) { - return fileDescriptor_030104ce3b95bcac, []int{145} -} -func (m *TagFilter) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *TagFilter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil -} -func (m *TagFilter) XXX_Merge(src proto.Message) { - xxx_messageInfo_TagFilter.Merge(m, src) -} -func (m *TagFilter) XXX_Size() int { - return m.Size() -} -func (m *TagFilter) XXX_DiscardUnknown() { - xxx_messageInfo_TagFilter.DiscardUnknown(m) -} - -var xxx_messageInfo_TagFilter proto.InternalMessageInfo - func init() { proto.RegisterType((*AWSAuthConfig)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.AWSAuthConfig") proto.RegisterType((*AppProject)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.AppProject") @@ -4173,8 +3920,6 @@ func init() { proto.RegisterType((*ApplicationWatchEvent)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ApplicationWatchEvent") proto.RegisterType((*Backoff)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Backoff") proto.RegisterType((*BasicAuthBitbucketServer)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.BasicAuthBitbucketServer") - proto.RegisterType((*BearerTokenBitbucketCloud)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.BearerTokenBitbucketCloud") - proto.RegisterType((*ChartDetails)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ChartDetails") proto.RegisterType((*Cluster)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Cluster") proto.RegisterMapType((map[string]string)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Cluster.AnnotationsEntry") proto.RegisterMapType((map[string]string)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Cluster.LabelsEntry") @@ -4197,7 +3942,6 @@ func init() { proto.RegisterType((*GitDirectoryGeneratorItem)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.GitDirectoryGeneratorItem") proto.RegisterType((*GitFileGeneratorItem)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.GitFileGeneratorItem") proto.RegisterType((*GitGenerator)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.GitGenerator") - proto.RegisterMapType((map[string]string)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.GitGenerator.ValuesEntry") proto.RegisterType((*GnuPGPublicKey)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.GnuPGPublicKey") proto.RegisterType((*GnuPGPublicKeyList)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.GnuPGPublicKeyList") proto.RegisterType((*HealthStatus)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.HealthStatus") @@ -4231,15 +3975,8 @@ func init() { proto.RegisterType((*OrphanedResourceKey)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.OrphanedResourceKey") proto.RegisterType((*OrphanedResourcesMonitorSettings)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.OrphanedResourcesMonitorSettings") proto.RegisterType((*OverrideIgnoreDiff)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.OverrideIgnoreDiff") - proto.RegisterType((*PluginConfigMapRef)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PluginConfigMapRef") - proto.RegisterType((*PluginGenerator)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PluginGenerator") - proto.RegisterMapType((map[string]string)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PluginGenerator.ValuesEntry") - proto.RegisterType((*PluginInput)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PluginInput") - proto.RegisterMapType((PluginParameters)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PluginInput.ParametersEntry") proto.RegisterType((*ProjectRole)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ProjectRole") proto.RegisterType((*PullRequestGenerator)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PullRequestGenerator") - proto.RegisterType((*PullRequestGeneratorAzureDevOps)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PullRequestGeneratorAzureDevOps") - proto.RegisterType((*PullRequestGeneratorBitbucket)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PullRequestGeneratorBitbucket") proto.RegisterType((*PullRequestGeneratorBitbucketServer)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PullRequestGeneratorBitbucketServer") proto.RegisterType((*PullRequestGeneratorFilter)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PullRequestGeneratorFilter") proto.RegisterType((*PullRequestGeneratorGitLab)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.PullRequestGeneratorGitLab") @@ -4270,8 +4007,6 @@ func init() { proto.RegisterType((*RevisionHistory)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.RevisionHistory") proto.RegisterType((*RevisionMetadata)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.RevisionMetadata") proto.RegisterType((*SCMProviderGenerator)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.SCMProviderGenerator") - proto.RegisterMapType((map[string]string)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.SCMProviderGenerator.ValuesEntry") - proto.RegisterType((*SCMProviderGeneratorAWSCodeCommit)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.SCMProviderGeneratorAWSCodeCommit") proto.RegisterType((*SCMProviderGeneratorAzureDevOps)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.SCMProviderGeneratorAzureDevOps") proto.RegisterType((*SCMProviderGeneratorBitbucket)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.SCMProviderGeneratorBitbucket") proto.RegisterType((*SCMProviderGeneratorBitbucketServer)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.SCMProviderGeneratorBitbucketServer") @@ -4292,7 +4027,6 @@ func init() { proto.RegisterType((*SyncStrategyHook)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.SyncStrategyHook") proto.RegisterType((*SyncWindow)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.SyncWindow") proto.RegisterType((*TLSClientConfig)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.TLSClientConfig") - proto.RegisterType((*TagFilter)(nil), "github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.TagFilter") } func init() { @@ -4300,673 +4034,623 @@ func init() { } var fileDescriptor_030104ce3b95bcac = []byte{ - // 10653 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0xbd, 0x6b, 0x70, 0x24, 0xc9, - 0x71, 0x18, 0xcc, 0x9e, 0x07, 0x30, 0x93, 0xc0, 0xbe, 0x6a, 0x77, 0xef, 0xb0, 0xcb, 0xbb, 0xc3, - 0xaa, 0x2f, 0x74, 0x3a, 0x7e, 0xbc, 0x03, 0x74, 0xcb, 0x3b, 0x7e, 0x67, 0x9d, 0x44, 0x0a, 0x8f, - 0x7d, 0x60, 0x17, 0x58, 0xe0, 0x0a, 0xd8, 0x5d, 0xf2, 0xa8, 0xe3, 0xb1, 0xd1, 0x53, 0x18, 0xf4, - 0xa2, 0xa7, 0xbb, 0xaf, 0xbb, 0x07, 0x0b, 0x9c, 0x48, 0x8a, 0x14, 0xf5, 0xa0, 0xcd, 0xa7, 0x49, - 0x3b, 0x44, 0xd9, 0xa6, 0x4c, 0x89, 0xb2, 0xc3, 0x0a, 0x9b, 0x61, 0xd9, 0xfe, 0x61, 0xd9, 0xb2, - 0x43, 0x21, 0xc9, 0x3f, 0xe8, 0xa0, 0x1d, 0x56, 0x38, 0x14, 0xa2, 0x6c, 0x4b, 0x30, 0x09, 0x87, - 0xc3, 0x0e, 0x47, 0x58, 0x11, 0xb2, 0xf5, 0xc3, 0x5e, 0x3b, 0xc2, 0x8e, 0x7a, 0x57, 0xf7, 0xf4, - 0x2c, 0x06, 0x40, 0x63, 0x77, 0x49, 0xdf, 0xbf, 0x99, 0xca, 0xec, 0xcc, 0xea, 0xea, 0xaa, 0xac, - 0xcc, 0xac, 0xcc, 0x2c, 0x98, 0x6f, 0x7b, 0xe9, 0x7a, 0x77, 0x75, 0xc2, 0x0d, 0x3b, 0x93, 0x4e, - 0xdc, 0x0e, 0xa3, 0x38, 0xbc, 0xc3, 0x7e, 0x3c, 0xef, 0xb6, 0x26, 0x37, 0x2f, 0x4e, 0x46, 0x1b, - 0xed, 0x49, 0x27, 0xf2, 0x92, 0x49, 0x27, 0x8a, 0x7c, 0xcf, 0x75, 0x52, 0x2f, 0x0c, 0x26, 0x37, - 0x5f, 0x70, 0xfc, 0x68, 0xdd, 0x79, 0x61, 0xb2, 0x4d, 0x02, 0x12, 0x3b, 0x29, 0x69, 0x4d, 0x44, - 0x71, 0x98, 0x86, 0xe8, 0x47, 0x35, 0xb5, 0x09, 0x49, 0x8d, 0xfd, 0x78, 0xc3, 0x6d, 0x4d, 0x6c, - 0x5e, 0x9c, 0x88, 0x36, 0xda, 0x13, 0x94, 0xda, 0x84, 0x41, 0x6d, 0x42, 0x52, 0x3b, 0xff, 0xbc, - 0xd1, 0x97, 0x76, 0xd8, 0x0e, 0x27, 0x19, 0xd1, 0xd5, 0xee, 0x1a, 0xfb, 0xc7, 0xfe, 0xb0, 0x5f, - 0x9c, 0xd9, 0x79, 0x7b, 0xe3, 0xe5, 0x64, 0xc2, 0x0b, 0x69, 0xf7, 0x26, 0xdd, 0x30, 0x26, 0x93, - 0x9b, 0x3d, 0x1d, 0x3a, 0x7f, 0x55, 0xe3, 0x90, 0xad, 0x94, 0x04, 0x89, 0x17, 0x06, 0xc9, 0xf3, - 0xb4, 0x0b, 0x24, 0xde, 0x24, 0xb1, 0xf9, 0x7a, 0x06, 0x42, 0x11, 0xa5, 0x17, 0x35, 0xa5, 0x8e, - 0xe3, 0xae, 0x7b, 0x01, 0x89, 0xb7, 0xf5, 0xe3, 0x1d, 0x92, 0x3a, 0x45, 0x4f, 0x4d, 0xf6, 0x7b, - 0x2a, 0xee, 0x06, 0xa9, 0xd7, 0x21, 0x3d, 0x0f, 0xbc, 0x77, 0xaf, 0x07, 0x12, 0x77, 0x9d, 0x74, - 0x9c, 0x9e, 0xe7, 0xde, 0xd3, 0xef, 0xb9, 0x6e, 0xea, 0xf9, 0x93, 0x5e, 0x90, 0x26, 0x69, 0x9c, - 0x7f, 0xc8, 0x7e, 0x13, 0x8e, 0x4d, 0xdd, 0x5e, 0x9e, 0xea, 0xa6, 0xeb, 0x33, 0x61, 0xb0, 0xe6, - 0xb5, 0xd1, 0x4b, 0x30, 0xe2, 0xfa, 0xdd, 0x24, 0x25, 0xf1, 0x0d, 0xa7, 0x43, 0xc6, 0xac, 0x0b, - 0xd6, 0xb3, 0xcd, 0xe9, 0xd3, 0xdf, 0xdc, 0x19, 0x7f, 0xc7, 0xee, 0xce, 0xf8, 0xc8, 0x8c, 0x06, - 0x61, 0x13, 0x0f, 0xbd, 0x0b, 0x86, 0xe3, 0xd0, 0x27, 0x53, 0xf8, 0xc6, 0x58, 0x85, 0x3d, 0x72, - 0x42, 0x3c, 0x32, 0x8c, 0x79, 0x33, 0x96, 0x70, 0xfb, 0x0f, 0x2a, 0x00, 0x53, 0x51, 0xb4, 0x14, - 0x87, 0x77, 0x88, 0x9b, 0xa2, 0x8f, 0x40, 0x83, 0x0e, 0x5d, 0xcb, 0x49, 0x1d, 0xc6, 0x6d, 0xe4, - 0xe2, 0x0f, 0x4f, 0xf0, 0x37, 0x99, 0x30, 0xdf, 0x44, 0x4f, 0x1c, 0x8a, 0x3d, 0xb1, 0xf9, 0xc2, - 0xc4, 0xe2, 0x2a, 0x7d, 0x7e, 0x81, 0xa4, 0xce, 0x34, 0x12, 0xcc, 0x40, 0xb7, 0x61, 0x45, 0x15, - 0x05, 0x50, 0x4b, 0x22, 0xe2, 0xb2, 0x8e, 0x8d, 0x5c, 0x9c, 0x9f, 0x38, 0xcc, 0x0c, 0x9d, 0xd0, - 0x3d, 0x5f, 0x8e, 0x88, 0x3b, 0x3d, 0x2a, 0x38, 0xd7, 0xe8, 0x3f, 0xcc, 0xf8, 0xa0, 0x4d, 0x18, - 0x4a, 0x52, 0x27, 0xed, 0x26, 0x63, 0x55, 0xc6, 0xf1, 0x46, 0x69, 0x1c, 0x19, 0xd5, 0xe9, 0xe3, - 0x82, 0xe7, 0x10, 0xff, 0x8f, 0x05, 0x37, 0xfb, 0x8f, 0x2d, 0x38, 0xae, 0x91, 0xe7, 0xbd, 0x24, - 0x45, 0x3f, 0xd1, 0x33, 0xb8, 0x13, 0x83, 0x0d, 0x2e, 0x7d, 0x9a, 0x0d, 0xed, 0x49, 0xc1, 0xac, - 0x21, 0x5b, 0x8c, 0x81, 0xed, 0x40, 0xdd, 0x4b, 0x49, 0x27, 0x19, 0xab, 0x5c, 0xa8, 0x3e, 0x3b, - 0x72, 0xf1, 0x6a, 0x59, 0xef, 0x39, 0x7d, 0x4c, 0x30, 0xad, 0xcf, 0x51, 0xf2, 0x98, 0x73, 0xb1, - 0x7f, 0x6d, 0xd4, 0x7c, 0x3f, 0x3a, 0xe0, 0xe8, 0x05, 0x18, 0x49, 0xc2, 0x6e, 0xec, 0x12, 0x4c, - 0xa2, 0x30, 0x19, 0xb3, 0x2e, 0x54, 0xe9, 0xd4, 0xa3, 0x33, 0x75, 0x59, 0x37, 0x63, 0x13, 0x07, - 0x7d, 0xde, 0x82, 0xd1, 0x16, 0x49, 0x52, 0x2f, 0x60, 0xfc, 0x65, 0xe7, 0x57, 0x0e, 0xdd, 0x79, - 0xd9, 0x38, 0xab, 0x89, 0x4f, 0x9f, 0x11, 0x2f, 0x32, 0x6a, 0x34, 0x26, 0x38, 0xc3, 0x9f, 0xae, - 0xb8, 0x16, 0x49, 0xdc, 0xd8, 0x8b, 0xe8, 0x7f, 0x36, 0x67, 0x8c, 0x15, 0x37, 0xab, 0x41, 0xd8, - 0xc4, 0x43, 0x01, 0xd4, 0xe9, 0x8a, 0x4a, 0xc6, 0x6a, 0xac, 0xff, 0x73, 0x87, 0xeb, 0xbf, 0x18, - 0x54, 0xba, 0x58, 0xf5, 0xe8, 0xd3, 0x7f, 0x09, 0xe6, 0x6c, 0xd0, 0xe7, 0x2c, 0x18, 0x13, 0x2b, - 0x1e, 0x13, 0x3e, 0xa0, 0xb7, 0xd7, 0xbd, 0x94, 0xf8, 0x5e, 0x92, 0x8e, 0xd5, 0x59, 0x1f, 0x26, - 0x07, 0x9b, 0x5b, 0x57, 0xe2, 0xb0, 0x1b, 0x5d, 0xf7, 0x82, 0xd6, 0xf4, 0x05, 0xc1, 0x69, 0x6c, - 0xa6, 0x0f, 0x61, 0xdc, 0x97, 0x25, 0xfa, 0xb2, 0x05, 0xe7, 0x03, 0xa7, 0x43, 0x92, 0xc8, 0xa1, - 0x9f, 0x96, 0x83, 0xa7, 0x7d, 0xc7, 0xdd, 0x60, 0x3d, 0x1a, 0x3a, 0x58, 0x8f, 0x6c, 0xd1, 0xa3, - 0xf3, 0x37, 0xfa, 0x92, 0xc6, 0xf7, 0x61, 0x8b, 0xbe, 0x6e, 0xc1, 0xa9, 0x30, 0x8e, 0xd6, 0x9d, - 0x80, 0xb4, 0x24, 0x34, 0x19, 0x1b, 0x66, 0x4b, 0xef, 0xc3, 0x87, 0xfb, 0x44, 0x8b, 0x79, 0xb2, - 0x0b, 0x61, 0xe0, 0xa5, 0x61, 0xbc, 0x4c, 0xd2, 0xd4, 0x0b, 0xda, 0xc9, 0xf4, 0xd9, 0xdd, 0x9d, - 0xf1, 0x53, 0x3d, 0x58, 0xb8, 0xb7, 0x3f, 0xe8, 0x27, 0x61, 0x24, 0xd9, 0x0e, 0xdc, 0xdb, 0x5e, - 0xd0, 0x0a, 0xef, 0x26, 0x63, 0x8d, 0x32, 0x96, 0xef, 0xb2, 0x22, 0x28, 0x16, 0xa0, 0x66, 0x80, - 0x4d, 0x6e, 0xc5, 0x1f, 0x4e, 0x4f, 0xa5, 0x66, 0xd9, 0x1f, 0x4e, 0x4f, 0xa6, 0xfb, 0xb0, 0x45, - 0x3f, 0x6f, 0xc1, 0xb1, 0xc4, 0x6b, 0x07, 0x4e, 0xda, 0x8d, 0xc9, 0x75, 0xb2, 0x9d, 0x8c, 0x01, - 0xeb, 0xc8, 0xb5, 0x43, 0x8e, 0x8a, 0x41, 0x72, 0xfa, 0xac, 0xe8, 0xe3, 0x31, 0xb3, 0x35, 0xc1, - 0x59, 0xbe, 0x45, 0x0b, 0x4d, 0x4f, 0xeb, 0x91, 0x72, 0x17, 0x9a, 0x9e, 0xd4, 0x7d, 0x59, 0xa2, - 0x1f, 0x87, 0x93, 0xbc, 0x49, 0x8d, 0x6c, 0x32, 0x36, 0xca, 0x04, 0xed, 0x99, 0xdd, 0x9d, 0xf1, - 0x93, 0xcb, 0x39, 0x18, 0xee, 0xc1, 0x46, 0x6f, 0xc2, 0x78, 0x44, 0xe2, 0x8e, 0x97, 0x2e, 0x06, - 0xfe, 0xb6, 0x14, 0xdf, 0x6e, 0x18, 0x91, 0x96, 0xe8, 0x4e, 0x32, 0x76, 0xec, 0x82, 0xf5, 0x6c, - 0x63, 0xfa, 0x87, 0x44, 0x37, 0xc7, 0x97, 0xee, 0x8f, 0x8e, 0xf7, 0xa2, 0x67, 0xff, 0xf3, 0x0a, - 0x9c, 0xcc, 0x6f, 0x9c, 0xe8, 0x6f, 0x5a, 0x70, 0xe2, 0xce, 0xdd, 0x74, 0x25, 0xdc, 0x20, 0x41, - 0x32, 0xbd, 0x4d, 0xc5, 0x1b, 0xdb, 0x32, 0x46, 0x2e, 0xba, 0xe5, 0x6e, 0xd1, 0x13, 0xd7, 0xb2, - 0x5c, 0x2e, 0x05, 0x69, 0xbc, 0x3d, 0xfd, 0xb8, 0x78, 0xbb, 0x13, 0xd7, 0x6e, 0xaf, 0x98, 0x50, - 0x9c, 0xef, 0xd4, 0xf9, 0xcf, 0x58, 0x70, 0xa6, 0x88, 0x04, 0x3a, 0x09, 0xd5, 0x0d, 0xb2, 0xcd, - 0xb5, 0x32, 0x4c, 0x7f, 0xa2, 0xd7, 0xa1, 0xbe, 0xe9, 0xf8, 0x5d, 0x22, 0xb4, 0x9b, 0x2b, 0x87, - 0x7b, 0x11, 0xd5, 0x33, 0xcc, 0xa9, 0xfe, 0x48, 0xe5, 0x65, 0xcb, 0xfe, 0x57, 0x55, 0x18, 0x31, - 0xf6, 0xb7, 0x07, 0xa0, 0xb1, 0x85, 0x19, 0x8d, 0x6d, 0xa1, 0xb4, 0xad, 0xb9, 0xaf, 0xca, 0x76, - 0x37, 0xa7, 0xb2, 0x2d, 0x96, 0xc7, 0xf2, 0xbe, 0x3a, 0x1b, 0x4a, 0xa1, 0x19, 0x46, 0x54, 0x23, - 0xa7, 0x5b, 0x7f, 0xad, 0x8c, 0x4f, 0xb8, 0x28, 0xc9, 0x4d, 0x1f, 0xdb, 0xdd, 0x19, 0x6f, 0xaa, - 0xbf, 0x58, 0x33, 0xb2, 0xbf, 0x6d, 0xc1, 0x19, 0xa3, 0x8f, 0x33, 0x61, 0xd0, 0xf2, 0xd8, 0xa7, - 0xbd, 0x00, 0xb5, 0x74, 0x3b, 0x92, 0x6a, 0xbf, 0x1a, 0xa9, 0x95, 0xed, 0x88, 0x60, 0x06, 0xa1, - 0x8a, 0x7e, 0x87, 0x24, 0x89, 0xd3, 0x26, 0x79, 0x45, 0x7f, 0x81, 0x37, 0x63, 0x09, 0x47, 0x31, - 0x20, 0xdf, 0x49, 0xd2, 0x95, 0xd8, 0x09, 0x12, 0x46, 0x7e, 0xc5, 0xeb, 0x10, 0x31, 0xc0, 0xff, - 0xdf, 0x60, 0x33, 0x86, 0x3e, 0x31, 0xfd, 0xd8, 0xee, 0xce, 0x38, 0x9a, 0xef, 0xa1, 0x84, 0x0b, - 0xa8, 0xdb, 0x5f, 0xb6, 0xe0, 0xb1, 0x62, 0x5d, 0x0c, 0x3d, 0x03, 0x43, 0xdc, 0xe4, 0x13, 0x6f, - 0xa7, 0x3f, 0x09, 0x6b, 0xc5, 0x02, 0x8a, 0x26, 0xa1, 0xa9, 0xf6, 0x09, 0xf1, 0x8e, 0xa7, 0x04, - 0x6a, 0x53, 0x6f, 0x2e, 0x1a, 0x87, 0x0e, 0x1a, 0xfd, 0x23, 0x34, 0x37, 0x35, 0x68, 0xcc, 0x48, - 0x62, 0x10, 0xfb, 0xdf, 0x5b, 0x70, 0xc2, 0xe8, 0xd5, 0x03, 0x50, 0xcd, 0x83, 0xac, 0x6a, 0x3e, - 0x57, 0xda, 0x7c, 0xee, 0xa3, 0x9b, 0x7f, 0xce, 0x82, 0xf3, 0x06, 0xd6, 0x82, 0x93, 0xba, 0xeb, - 0x97, 0xb6, 0xa2, 0x98, 0x24, 0xd4, 0x9c, 0x46, 0x4f, 0x1a, 0x72, 0x6b, 0x7a, 0x44, 0x50, 0xa8, - 0x5e, 0x27, 0xdb, 0x5c, 0x88, 0x3d, 0x07, 0x0d, 0x3e, 0x39, 0xc3, 0x58, 0x8c, 0xb8, 0x7a, 0xb7, - 0x45, 0xd1, 0x8e, 0x15, 0x06, 0xb2, 0x61, 0x88, 0x09, 0x27, 0xba, 0x58, 0xe9, 0x36, 0x04, 0xf4, - 0x23, 0xde, 0x62, 0x2d, 0x58, 0x40, 0xec, 0xc5, 0x4c, 0x77, 0x96, 0x62, 0xc2, 0x3e, 0x6e, 0xeb, - 0xb2, 0x47, 0xfc, 0x56, 0x42, 0xcd, 0x06, 0x27, 0x08, 0xc2, 0x54, 0x58, 0x00, 0x86, 0xd9, 0x30, - 0xa5, 0x9b, 0xb1, 0x89, 0x63, 0xef, 0x56, 0x98, 0xf1, 0xa1, 0x96, 0x35, 0x79, 0x10, 0x96, 0x6b, - 0x9c, 0x91, 0x83, 0x4b, 0xe5, 0x09, 0x25, 0xd2, 0xdf, 0x7a, 0x7d, 0x2b, 0x27, 0x0a, 0x71, 0xa9, - 0x5c, 0xef, 0x6f, 0xc1, 0xfe, 0x76, 0x05, 0xc6, 0xb3, 0x0f, 0xf4, 0x48, 0x52, 0x6a, 0x2e, 0x19, - 0x8c, 0xf2, 0x0e, 0x0a, 0x03, 0x1f, 0x9b, 0x78, 0x7d, 0x84, 0x51, 0xe5, 0x28, 0x85, 0x91, 0x29, - 0x2b, 0xab, 0x7b, 0xc8, 0xca, 0x67, 0xd4, 0xa8, 0xd7, 0x72, 0xc2, 0x29, 0xbb, 0x5f, 0x5c, 0x80, - 0x5a, 0x92, 0x92, 0x68, 0xac, 0x9e, 0x95, 0x35, 0xcb, 0x29, 0x89, 0x30, 0x83, 0xd8, 0xff, 0xa5, - 0x02, 0x8f, 0x67, 0xc7, 0x50, 0x8b, 0xf7, 0xf7, 0x67, 0xc4, 0xfb, 0xbb, 0x4d, 0xf1, 0x7e, 0x6f, - 0x67, 0xfc, 0x9d, 0x7d, 0x1e, 0xfb, 0x9e, 0x91, 0xfe, 0xe8, 0x4a, 0x6e, 0x14, 0x27, 0xb3, 0xa3, - 0x78, 0x6f, 0x67, 0xfc, 0xc9, 0x3e, 0xef, 0x98, 0x1b, 0xe6, 0x67, 0x60, 0x28, 0x26, 0x4e, 0x12, - 0x06, 0x62, 0xa0, 0xd5, 0xe7, 0xc0, 0xac, 0x15, 0x0b, 0xa8, 0xfd, 0xaf, 0x9b, 0xf9, 0xc1, 0xbe, - 0xc2, 0x1d, 0x6c, 0x61, 0x8c, 0x3c, 0xa8, 0x31, 0x95, 0x9d, 0x8b, 0x86, 0xeb, 0x87, 0x5b, 0x46, - 0x54, 0xc4, 0x2b, 0xd2, 0xd3, 0x0d, 0xfa, 0xd5, 0x68, 0x13, 0x66, 0x2c, 0xd0, 0x16, 0x34, 0x5c, - 0xa9, 0x49, 0x57, 0xca, 0xf0, 0x39, 0x09, 0x3d, 0x5a, 0x73, 0x1c, 0xa5, 0xb2, 0x58, 0xa9, 0xdf, - 0x8a, 0x1b, 0x22, 0x50, 0x6d, 0x7b, 0xa9, 0xf8, 0xac, 0x87, 0xb4, 0x95, 0xae, 0x78, 0xc6, 0x2b, - 0x0e, 0xd3, 0x0d, 0xe2, 0x8a, 0x97, 0x62, 0x4a, 0x1f, 0xfd, 0xac, 0x05, 0x23, 0x89, 0xdb, 0x59, - 0x8a, 0xc3, 0x4d, 0xaf, 0x45, 0x62, 0xa1, 0x29, 0x1d, 0x52, 0x34, 0x2d, 0xcf, 0x2c, 0x48, 0x82, - 0x9a, 0x2f, 0xb7, 0x5d, 0x35, 0x04, 0x9b, 0x7c, 0xa9, 0x05, 0xf1, 0xb8, 0x78, 0xf7, 0x59, 0xe2, - 0x7a, 0x74, 0x6f, 0x93, 0x06, 0x13, 0x9b, 0x29, 0x87, 0xd6, 0x1c, 0x67, 0xbb, 0xee, 0x06, 0x5d, - 0x6f, 0xba, 0x43, 0xef, 0xdc, 0xdd, 0x19, 0x7f, 0x7c, 0xa6, 0x98, 0x27, 0xee, 0xd7, 0x19, 0x36, - 0x60, 0x51, 0xd7, 0xf7, 0x31, 0x79, 0xb3, 0x4b, 0x98, 0x3b, 0xa4, 0x84, 0x01, 0x5b, 0xd2, 0x04, - 0x73, 0x03, 0x66, 0x40, 0xb0, 0xc9, 0x17, 0xbd, 0x09, 0x43, 0x1d, 0x27, 0x8d, 0xbd, 0x2d, 0xe1, - 0x03, 0x39, 0xa4, 0x2e, 0xbf, 0xc0, 0x68, 0x69, 0xe6, 0x6c, 0xeb, 0xe7, 0x8d, 0x58, 0x30, 0x42, - 0x1d, 0xa8, 0x77, 0x48, 0xdc, 0x26, 0x63, 0x8d, 0x32, 0xfc, 0xbd, 0x0b, 0x94, 0x94, 0x66, 0xd8, - 0xa4, 0x9a, 0x0f, 0x6b, 0xc3, 0x9c, 0x0b, 0x7a, 0x1d, 0x1a, 0x09, 0xf1, 0x89, 0x4b, 0x75, 0x97, - 0x26, 0xe3, 0xf8, 0x9e, 0x01, 0xf5, 0x38, 0x67, 0x95, 0xf8, 0xcb, 0xe2, 0x51, 0xbe, 0xc0, 0xe4, - 0x3f, 0xac, 0x48, 0xd2, 0x01, 0x8c, 0xfc, 0x6e, 0xdb, 0x0b, 0xc6, 0xa0, 0x8c, 0x01, 0x5c, 0x62, - 0xb4, 0x72, 0x03, 0xc8, 0x1b, 0xb1, 0x60, 0x64, 0xff, 0x47, 0x0b, 0x50, 0x56, 0xa8, 0x3d, 0x00, - 0x85, 0xf5, 0xcd, 0xac, 0xc2, 0x3a, 0x5f, 0xa6, 0xd6, 0xd1, 0x47, 0x67, 0xfd, 0xcd, 0x26, 0xe4, - 0xb6, 0x83, 0x1b, 0x24, 0x49, 0x49, 0xeb, 0x6d, 0x11, 0xfe, 0xb6, 0x08, 0x7f, 0x5b, 0x84, 0x2b, - 0x11, 0xbe, 0x9a, 0x13, 0xe1, 0xef, 0x33, 0x56, 0xbd, 0x3e, 0x30, 0x7d, 0x43, 0x9d, 0xa8, 0x9a, - 0x3d, 0x30, 0x10, 0xa8, 0x24, 0xb8, 0xb6, 0xbc, 0x78, 0xa3, 0x50, 0x66, 0xbf, 0x91, 0x95, 0xd9, - 0x87, 0x65, 0xf1, 0xff, 0x82, 0x94, 0xfe, 0xab, 0x15, 0x38, 0x97, 0x95, 0x5e, 0x38, 0xf4, 0xfd, - 0xb0, 0x9b, 0x52, 0x5b, 0x00, 0xfd, 0x92, 0x05, 0x27, 0x3b, 0x59, 0x23, 0x3c, 0x11, 0xbe, 0xce, - 0x0f, 0x94, 0x26, 0x5a, 0x73, 0x56, 0xfe, 0xf4, 0x98, 0x10, 0xb3, 0x27, 0x73, 0x80, 0x04, 0xf7, - 0xf4, 0x05, 0xbd, 0x0e, 0xcd, 0x8e, 0xb3, 0x75, 0x33, 0x6a, 0x39, 0xa9, 0x34, 0xc3, 0xfa, 0x5b, - 0xcf, 0xdd, 0xd4, 0xf3, 0x27, 0xf8, 0x09, 0xf6, 0xc4, 0x5c, 0x90, 0x2e, 0xc6, 0xcb, 0x69, 0xec, - 0x05, 0x6d, 0xee, 0xe1, 0x5a, 0x90, 0x64, 0xb0, 0xa6, 0x68, 0x7f, 0xd5, 0xca, 0xcb, 0x76, 0x35, - 0x3a, 0xb1, 0x93, 0x92, 0xf6, 0x36, 0xfa, 0x28, 0xd4, 0xa9, 0xbd, 0x24, 0x47, 0xe5, 0x76, 0x99, - 0x1b, 0x8e, 0xf1, 0x25, 0xf4, 0xde, 0x43, 0xff, 0x25, 0x98, 0x33, 0xb5, 0xbf, 0x3c, 0x9c, 0xdf, - 0x63, 0xd9, 0x79, 0xe6, 0x45, 0x80, 0x76, 0xb8, 0x42, 0x3a, 0x91, 0x4f, 0x87, 0xc5, 0x62, 0x4e, - 0x71, 0xe5, 0x22, 0xb8, 0xa2, 0x20, 0xd8, 0xc0, 0x42, 0x7f, 0xde, 0x02, 0x68, 0xcb, 0xa9, 0x22, - 0xf7, 0xcf, 0x9b, 0x65, 0xbe, 0x8e, 0x9e, 0x88, 0xba, 0x2f, 0x8a, 0x21, 0x36, 0x98, 0xa3, 0x9f, - 0xb6, 0xa0, 0x91, 0xca, 0xee, 0xf3, 0x1d, 0x65, 0xa5, 0xcc, 0x9e, 0xc8, 0x97, 0xd6, 0xaa, 0x84, - 0x1a, 0x12, 0xc5, 0x17, 0xfd, 0x9c, 0x05, 0x90, 0x6c, 0x07, 0xee, 0x52, 0xe8, 0x7b, 0xee, 0xb6, - 0xd8, 0x68, 0x6e, 0x95, 0xea, 0xc6, 0x50, 0xd4, 0xa7, 0x8f, 0xd3, 0xd1, 0xd0, 0xff, 0xb1, 0xc1, - 0x19, 0x7d, 0x1c, 0x1a, 0x89, 0x98, 0x6e, 0x62, 0x6b, 0x59, 0x29, 0xd7, 0x99, 0xc2, 0x69, 0x0b, - 0xa9, 0x24, 0xfe, 0x61, 0xc5, 0x13, 0xfd, 0x82, 0x05, 0x27, 0xa2, 0xac, 0xeb, 0x4b, 0xec, 0x22, - 0xe5, 0xc9, 0x80, 0x9c, 0x6b, 0x6d, 0xfa, 0xf4, 0xee, 0xce, 0xf8, 0x89, 0x5c, 0x23, 0xce, 0xf7, - 0x02, 0xcd, 0xc0, 0x29, 0x3d, 0x83, 0x17, 0x23, 0xee, 0x86, 0x1b, 0x66, 0x6e, 0x38, 0x76, 0x8a, - 0x79, 0x25, 0x0f, 0xc4, 0xbd, 0xf8, 0x68, 0x09, 0xce, 0xd0, 0xde, 0x6d, 0x73, 0xad, 0x4d, 0x4a, - 0xe5, 0x84, 0xed, 0x21, 0x8d, 0xe9, 0x27, 0xc4, 0x0c, 0x61, 0x8e, 0xee, 0x3c, 0x0e, 0x2e, 0x7c, - 0xd2, 0xfe, 0x56, 0x25, 0xe3, 0x17, 0x57, 0x0e, 0x2b, 0xb6, 0xc6, 0x5c, 0xe9, 0x2b, 0x90, 0x22, - 0xa3, 0xd4, 0x35, 0xa6, 0x3c, 0x11, 0x7a, 0x8d, 0xa9, 0xa6, 0x04, 0x1b, 0xcc, 0xa9, 0x02, 0x73, - 0xca, 0xc9, 0xbb, 0xc5, 0xc4, 0xb2, 0x7f, 0xbd, 0xcc, 0x2e, 0xf5, 0x9e, 0x62, 0x9c, 0x13, 0x5d, - 0x3b, 0xd5, 0x03, 0xc2, 0xbd, 0x5d, 0xb2, 0xbf, 0x95, 0xf5, 0xc5, 0x1b, 0x33, 0x76, 0x80, 0x73, - 0x86, 0xcf, 0x5b, 0x30, 0x12, 0x87, 0xbe, 0xef, 0x05, 0x6d, 0xba, 0xba, 0xc4, 0x16, 0xf1, 0xa1, - 0x23, 0x91, 0xd2, 0x62, 0x19, 0x31, 0x35, 0x08, 0x6b, 0x9e, 0xd8, 0xec, 0x80, 0xfd, 0xc7, 0x16, - 0x8c, 0xf5, 0x93, 0x02, 0x88, 0xc0, 0x3b, 0xe5, 0x14, 0x57, 0xa7, 0xec, 0x8b, 0xc1, 0x2c, 0xf1, - 0x89, 0x72, 0x52, 0x36, 0xa6, 0x9f, 0x16, 0xaf, 0xf9, 0xce, 0xa5, 0xfe, 0xa8, 0xf8, 0x7e, 0x74, - 0xd0, 0x6b, 0x70, 0xd2, 0x78, 0xaf, 0x44, 0x0d, 0x4c, 0x73, 0x7a, 0x82, 0x6e, 0xbb, 0x53, 0x39, - 0xd8, 0xbd, 0x9d, 0xf1, 0xc7, 0xf2, 0x6d, 0x42, 0x4c, 0xf5, 0xd0, 0xb1, 0x7f, 0xb5, 0x92, 0xff, - 0x5a, 0x6a, 0x87, 0xf9, 0x8a, 0xd5, 0x63, 0xfa, 0x7d, 0xe0, 0x28, 0xa4, 0x3a, 0x33, 0x12, 0xd5, - 0x41, 0x7e, 0x7f, 0x9c, 0x87, 0x78, 0x52, 0x68, 0xff, 0x8b, 0x1a, 0xdc, 0xa7, 0x67, 0xea, 0x2c, - 0xc8, 0xea, 0x77, 0x16, 0xb4, 0xff, 0xe3, 0xa5, 0xcf, 0x5a, 0x30, 0xe4, 0x53, 0x2d, 0x94, 0x9f, - 0x77, 0x8c, 0x5c, 0x6c, 0x1d, 0xd5, 0xd8, 0x73, 0x65, 0x37, 0xe1, 0xa7, 0xd5, 0xca, 0xe5, 0xc9, - 0x1b, 0xb1, 0xe8, 0x03, 0xfa, 0x9a, 0x95, 0x3d, 0x3c, 0xe1, 0xe1, 0x47, 0xde, 0x91, 0xf5, 0xc9, - 0x38, 0x91, 0xe1, 0x1d, 0xd3, 0xbe, 0xfe, 0x3e, 0x67, 0x35, 0x68, 0x02, 0x60, 0xcd, 0x0b, 0x1c, - 0xdf, 0x7b, 0x8b, 0x5a, 0xd3, 0x75, 0xb6, 0xad, 0xb0, 0x7d, 0xfa, 0xb2, 0x6a, 0xc5, 0x06, 0xc6, - 0xf9, 0x3f, 0x07, 0x23, 0xc6, 0x9b, 0x17, 0x1c, 0xb2, 0x9f, 0x31, 0x0f, 0xd9, 0x9b, 0xc6, 0xd9, - 0xf8, 0xf9, 0xf7, 0xc1, 0xc9, 0x7c, 0x07, 0xf7, 0xf3, 0xbc, 0xfd, 0x3f, 0x86, 0xf3, 0x27, 0x1e, - 0x2b, 0x24, 0xee, 0xd0, 0xae, 0xbd, 0xed, 0x85, 0x78, 0xdb, 0x0b, 0xf1, 0xb6, 0x17, 0xc2, 0x74, - 0x24, 0x0b, 0x0b, 0x7b, 0xf8, 0x01, 0x59, 0xd8, 0x19, 0x9f, 0x41, 0xa3, 0x74, 0x9f, 0x81, 0xbd, - 0x5b, 0x87, 0x8c, 0x1e, 0xc5, 0xc7, 0xfb, 0x5d, 0x30, 0x1c, 0x93, 0x28, 0xbc, 0x89, 0xe7, 0xc5, - 0x1e, 0xa2, 0x03, 0xa9, 0x79, 0x33, 0x96, 0x70, 0xba, 0xd7, 0x44, 0x4e, 0xba, 0x2e, 0x36, 0x11, - 0xb5, 0xd7, 0x2c, 0x39, 0xe9, 0x3a, 0x66, 0x10, 0xf4, 0x3e, 0x38, 0x9e, 0x3a, 0x71, 0x9b, 0xa4, - 0x98, 0x6c, 0xb2, 0xcf, 0x2a, 0xce, 0xc5, 0x1e, 0x13, 0xb8, 0xc7, 0x57, 0x32, 0x50, 0x9c, 0xc3, - 0x46, 0x6f, 0x42, 0x6d, 0x9d, 0xf8, 0x1d, 0x31, 0xe4, 0xcb, 0xe5, 0xc9, 0x78, 0xf6, 0xae, 0x57, - 0x89, 0xdf, 0xe1, 0x12, 0x88, 0xfe, 0xc2, 0x8c, 0x15, 0x9d, 0x6f, 0xcd, 0x8d, 0x6e, 0x92, 0x86, - 0x1d, 0xef, 0x2d, 0xe9, 0x0e, 0xfa, 0x40, 0xc9, 0x8c, 0xaf, 0x4b, 0xfa, 0xdc, 0x81, 0xa0, 0xfe, - 0x62, 0xcd, 0x99, 0xf5, 0xa3, 0xe5, 0xc5, 0xec, 0x53, 0x6d, 0x0b, 0xaf, 0x4e, 0xd9, 0xfd, 0x98, - 0x95, 0xf4, 0x79, 0x3f, 0xd4, 0x5f, 0xac, 0x39, 0xa3, 0x6d, 0x35, 0xef, 0x47, 0x58, 0x1f, 0x6e, - 0x96, 0xdc, 0x07, 0x3e, 0xe7, 0x0b, 0xe7, 0xff, 0xd3, 0x50, 0x77, 0xd7, 0x9d, 0x38, 0x1d, 0x1b, - 0x65, 0x93, 0x46, 0x39, 0x32, 0x66, 0x68, 0x23, 0xe6, 0x30, 0xf4, 0x24, 0x54, 0x63, 0xb2, 0xc6, - 0xe2, 0xf7, 0x8c, 0xc8, 0x0e, 0x4c, 0xd6, 0x30, 0x6d, 0xb7, 0x7f, 0xb9, 0x92, 0x55, 0x97, 0xb2, - 0xef, 0xcd, 0x67, 0xbb, 0xdb, 0x8d, 0x13, 0xe9, 0xec, 0x30, 0x66, 0x3b, 0x6b, 0xc6, 0x12, 0x8e, - 0x3e, 0x69, 0xc1, 0xf0, 0x9d, 0x24, 0x0c, 0x02, 0x92, 0x8a, 0xad, 0xe9, 0x56, 0xc9, 0x43, 0x71, - 0x8d, 0x53, 0xd7, 0x7d, 0x10, 0x0d, 0x58, 0xf2, 0xa5, 0xdd, 0x25, 0x5b, 0xae, 0xdf, 0x6d, 0xf5, - 0x1c, 0xe8, 0x5f, 0xe2, 0xcd, 0x58, 0xc2, 0x29, 0xaa, 0x17, 0x70, 0xd4, 0x5a, 0x16, 0x75, 0x2e, - 0x10, 0xa8, 0x02, 0x6e, 0xff, 0xe5, 0x21, 0x38, 0x5b, 0xb8, 0x38, 0xa8, 0x22, 0xc3, 0x54, 0x85, - 0xcb, 0x9e, 0x4f, 0x64, 0x98, 0x0a, 0x53, 0x64, 0x6e, 0xa9, 0x56, 0x6c, 0x60, 0xa0, 0x9f, 0x02, - 0x88, 0x9c, 0xd8, 0xe9, 0x10, 0xb1, 0x81, 0x57, 0x0f, 0xaf, 0x2f, 0xd0, 0x7e, 0x2c, 0x49, 0x9a, - 0xda, 0x36, 0x55, 0x4d, 0x09, 0x36, 0x58, 0xa2, 0x97, 0x60, 0x24, 0x26, 0x3e, 0x71, 0x12, 0x16, - 0xfe, 0x99, 0x8f, 0x65, 0xc7, 0x1a, 0x84, 0x4d, 0x3c, 0xf4, 0x8c, 0x8a, 0xe8, 0xc9, 0x45, 0x3f, - 0x64, 0xa3, 0x7a, 0xd0, 0x17, 0x2c, 0x38, 0xbe, 0xe6, 0xf9, 0x44, 0x73, 0x17, 0x91, 0xe7, 0x8b, - 0x87, 0x7f, 0xc9, 0xcb, 0x26, 0x5d, 0x2d, 0x21, 0x33, 0xcd, 0x09, 0xce, 0xb1, 0xa7, 0x9f, 0x79, - 0x93, 0xc4, 0x4c, 0xb4, 0x0e, 0x65, 0x3f, 0xf3, 0x2d, 0xde, 0x8c, 0x25, 0x1c, 0x4d, 0xc1, 0x89, - 0xc8, 0x49, 0x92, 0x99, 0x98, 0xb4, 0x48, 0x90, 0x7a, 0x8e, 0xcf, 0xe3, 0xc2, 0x1b, 0x3a, 0x2e, - 0x74, 0x29, 0x0b, 0xc6, 0x79, 0x7c, 0xf4, 0x41, 0x78, 0xdc, 0x6b, 0x07, 0x61, 0x4c, 0x16, 0xbc, - 0x24, 0xf1, 0x82, 0xb6, 0x9e, 0x06, 0xc2, 0xe9, 0x31, 0x2e, 0x48, 0x3d, 0x3e, 0x57, 0x8c, 0x86, - 0xfb, 0x3d, 0x8f, 0x9e, 0x83, 0x46, 0xb2, 0xe1, 0x45, 0x33, 0x71, 0x2b, 0x61, 0x0e, 0xf2, 0x86, - 0x76, 0xb1, 0x2d, 0x8b, 0x76, 0xac, 0x30, 0x90, 0x0b, 0xa3, 0xfc, 0x93, 0xf0, 0xb0, 0x25, 0x21, - 0x1f, 0x9f, 0xef, 0xbb, 0x3d, 0x8a, 0xd4, 0xa5, 0x09, 0xec, 0xdc, 0xbd, 0x24, 0xdd, 0xf5, 0xd3, - 0x27, 0x77, 0x77, 0xc6, 0x47, 0x6f, 0x19, 0x64, 0x70, 0x86, 0xa8, 0xfd, 0x8b, 0x95, 0xac, 0xc5, - 0x6d, 0x2e, 0x52, 0x94, 0xd0, 0xa5, 0x98, 0xde, 0x72, 0x62, 0xe9, 0x8d, 0x39, 0x64, 0xf8, 0xba, - 0xa0, 0x7b, 0xcb, 0x89, 0xcd, 0x45, 0xcd, 0x18, 0x60, 0xc9, 0x09, 0xdd, 0x81, 0x5a, 0xea, 0x3b, - 0x25, 0xe5, 0xbb, 0x18, 0x1c, 0xb5, 0x03, 0x64, 0x7e, 0x2a, 0xc1, 0x8c, 0x07, 0x7a, 0x82, 0x6a, - 0xfd, 0xab, 0x32, 0xc6, 0x4d, 0x28, 0xea, 0xab, 0x09, 0x66, 0xad, 0xf6, 0xff, 0x69, 0x14, 0xc8, - 0x55, 0xb5, 0x91, 0xa1, 0x8b, 0x00, 0xd4, 0x80, 0x5c, 0x8a, 0xc9, 0x9a, 0xb7, 0x25, 0x14, 0x09, - 0xb5, 0x76, 0x6f, 0x28, 0x08, 0x36, 0xb0, 0xe4, 0x33, 0xcb, 0xdd, 0x35, 0xfa, 0x4c, 0xa5, 0xf7, - 0x19, 0x0e, 0xc1, 0x06, 0x16, 0x7a, 0x11, 0x86, 0xbc, 0x8e, 0xd3, 0x56, 0xa1, 0x78, 0x4f, 0xd0, - 0x45, 0x3b, 0xc7, 0x5a, 0xee, 0xed, 0x8c, 0x1f, 0x57, 0x1d, 0x62, 0x4d, 0x58, 0xe0, 0xa2, 0x5f, - 0xb5, 0x60, 0xd4, 0x0d, 0x3b, 0x9d, 0x30, 0xe0, 0x66, 0x97, 0xb0, 0x21, 0xef, 0x1c, 0xd5, 0x36, - 0x3f, 0x31, 0x63, 0x30, 0xe3, 0x46, 0xa4, 0x4a, 0xcc, 0x31, 0x41, 0x38, 0xd3, 0x2b, 0x73, 0x6d, - 0xd7, 0xf7, 0x58, 0xdb, 0xbf, 0x61, 0xc1, 0x29, 0xfe, 0xac, 0x61, 0x0d, 0x8a, 0x1c, 0x94, 0xf0, - 0x88, 0x5f, 0xab, 0xc7, 0x40, 0x56, 0x5e, 0xba, 0x1e, 0x38, 0xee, 0xed, 0x24, 0xba, 0x02, 0xa7, - 0xd6, 0xc2, 0xd8, 0x25, 0xe6, 0x40, 0x08, 0xc1, 0xa4, 0x08, 0x5d, 0xce, 0x23, 0xe0, 0xde, 0x67, - 0xd0, 0x2d, 0x78, 0xcc, 0x68, 0x34, 0xc7, 0x81, 0xcb, 0xa6, 0xa7, 0x04, 0xb5, 0xc7, 0x2e, 0x17, - 0x62, 0xe1, 0x3e, 0x4f, 0x67, 0x1d, 0x26, 0xcd, 0x01, 0x1c, 0x26, 0x6f, 0xc0, 0x39, 0xb7, 0x77, - 0x64, 0x36, 0x93, 0xee, 0x6a, 0xc2, 0x25, 0x55, 0x63, 0xfa, 0x07, 0x04, 0x81, 0x73, 0x33, 0xfd, - 0x10, 0x71, 0x7f, 0x1a, 0xe8, 0xa3, 0xd0, 0x88, 0x09, 0xfb, 0x2a, 0x89, 0x48, 0xc8, 0x38, 0xa4, - 0x95, 0xac, 0x35, 0x50, 0x4e, 0x56, 0xcb, 0x5e, 0xd1, 0x90, 0x60, 0xc5, 0xf1, 0xfc, 0xfb, 0xe1, - 0x54, 0xcf, 0x7c, 0xde, 0x97, 0xcf, 0x62, 0x16, 0x1e, 0x2b, 0x9e, 0x39, 0xfb, 0xf2, 0x5c, 0xfc, - 0x83, 0x5c, 0x9c, 0xa1, 0xa1, 0x4d, 0x0e, 0xe0, 0x05, 0x73, 0xa0, 0x4a, 0x82, 0x4d, 0x21, 0x48, - 0x2f, 0x1f, 0x6e, 0xf4, 0x2e, 0x05, 0x9b, 0x7c, 0xe2, 0x33, 0x53, 0xff, 0x52, 0xb0, 0x89, 0x29, - 0x6d, 0xf4, 0x25, 0x2b, 0xa3, 0x0d, 0x71, 0xdf, 0xd9, 0x87, 0x8f, 0x44, 0x7d, 0x1e, 0x58, 0x41, - 0xb2, 0xff, 0x65, 0x05, 0x2e, 0xec, 0x45, 0x64, 0x80, 0xe1, 0x7b, 0x1a, 0x86, 0x12, 0x76, 0x04, - 0x2a, 0x24, 0xd3, 0x08, 0x95, 0x4a, 0xfc, 0x50, 0xf4, 0x0d, 0x2c, 0x40, 0xc8, 0x87, 0x6a, 0xc7, - 0x89, 0x84, 0x4b, 0x65, 0xee, 0xb0, 0x59, 0x05, 0xf4, 0xbf, 0xe3, 0x2f, 0x38, 0x11, 0x37, 0xd4, - 0x8d, 0x06, 0x4c, 0xd9, 0xa0, 0x14, 0xea, 0x4e, 0x1c, 0x3b, 0xf2, 0xbc, 0xed, 0x7a, 0x39, 0xfc, - 0xa6, 0x28, 0xc9, 0xe9, 0x53, 0xbb, 0x3b, 0xe3, 0xc7, 0x32, 0x4d, 0x98, 0x33, 0xb3, 0x3f, 0x3b, - 0x9c, 0x89, 0xac, 0x67, 0x87, 0xa8, 0x09, 0x0c, 0x09, 0x4f, 0x8a, 0x55, 0x76, 0x32, 0x07, 0x4f, - 0x8d, 0x62, 0xc6, 0x92, 0x48, 0x30, 0x15, 0xac, 0xd0, 0x67, 0x2c, 0x96, 0xc6, 0x29, 0xb3, 0x0d, - 0x84, 0x89, 0x72, 0x34, 0x59, 0xa5, 0x66, 0x72, 0xa8, 0x6c, 0xc4, 0x26, 0x77, 0xba, 0x75, 0x45, - 0x3c, 0x21, 0x29, 0x6f, 0xa8, 0xc8, 0x44, 0x4f, 0x09, 0x47, 0x5b, 0x05, 0x87, 0xa5, 0x25, 0xa4, - 0x02, 0x0e, 0x70, 0x3c, 0xfa, 0x35, 0x0b, 0x4e, 0x71, 0x75, 0x74, 0xd6, 0x5b, 0x5b, 0x23, 0x31, - 0x09, 0x5c, 0x22, 0x15, 0xfa, 0x43, 0x1e, 0xc7, 0x4b, 0xf7, 0xd5, 0x5c, 0x9e, 0xbc, 0xde, 0xd3, - 0x7a, 0x40, 0xb8, 0xb7, 0x33, 0xa8, 0x05, 0x35, 0x2f, 0x58, 0x0b, 0xc5, 0x4e, 0x3e, 0x7d, 0xb8, - 0x4e, 0xcd, 0x05, 0x6b, 0xa1, 0x5e, 0xcd, 0xf4, 0x1f, 0x66, 0xd4, 0xd1, 0x3c, 0x9c, 0x89, 0x85, - 0xcb, 0xe5, 0xaa, 0x97, 0x50, 0xc3, 0x78, 0xde, 0xeb, 0x78, 0x29, 0xdb, 0x85, 0xab, 0xd3, 0x63, - 0xbb, 0x3b, 0xe3, 0x67, 0x70, 0x01, 0x1c, 0x17, 0x3e, 0x85, 0xde, 0x82, 0x61, 0x99, 0x77, 0xda, - 0x28, 0xc3, 0x38, 0xea, 0x9d, 0xff, 0x6a, 0x32, 0x2d, 0x8b, 0x14, 0x53, 0xc9, 0xd0, 0xfe, 0xc2, - 0x08, 0xf4, 0x9e, 0x0d, 0xa2, 0x8f, 0x41, 0x33, 0x56, 0xb9, 0xb0, 0x56, 0x19, 0xf1, 0x7d, 0xf2, - 0xfb, 0x8a, 0x73, 0x49, 0xa5, 0x0f, 0xe8, 0xac, 0x57, 0xcd, 0x91, 0x6a, 0xed, 0x89, 0x3e, 0x42, - 0x2c, 0x61, 0x6e, 0x0b, 0xae, 0xfa, 0x78, 0x68, 0x3b, 0x70, 0x31, 0xe3, 0x81, 0x62, 0x18, 0x5a, - 0x27, 0x8e, 0x9f, 0xae, 0x97, 0xe3, 0xc9, 0xbe, 0xca, 0x68, 0xe5, 0xb3, 0x26, 0x78, 0x2b, 0x16, - 0x9c, 0xd0, 0x16, 0x0c, 0xaf, 0xf3, 0x09, 0x20, 0x14, 0xe9, 0x85, 0xc3, 0x0e, 0x6e, 0x66, 0x56, - 0xe9, 0xcf, 0x2d, 0x1a, 0xb0, 0x64, 0xc7, 0x22, 0x2d, 0x8c, 0x63, 0x71, 0xbe, 0x74, 0xcb, 0x4b, - 0x18, 0x19, 0xfc, 0x4c, 0xfc, 0x23, 0x30, 0x1a, 0x13, 0x37, 0x0c, 0x5c, 0xcf, 0x27, 0xad, 0x29, - 0xe9, 0xa5, 0xde, 0x4f, 0x9a, 0x01, 0x33, 0x46, 0xb1, 0x41, 0x03, 0x67, 0x28, 0xa2, 0x4f, 0x5b, - 0x70, 0x5c, 0x25, 0xd0, 0xd1, 0x0f, 0x42, 0x84, 0x57, 0x74, 0xbe, 0xa4, 0x74, 0x3d, 0x46, 0x73, - 0x1a, 0xed, 0xee, 0x8c, 0x1f, 0xcf, 0xb6, 0xe1, 0x1c, 0x5f, 0xf4, 0x1a, 0x40, 0xb8, 0xca, 0xc3, - 0x29, 0xa6, 0x52, 0xe1, 0x22, 0xdd, 0xcf, 0xab, 0x1e, 0xe7, 0xf9, 0x46, 0x92, 0x02, 0x36, 0xa8, - 0xa1, 0xeb, 0x00, 0x7c, 0xd9, 0xac, 0x6c, 0x47, 0x52, 0xdb, 0x96, 0x79, 0x22, 0xb0, 0xac, 0x20, - 0xf7, 0x76, 0xc6, 0x7b, 0x5d, 0x56, 0xec, 0xf4, 0xde, 0x78, 0x1c, 0xfd, 0x24, 0x0c, 0x27, 0xdd, - 0x4e, 0xc7, 0x51, 0x0e, 0xd4, 0x12, 0x33, 0x98, 0x38, 0x5d, 0x43, 0x14, 0xf1, 0x06, 0x2c, 0x39, - 0xa2, 0x3b, 0x54, 0xa8, 0x26, 0xc2, 0x97, 0xc6, 0x56, 0x11, 0xd7, 0x09, 0x46, 0xd8, 0x3b, 0xbd, - 0x57, 0x46, 0x87, 0xe0, 0x02, 0x9c, 0x7b, 0x3b, 0xe3, 0x8f, 0x65, 0xdb, 0xe7, 0x43, 0x91, 0x53, - 0x54, 0x48, 0x13, 0x5d, 0x93, 0x65, 0x28, 0xe8, 0x6b, 0xcb, 0xec, 0xe8, 0x67, 0x75, 0x19, 0x0a, - 0xd6, 0xdc, 0x7f, 0xcc, 0xcc, 0x87, 0xd1, 0x02, 0x9c, 0x76, 0xc3, 0x20, 0x8d, 0x43, 0xdf, 0xe7, - 0xb5, 0x55, 0xb8, 0xe1, 0xc3, 0x1d, 0xac, 0xef, 0x14, 0xdd, 0x3e, 0x3d, 0xd3, 0x8b, 0x82, 0x8b, - 0x9e, 0xb3, 0x83, 0x6c, 0x9c, 0x99, 0x18, 0x9c, 0x17, 0x61, 0x94, 0x6c, 0xa5, 0x24, 0x0e, 0x1c, - 0xff, 0x26, 0x9e, 0x97, 0xae, 0x45, 0xb6, 0x06, 0x2e, 0x19, 0xed, 0x38, 0x83, 0x85, 0x6c, 0x65, - 0xed, 0x57, 0x74, 0xe2, 0x1d, 0xb7, 0xf6, 0xa5, 0x6d, 0x6f, 0xff, 0xcf, 0x4a, 0x46, 0x21, 0x5b, - 0x89, 0x09, 0x41, 0x21, 0xd4, 0x83, 0xb0, 0xa5, 0x64, 0xff, 0xb5, 0x72, 0x64, 0xff, 0x8d, 0xb0, - 0x65, 0xd4, 0xaa, 0xa0, 0xff, 0x12, 0xcc, 0xf9, 0xb0, 0x64, 0x7e, 0x59, 0xf5, 0x80, 0x01, 0x84, - 0xa1, 0x51, 0x26, 0x67, 0x95, 0xcc, 0xbf, 0x68, 0x32, 0xc2, 0x59, 0xbe, 0x68, 0x03, 0xea, 0xeb, - 0x61, 0x92, 0x4a, 0xf3, 0xe3, 0x90, 0x96, 0xce, 0xd5, 0x30, 0x49, 0x99, 0x16, 0xa1, 0x5e, 0x9b, - 0xb6, 0x24, 0x98, 0xf3, 0xb0, 0xff, 0x93, 0x95, 0x71, 0x24, 0xdf, 0x66, 0x31, 0x97, 0x9b, 0x24, - 0xa0, 0xcb, 0xda, 0x8c, 0xb7, 0xf9, 0xff, 0x73, 0x89, 0x5f, 0x3f, 0xd4, 0xaf, 0x72, 0xd0, 0x5d, - 0x4a, 0x61, 0x82, 0x91, 0x30, 0x42, 0x73, 0x3e, 0x61, 0x65, 0x53, 0xf0, 0x2a, 0x65, 0x18, 0x18, - 0x66, 0x8a, 0xe9, 0x9e, 0xd9, 0x7c, 0xf6, 0x97, 0x2c, 0x18, 0x9e, 0x76, 0xdc, 0x8d, 0x70, 0x6d, - 0x0d, 0x3d, 0x07, 0x8d, 0x56, 0x37, 0x36, 0xb3, 0x01, 0x95, 0xf5, 0x3c, 0x2b, 0xda, 0xb1, 0xc2, - 0xa0, 0x73, 0x78, 0xcd, 0x71, 0x65, 0xa2, 0x69, 0x95, 0xcf, 0xe1, 0xcb, 0xac, 0x05, 0x0b, 0x08, - 0x7a, 0x09, 0x46, 0x3a, 0xce, 0x96, 0x7c, 0x38, 0xef, 0xc5, 0x5e, 0xd0, 0x20, 0x6c, 0xe2, 0xd9, - 0xff, 0xcc, 0x82, 0xb1, 0x69, 0x27, 0xf1, 0xdc, 0xa9, 0x6e, 0xba, 0x3e, 0xed, 0xa5, 0xab, 0x5d, - 0x77, 0x83, 0xa4, 0x3c, 0xbb, 0x98, 0xf6, 0xb2, 0x9b, 0xd0, 0xa5, 0xa4, 0xec, 0x3a, 0xd5, 0xcb, - 0x9b, 0xa2, 0x1d, 0x2b, 0x0c, 0xf4, 0x16, 0x8c, 0x44, 0x4e, 0x92, 0xdc, 0x0d, 0xe3, 0x16, 0x26, - 0x6b, 0xe5, 0xe4, 0xf6, 0x2f, 0x13, 0x37, 0x26, 0x29, 0x26, 0x6b, 0xe2, 0xa4, 0x55, 0xd3, 0xc7, - 0x26, 0x33, 0xfb, 0xf3, 0x16, 0x9c, 0x9b, 0x26, 0x4e, 0x4c, 0x62, 0x56, 0x0a, 0x40, 0xbd, 0xc8, - 0x8c, 0x1f, 0x76, 0x5b, 0xe8, 0x4d, 0x68, 0xa4, 0xb4, 0x99, 0x76, 0xcb, 0x2a, 0xb7, 0x5b, 0xec, - 0xa0, 0x74, 0x45, 0x10, 0xc7, 0x8a, 0x8d, 0xfd, 0x57, 0x2c, 0x18, 0x65, 0x67, 0x4e, 0xb3, 0x24, - 0x75, 0x3c, 0xbf, 0xa7, 0x62, 0x8e, 0x35, 0x60, 0xc5, 0x9c, 0x0b, 0x50, 0x5b, 0x0f, 0x3b, 0x24, - 0x7f, 0x5e, 0x7a, 0x35, 0xa4, 0x66, 0x35, 0x85, 0xa0, 0x17, 0xe8, 0x87, 0xf7, 0x82, 0xd4, 0xa1, - 0x4b, 0x40, 0xfa, 0x34, 0x4f, 0xf0, 0x8f, 0xae, 0x9a, 0xb1, 0x89, 0x63, 0xff, 0x76, 0x13, 0x86, - 0xc5, 0xa1, 0xfa, 0xc0, 0x19, 0xe6, 0xd2, 0xbe, 0xaf, 0xf4, 0xb5, 0xef, 0x13, 0x18, 0x72, 0x59, - 0x3d, 0x2e, 0xa1, 0x46, 0x5e, 0x2f, 0x25, 0x0a, 0x83, 0x97, 0xf8, 0xd2, 0xdd, 0xe2, 0xff, 0xb1, - 0x60, 0x85, 0xbe, 0x68, 0xc1, 0x09, 0x37, 0x0c, 0x02, 0xe2, 0x6a, 0x1d, 0xa7, 0x56, 0xc6, 0x61, - 0xfb, 0x4c, 0x96, 0xa8, 0x3e, 0xf0, 0xc8, 0x01, 0x70, 0x9e, 0x3d, 0x7a, 0x05, 0x8e, 0xf1, 0x31, - 0xbb, 0x95, 0x71, 0xc4, 0xea, 0x42, 0x2a, 0x26, 0x10, 0x67, 0x71, 0xd1, 0x04, 0x77, 0x68, 0x8b, - 0x92, 0x25, 0x43, 0xfa, 0xf4, 0xcc, 0x28, 0x56, 0x62, 0x60, 0xa0, 0x18, 0x50, 0x4c, 0xd6, 0x62, - 0x92, 0xac, 0x8b, 0xa0, 0x03, 0xa6, 0x5f, 0x0d, 0x1f, 0x2c, 0x63, 0x15, 0xf7, 0x50, 0xc2, 0x05, - 0xd4, 0xd1, 0x86, 0x30, 0x30, 0x1b, 0x65, 0xc8, 0x50, 0xf1, 0x99, 0xfb, 0xda, 0x99, 0xe3, 0x50, - 0x4f, 0xd6, 0x9d, 0xb8, 0xc5, 0xf4, 0xba, 0x2a, 0xcf, 0x92, 0x58, 0xa6, 0x0d, 0x98, 0xb7, 0xa3, - 0x59, 0x38, 0x99, 0x2b, 0x03, 0x93, 0x08, 0x87, 0xa9, 0x0a, 0xed, 0xcf, 0x15, 0x90, 0x49, 0x70, - 0xcf, 0x13, 0xa6, 0xf3, 0x61, 0x64, 0x0f, 0xe7, 0xc3, 0xb6, 0x0a, 0x6d, 0x1b, 0x65, 0xfb, 0xe3, - 0xab, 0xa5, 0x0c, 0xc0, 0x40, 0x71, 0x6c, 0x9f, 0xcb, 0xc5, 0xb1, 0x1d, 0x63, 0x1d, 0xb8, 0x55, - 0x4e, 0x07, 0xf6, 0x1f, 0xb4, 0xf6, 0x30, 0x83, 0xd0, 0xfe, 0xcc, 0x02, 0xf9, 0x5d, 0x67, 0x1c, - 0x77, 0x9d, 0xd0, 0x29, 0x83, 0xde, 0x07, 0xc7, 0x95, 0x09, 0x3d, 0x13, 0x76, 0x03, 0x1e, 0x7f, - 0x56, 0xd5, 0x27, 0xa3, 0x38, 0x03, 0xc5, 0x39, 0x6c, 0x34, 0x09, 0x4d, 0x3a, 0x4e, 0xfc, 0x51, - 0xbe, 0xd7, 0x2a, 0x33, 0x7d, 0x6a, 0x69, 0x4e, 0x3c, 0xa5, 0x71, 0x50, 0x08, 0xa7, 0x7c, 0x27, - 0x49, 0x59, 0x0f, 0xa8, 0x45, 0x7d, 0xc0, 0x7c, 0x71, 0x16, 0x3f, 0x3e, 0x9f, 0x27, 0x84, 0x7b, - 0x69, 0xdb, 0xdf, 0xae, 0xc1, 0xb1, 0x8c, 0x64, 0xdc, 0xe7, 0x26, 0xfd, 0x1c, 0x34, 0xe4, 0xbe, - 0x99, 0xaf, 0x5a, 0xa1, 0x36, 0x57, 0x85, 0x41, 0x37, 0xad, 0x55, 0xbd, 0xab, 0xe6, 0x95, 0x0a, - 0x63, 0xc3, 0xc5, 0x26, 0x1e, 0x13, 0xca, 0xa9, 0x9f, 0xcc, 0xf8, 0x1e, 0x09, 0x52, 0xde, 0xcd, - 0x72, 0x84, 0xf2, 0xca, 0xfc, 0xb2, 0x49, 0x54, 0x0b, 0xe5, 0x1c, 0x00, 0xe7, 0xd9, 0xa3, 0x9f, - 0xb1, 0xe0, 0x98, 0x73, 0x37, 0xd1, 0x45, 0x23, 0x45, 0xc4, 0xda, 0x21, 0x37, 0xa9, 0x4c, 0x1d, - 0x4a, 0xee, 0xf2, 0xcd, 0x34, 0xe1, 0x2c, 0x53, 0xf4, 0x15, 0x0b, 0x10, 0xd9, 0x22, 0xae, 0x8c, - 0xa9, 0x13, 0x7d, 0x19, 0x2a, 0xc3, 0xd2, 0xbc, 0xd4, 0x43, 0x97, 0x4b, 0xf5, 0xde, 0x76, 0x5c, - 0xd0, 0x07, 0xfb, 0x1f, 0x57, 0xd5, 0x82, 0xd2, 0x61, 0x9c, 0x8e, 0x11, 0x4e, 0x66, 0x1d, 0x3c, - 0x9c, 0x4c, 0x1f, 0xcb, 0xf7, 0xa6, 0xa1, 0x65, 0xd2, 0x6f, 0x2a, 0x0f, 0x29, 0xfd, 0xe6, 0xa7, - 0xad, 0x4c, 0x7d, 0x96, 0x91, 0x8b, 0xaf, 0x95, 0x1b, 0x42, 0x3a, 0xc1, 0x43, 0x06, 0x72, 0xd2, - 0x3d, 0x1b, 0x29, 0x42, 0xa5, 0xa9, 0x81, 0xb6, 0x2f, 0x69, 0xf8, 0x6f, 0xab, 0x30, 0x62, 0xec, - 0xa4, 0x85, 0x6a, 0x91, 0xf5, 0x88, 0xa9, 0x45, 0x95, 0x7d, 0xa8, 0x45, 0x3f, 0x05, 0x4d, 0x57, - 0x4a, 0xf9, 0x72, 0x2a, 0x94, 0xe6, 0xf7, 0x0e, 0x2d, 0xe8, 0x55, 0x13, 0xd6, 0x3c, 0xd1, 0x95, - 0x4c, 0xfe, 0x8a, 0xd8, 0x21, 0x6a, 0x6c, 0x87, 0x28, 0x4a, 0x30, 0x11, 0x3b, 0x45, 0xef, 0x33, - 0xac, 0x8c, 0x4f, 0xe4, 0x89, 0xf7, 0x92, 0x81, 0xde, 0xbc, 0x8c, 0xcf, 0xd2, 0x9c, 0x6c, 0xc6, - 0x26, 0x8e, 0xfd, 0x6d, 0x4b, 0x7d, 0xdc, 0x07, 0x90, 0xd4, 0x7e, 0x27, 0x9b, 0xd4, 0x7e, 0xa9, - 0x94, 0x61, 0xee, 0x93, 0xcd, 0x7e, 0x03, 0x86, 0x67, 0xc2, 0x4e, 0xc7, 0x09, 0x5a, 0xe8, 0x07, - 0x61, 0xd8, 0xe5, 0x3f, 0x85, 0x63, 0x87, 0x1d, 0x0f, 0x0a, 0x28, 0x96, 0x30, 0xf4, 0x04, 0xd4, - 0x9c, 0xb8, 0x2d, 0x9d, 0x39, 0x2c, 0xc2, 0x64, 0x2a, 0x6e, 0x27, 0x98, 0xb5, 0xda, 0x7f, 0xbf, - 0x06, 0x30, 0x13, 0x76, 0x22, 0x27, 0x26, 0xad, 0x95, 0x90, 0x55, 0x48, 0x3b, 0xd2, 0x43, 0x35, - 0x6d, 0x2c, 0x3d, 0xca, 0x07, 0x6b, 0xc6, 0xe1, 0x4a, 0xf5, 0x01, 0x1f, 0xae, 0xf4, 0x39, 0x2f, - 0xab, 0x3d, 0x42, 0xe7, 0x65, 0xf6, 0x67, 0x2d, 0x40, 0x74, 0xd2, 0x84, 0x01, 0x09, 0x52, 0x7d, - 0xa0, 0x3d, 0x09, 0x4d, 0x57, 0xb6, 0x0a, 0xc5, 0x4a, 0x8b, 0x08, 0x09, 0xc0, 0x1a, 0x67, 0x00, - 0x0b, 0xf9, 0x69, 0x29, 0xbf, 0xab, 0xd9, 0xe0, 0x54, 0x26, 0xf5, 0x85, 0x38, 0xb7, 0x7f, 0xa7, - 0x02, 0x8f, 0xf1, 0x2d, 0x79, 0xc1, 0x09, 0x9c, 0x36, 0xe9, 0xd0, 0x5e, 0x0d, 0x1a, 0xa2, 0xe0, - 0x52, 0xd3, 0xcc, 0x93, 0xc1, 0xa6, 0x87, 0x5d, 0xbb, 0x7c, 0xcd, 0xf1, 0x55, 0x36, 0x17, 0x78, - 0x29, 0x66, 0xc4, 0x51, 0x02, 0x0d, 0x59, 0x92, 0x5b, 0xc8, 0xe2, 0x92, 0x18, 0x29, 0xb1, 0x24, - 0xf6, 0x4d, 0x82, 0x15, 0x23, 0xaa, 0xb8, 0xfa, 0xa1, 0xbb, 0x81, 0x49, 0x14, 0x32, 0xb9, 0x6b, - 0xc4, 0xfa, 0xcd, 0x8b, 0x76, 0xac, 0x30, 0xec, 0xdf, 0xb1, 0x20, 0xbf, 0x23, 0x19, 0xe5, 0xaa, - 0xac, 0xfb, 0x96, 0xab, 0xda, 0x47, 0xbd, 0xa8, 0x9f, 0x80, 0x11, 0x27, 0xa5, 0x4a, 0x04, 0x37, - 0xbb, 0xab, 0x07, 0x3b, 0xd6, 0x58, 0x08, 0x5b, 0xde, 0x9a, 0xc7, 0xcc, 0x6d, 0x93, 0x9c, 0xfd, - 0xdf, 0x6a, 0x70, 0xaa, 0x27, 0x25, 0x02, 0xbd, 0x0c, 0xa3, 0xae, 0x98, 0x1e, 0x91, 0x74, 0x68, - 0x35, 0xcd, 0xd8, 0x30, 0x0d, 0xc3, 0x19, 0xcc, 0x01, 0x26, 0xe8, 0x1c, 0x9c, 0x8e, 0xa9, 0xa1, - 0xdf, 0x25, 0x53, 0x6b, 0x29, 0x89, 0x97, 0x89, 0x1b, 0x06, 0x2d, 0x5e, 0x54, 0xad, 0x3a, 0xfd, - 0xf8, 0xee, 0xce, 0xf8, 0x69, 0xdc, 0x0b, 0xc6, 0x45, 0xcf, 0xa0, 0x08, 0x8e, 0xf9, 0xa6, 0x0e, - 0x28, 0x0c, 0x80, 0x03, 0xa9, 0x8f, 0x4a, 0x47, 0xc8, 0x34, 0xe3, 0x2c, 0x83, 0xac, 0x22, 0x59, - 0x7f, 0x48, 0x8a, 0xe4, 0xa7, 0xb4, 0x22, 0xc9, 0xcf, 0xdf, 0x3f, 0x54, 0x72, 0x4a, 0xcc, 0x51, - 0x6b, 0x92, 0xaf, 0x42, 0x43, 0xc6, 0x26, 0x0d, 0x14, 0xd3, 0x63, 0xd2, 0xe9, 0x23, 0xd1, 0xee, - 0x55, 0xa0, 0xc0, 0x08, 0xa1, 0xeb, 0x4c, 0xef, 0xf8, 0x99, 0x75, 0xb6, 0xbf, 0x5d, 0x1f, 0x6d, - 0xf1, 0xb8, 0x2c, 0xbe, 0xb7, 0x7d, 0xb0, 0x6c, 0x23, 0x4a, 0x87, 0x6a, 0xa9, 0x4c, 0x01, 0x15, - 0xae, 0x75, 0x11, 0x40, 0x2b, 0x6a, 0x22, 0x0e, 0x5c, 0x1d, 0xfb, 0x6a, 0x7d, 0x0e, 0x1b, 0x58, - 0xd4, 0xa6, 0xf6, 0x82, 0x24, 0x75, 0x7c, 0xff, 0xaa, 0x17, 0xa4, 0xc2, 0x39, 0xa8, 0x36, 0xf1, - 0x39, 0x0d, 0xc2, 0x26, 0xde, 0xf9, 0xf7, 0x1a, 0xdf, 0x65, 0x3f, 0xdf, 0x73, 0x1d, 0xce, 0x5d, - 0xf1, 0x52, 0x95, 0xbd, 0xa0, 0xe6, 0x11, 0xd5, 0xc3, 0x54, 0x36, 0x8e, 0xd5, 0x37, 0x1b, 0xc7, - 0xc8, 0x1e, 0xa8, 0x64, 0x93, 0x1d, 0xf2, 0xd9, 0x03, 0xf6, 0xcb, 0x70, 0xe6, 0x8a, 0x97, 0x5e, - 0xf6, 0x7c, 0xb2, 0x4f, 0x26, 0xf6, 0x6f, 0x0d, 0xc1, 0xa8, 0x99, 0xff, 0xb6, 0x9f, 0x84, 0xa2, - 0xcf, 0x53, 0x55, 0x4b, 0xbc, 0x9d, 0xa7, 0x0e, 0xcd, 0x6e, 0x1f, 0x3a, 0x19, 0xaf, 0x78, 0xc4, - 0x0c, 0x6d, 0x4b, 0xf3, 0xc4, 0x66, 0x07, 0xd0, 0x5d, 0xa8, 0xaf, 0xb1, 0xe8, 0xf6, 0x6a, 0x19, - 0x91, 0x05, 0x45, 0x23, 0xaa, 0x97, 0x19, 0x8f, 0x8f, 0xe7, 0xfc, 0xe8, 0x0e, 0x19, 0x67, 0x53, - 0xa6, 0x8c, 0x88, 0x4c, 0x91, 0x2c, 0xa5, 0x30, 0xfa, 0x89, 0xfa, 0xfa, 0x01, 0x44, 0x7d, 0x46, - 0xf0, 0x0e, 0x3d, 0x24, 0xc1, 0xcb, 0x32, 0x15, 0xd2, 0x75, 0xa6, 0xbf, 0x89, 0x10, 0xf2, 0x61, - 0x36, 0x08, 0x46, 0xa6, 0x42, 0x06, 0x8c, 0xf3, 0xf8, 0xe8, 0xe3, 0x4a, 0x74, 0x37, 0xca, 0xf0, - 0xab, 0x9a, 0x33, 0xfa, 0xa8, 0xa5, 0xf6, 0x67, 0x2b, 0x70, 0xfc, 0x4a, 0xd0, 0x5d, 0xba, 0xb2, - 0xd4, 0x5d, 0xf5, 0x3d, 0xf7, 0x3a, 0xd9, 0xa6, 0xa2, 0x79, 0x83, 0x6c, 0xcf, 0xcd, 0x8a, 0x15, - 0xa4, 0xe6, 0xcc, 0x75, 0xda, 0x88, 0x39, 0x8c, 0x0a, 0xa3, 0x35, 0x2f, 0x68, 0x93, 0x38, 0x8a, - 0x3d, 0xe1, 0xf2, 0x34, 0x84, 0xd1, 0x65, 0x0d, 0xc2, 0x26, 0x1e, 0xa5, 0x1d, 0xde, 0x0d, 0x48, - 0x9c, 0x57, 0x64, 0x17, 0x69, 0x23, 0xe6, 0x30, 0x8a, 0x94, 0xc6, 0xdd, 0x24, 0x15, 0x93, 0x51, - 0x21, 0xad, 0xd0, 0x46, 0xcc, 0x61, 0x74, 0xa5, 0x27, 0xdd, 0x55, 0x16, 0xb8, 0x91, 0x8b, 0x57, - 0x5f, 0xe6, 0xcd, 0x58, 0xc2, 0x29, 0xea, 0x06, 0xd9, 0x9e, 0xa5, 0x56, 0x6f, 0x2e, 0x6d, 0xe5, - 0x3a, 0x6f, 0xc6, 0x12, 0xce, 0xaa, 0xc1, 0x65, 0x87, 0xe3, 0x7b, 0xae, 0x1a, 0x5c, 0xb6, 0xfb, - 0x7d, 0xec, 0xe7, 0x5f, 0xb1, 0x60, 0xd4, 0x0c, 0xb7, 0x42, 0xed, 0x9c, 0x8e, 0xbb, 0xd8, 0x53, - 0x4c, 0xf4, 0xc7, 0x8a, 0x6e, 0x4e, 0x6a, 0x7b, 0x69, 0x18, 0x25, 0xcf, 0x93, 0xa0, 0xed, 0x05, - 0x84, 0x9d, 0xa2, 0xf3, 0x30, 0xad, 0x4c, 0x2c, 0xd7, 0x4c, 0xd8, 0x22, 0x07, 0x50, 0x92, 0xed, - 0xdb, 0x70, 0xaa, 0x27, 0x57, 0x69, 0x00, 0xd5, 0x62, 0xcf, 0x4c, 0x51, 0x1b, 0xc3, 0x08, 0x25, - 0x2c, 0x4b, 0xab, 0xcc, 0xc0, 0x29, 0xbe, 0x90, 0x28, 0xa7, 0x65, 0x77, 0x9d, 0x74, 0x54, 0xfe, - 0x19, 0xf3, 0xaf, 0xdf, 0xca, 0x03, 0x71, 0x2f, 0xbe, 0xfd, 0x39, 0x0b, 0x8e, 0x65, 0xd2, 0xc7, - 0x4a, 0x52, 0x82, 0xd8, 0x4a, 0x0b, 0x59, 0xf4, 0x1f, 0x0b, 0x81, 0xae, 0xb2, 0xcd, 0x54, 0xaf, - 0x34, 0x0d, 0xc2, 0x26, 0x9e, 0xfd, 0xa5, 0x0a, 0x34, 0x64, 0x04, 0xc5, 0x00, 0x5d, 0xf9, 0x8c, - 0x05, 0xc7, 0xd4, 0x99, 0x06, 0x73, 0x96, 0x55, 0xca, 0x88, 0xf5, 0xa7, 0x3d, 0x50, 0xe6, 0x76, - 0xb0, 0x16, 0x6a, 0x8d, 0x1c, 0x9b, 0xcc, 0x70, 0x96, 0x37, 0xba, 0x05, 0x90, 0x6c, 0x27, 0x29, - 0xe9, 0x18, 0x6e, 0x3b, 0xdb, 0x58, 0x71, 0x13, 0x6e, 0x18, 0x13, 0xba, 0xbe, 0x6e, 0x84, 0x2d, - 0xb2, 0xac, 0x30, 0xb5, 0x0a, 0xa5, 0xdb, 0xb0, 0x41, 0xc9, 0xfe, 0xbb, 0x15, 0x38, 0x99, 0xef, - 0x12, 0xfa, 0x10, 0x8c, 0x4a, 0xee, 0xc6, 0x2d, 0x50, 0x32, 0x6c, 0x64, 0x14, 0x1b, 0xb0, 0x7b, - 0x3b, 0xe3, 0xe3, 0xbd, 0xb7, 0x70, 0x4d, 0x98, 0x28, 0x38, 0x43, 0x8c, 0x1f, 0x2c, 0x89, 0x13, - 0xd0, 0xe9, 0xed, 0xa9, 0x28, 0x12, 0xa7, 0x43, 0xc6, 0xc1, 0x92, 0x09, 0xc5, 0x39, 0x6c, 0xb4, - 0x04, 0x67, 0x8c, 0x96, 0x1b, 0xc4, 0x6b, 0xaf, 0xaf, 0x86, 0xb1, 0xb4, 0xac, 0x9e, 0xd0, 0x81, - 0x5d, 0xbd, 0x38, 0xb8, 0xf0, 0x49, 0xba, 0xdb, 0xbb, 0x4e, 0xe4, 0xb8, 0x5e, 0xba, 0x2d, 0xfc, - 0x90, 0x4a, 0x36, 0xcd, 0x88, 0x76, 0xac, 0x30, 0xec, 0x05, 0xa8, 0x0d, 0x38, 0x83, 0x06, 0xd2, - 0xe8, 0x5f, 0x85, 0x06, 0x25, 0x27, 0xd5, 0xbb, 0x32, 0x48, 0x86, 0xd0, 0x90, 0x17, 0x39, 0x20, - 0x1b, 0xaa, 0x9e, 0x23, 0xcf, 0xee, 0xd4, 0x6b, 0xcd, 0x25, 0x49, 0x97, 0x19, 0xc9, 0x14, 0x88, - 0x9e, 0x86, 0x2a, 0xd9, 0x8a, 0xf2, 0x87, 0x74, 0x97, 0xb6, 0x22, 0x2f, 0x26, 0x09, 0x45, 0x22, - 0x5b, 0x11, 0x3a, 0x0f, 0x15, 0xaf, 0x25, 0x36, 0x29, 0x10, 0x38, 0x95, 0xb9, 0x59, 0x5c, 0xf1, - 0x5a, 0xf6, 0x16, 0x34, 0xd5, 0xcd, 0x11, 0x68, 0x43, 0xca, 0x6e, 0xab, 0x8c, 0x90, 0x27, 0x49, - 0xb7, 0x8f, 0xd4, 0xee, 0x02, 0xe8, 0x3c, 0xba, 0xb2, 0xe4, 0xcb, 0x05, 0xa8, 0xb9, 0xa1, 0xc8, - 0xf1, 0x6d, 0x68, 0x32, 0x4c, 0x68, 0x33, 0x88, 0x7d, 0x1b, 0x8e, 0x5f, 0x0f, 0xc2, 0xbb, 0xac, - 0x34, 0x36, 0x2b, 0x69, 0x45, 0x09, 0xaf, 0xd1, 0x1f, 0x79, 0x15, 0x81, 0x41, 0x31, 0x87, 0xa9, - 0xb2, 0x47, 0x95, 0x7e, 0x65, 0x8f, 0xec, 0x4f, 0x58, 0x70, 0x52, 0x65, 0x03, 0x49, 0x69, 0xfc, - 0x32, 0x8c, 0xae, 0x76, 0x3d, 0xbf, 0x25, 0x0b, 0x65, 0xe5, 0xdc, 0x14, 0xd3, 0x06, 0x0c, 0x67, - 0x30, 0xa9, 0x51, 0xb5, 0xea, 0x05, 0x4e, 0xbc, 0xbd, 0xa4, 0xc5, 0xbf, 0x92, 0x08, 0xd3, 0x0a, - 0x82, 0x0d, 0x2c, 0xfb, 0x33, 0x66, 0x17, 0x44, 0xfe, 0xd1, 0x00, 0x23, 0x7b, 0x13, 0xea, 0xae, - 0x3a, 0xeb, 0x3d, 0x50, 0x31, 0x3f, 0x95, 0x5f, 0xce, 0xfc, 0xfd, 0x9c, 0x9a, 0xfd, 0x4f, 0x2a, - 0x70, 0x2c, 0x53, 0xb3, 0x04, 0xf9, 0xd0, 0x20, 0x3e, 0x73, 0xe5, 0xc9, 0x29, 0x76, 0xd8, 0x72, - 0x91, 0x6a, 0x59, 0x5c, 0x12, 0x74, 0xb1, 0xe2, 0xf0, 0x68, 0x1c, 0xa9, 0xbd, 0x0c, 0xa3, 0xb2, - 0x43, 0x1f, 0x74, 0x3a, 0xbe, 0x58, 0x85, 0x6a, 0x02, 0x5c, 0x32, 0x60, 0x38, 0x83, 0x69, 0xff, - 0x6e, 0x15, 0xc6, 0xb8, 0xef, 0xb3, 0xa5, 0xa2, 0x5e, 0x16, 0xa4, 0x96, 0xf5, 0x17, 0x74, 0x65, - 0x21, 0x3e, 0x90, 0xab, 0x87, 0xad, 0xce, 0x5c, 0xcc, 0x68, 0xa0, 0x78, 0x8c, 0x5f, 0xca, 0xc5, - 0x63, 0xf0, 0xcd, 0xb6, 0x7d, 0x44, 0x3d, 0xfa, 0xde, 0x0a, 0xd0, 0xf8, 0x5b, 0x15, 0x38, 0x91, - 0x2b, 0x7d, 0x8d, 0xbe, 0x90, 0x2d, 0xfb, 0x68, 0x95, 0xe1, 0x21, 0xbb, 0x6f, 0x35, 0xe4, 0xfd, - 0x15, 0x7f, 0x7c, 0x48, 0x4b, 0xc5, 0xfe, 0xfd, 0x0a, 0x1c, 0xcf, 0xd6, 0xec, 0x7e, 0x04, 0x47, - 0xea, 0xdd, 0xd0, 0x64, 0x65, 0x69, 0xd9, 0x3d, 0x63, 0xdc, 0x11, 0xc7, 0x4b, 0x99, 0xca, 0x46, - 0xac, 0xe1, 0x8f, 0x44, 0x4d, 0x4d, 0xfb, 0x6f, 0x5b, 0x70, 0x96, 0xbf, 0x65, 0x7e, 0x1e, 0xfe, - 0xc5, 0xa2, 0xd1, 0x7d, 0xbd, 0xdc, 0x0e, 0xe6, 0x2a, 0x62, 0xed, 0x35, 0xbe, 0xec, 0x7e, 0x23, - 0xd1, 0xdb, 0xec, 0x54, 0x78, 0x04, 0x3b, 0xbb, 0xaf, 0xc9, 0x60, 0xff, 0x7e, 0x15, 0xf4, 0x95, - 0x4e, 0xc8, 0x13, 0x99, 0x4d, 0xa5, 0x54, 0x06, 0x5b, 0xde, 0x0e, 0x5c, 0x7d, 0x79, 0x54, 0x23, - 0x97, 0xd8, 0xf4, 0xf3, 0x16, 0x8c, 0x78, 0x81, 0x97, 0x7a, 0x0e, 0x53, 0x9e, 0xcb, 0xb9, 0x92, - 0x46, 0xb1, 0x9b, 0xe3, 0x94, 0xc3, 0xd8, 0xf4, 0xde, 0x2a, 0x66, 0xd8, 0xe4, 0x8c, 0x3e, 0x22, - 0x42, 0x26, 0xab, 0xa5, 0xe5, 0xe4, 0x35, 0x72, 0x71, 0x92, 0x11, 0xd4, 0x63, 0x92, 0xc6, 0x25, - 0xa5, 0xb2, 0x62, 0x4a, 0x4a, 0x15, 0x99, 0xd4, 0x97, 0x6b, 0xd2, 0x66, 0xcc, 0x19, 0xd9, 0x09, - 0xa0, 0xde, 0xb1, 0xd8, 0x67, 0x38, 0xda, 0x24, 0x34, 0x9d, 0x6e, 0x1a, 0x76, 0xe8, 0x30, 0x09, - 0x07, 0xb3, 0x0e, 0xb8, 0x93, 0x00, 0xac, 0x71, 0xec, 0x2f, 0xd4, 0x21, 0x97, 0x6a, 0x84, 0xb6, - 0xcc, 0xeb, 0xc8, 0xac, 0x72, 0xaf, 0x23, 0x53, 0x9d, 0x29, 0xba, 0x92, 0x0c, 0xb5, 0xa1, 0x1e, - 0xad, 0x3b, 0x89, 0xd4, 0x8d, 0x5f, 0x95, 0xc3, 0xb4, 0x44, 0x1b, 0xef, 0xed, 0x8c, 0xff, 0xf8, - 0x60, 0xbe, 0x16, 0x3a, 0x57, 0x27, 0x79, 0xe6, 0xbe, 0x66, 0xcd, 0x68, 0x60, 0x4e, 0x7f, 0x3f, - 0x97, 0xf2, 0x7c, 0x52, 0x14, 0x12, 0xc6, 0x24, 0xe9, 0xfa, 0xa9, 0x98, 0x0d, 0xaf, 0x96, 0xb8, - 0xca, 0x38, 0x61, 0x9d, 0x24, 0xcb, 0xff, 0x63, 0x83, 0x29, 0xfa, 0x10, 0x34, 0x93, 0xd4, 0x89, - 0xd3, 0x03, 0xa6, 0xb5, 0xa9, 0x41, 0x5f, 0x96, 0x44, 0xb0, 0xa6, 0x87, 0x5e, 0x63, 0x85, 0x12, - 0xbd, 0x64, 0xfd, 0x80, 0x91, 0xce, 0xb2, 0xa8, 0xa2, 0xa0, 0x80, 0x0d, 0x6a, 0xd4, 0xf4, 0x60, - 0x73, 0x9b, 0x87, 0xf7, 0x34, 0x98, 0x6d, 0xa9, 0x44, 0x21, 0x56, 0x10, 0x6c, 0x60, 0xd9, 0x3f, - 0x0c, 0xd9, 0x2c, 0x6f, 0x34, 0x2e, 0x93, 0xca, 0xb9, 0xef, 0x89, 0x45, 0x2c, 0x67, 0xf2, 0xbf, - 0x7f, 0xc3, 0x02, 0x33, 0x15, 0x1d, 0xbd, 0xc9, 0x73, 0xde, 0xad, 0x32, 0xce, 0x0b, 0x0c, 0xba, - 0x13, 0x0b, 0x4e, 0x94, 0x3b, 0xb8, 0x92, 0x89, 0xef, 0xe7, 0xdf, 0x0b, 0x0d, 0x09, 0xdd, 0x97, - 0x52, 0xf7, 0x71, 0x38, 0x9d, 0xbf, 0xac, 0x55, 0xf8, 0x9a, 0xdb, 0x71, 0xd8, 0x8d, 0xf2, 0x86, - 0x24, 0xbb, 0xcc, 0x13, 0x73, 0x18, 0x35, 0xc7, 0x36, 0xbc, 0xa0, 0x95, 0x37, 0x24, 0xaf, 0x7b, - 0x41, 0x0b, 0x33, 0xc8, 0x00, 0x97, 0xd2, 0xfd, 0xa6, 0x05, 0x17, 0xf6, 0xba, 0x53, 0x16, 0x3d, - 0x01, 0xb5, 0xbb, 0x4e, 0x2c, 0x2b, 0xd8, 0x32, 0x41, 0x79, 0xdb, 0x89, 0x03, 0xcc, 0x5a, 0xd1, - 0x36, 0x0c, 0xf1, 0x18, 0x10, 0xa1, 0xad, 0xbf, 0x5a, 0xee, 0x0d, 0xb7, 0xd7, 0x89, 0x61, 0x2e, - 0xf0, 0xf8, 0x13, 0x2c, 0x18, 0xda, 0xdf, 0xb1, 0x00, 0x2d, 0x6e, 0x92, 0x38, 0xf6, 0x5a, 0x46, - 0xd4, 0x0a, 0x7a, 0x11, 0x46, 0xef, 0x2c, 0x2f, 0xde, 0x58, 0x0a, 0xbd, 0x80, 0x55, 0x7d, 0x30, - 0x12, 0xdb, 0xae, 0x19, 0xed, 0x38, 0x83, 0x85, 0x66, 0xe0, 0xd4, 0x9d, 0x37, 0xa9, 0xf1, 0x6b, - 0x56, 0xcb, 0xaf, 0x68, 0x77, 0xe7, 0xb5, 0x57, 0x73, 0x40, 0xdc, 0x8b, 0x8f, 0x16, 0xe1, 0x6c, - 0x87, 0x9b, 0x1b, 0xbc, 0xc8, 0x35, 0xb7, 0x3d, 0x54, 0x1a, 0xc9, 0xb9, 0xdd, 0x9d, 0xf1, 0xb3, - 0x0b, 0x45, 0x08, 0xb8, 0xf8, 0x39, 0xfb, 0xbd, 0x80, 0x78, 0xb0, 0xca, 0x4c, 0x51, 0xe4, 0x41, - 0x5f, 0x4b, 0xdc, 0xfe, 0x6a, 0x1d, 0x4e, 0xe4, 0xea, 0x1b, 0x52, 0x53, 0xaf, 0x37, 0xd4, 0xe1, - 0xd0, 0xfb, 0x77, 0x6f, 0xf7, 0x06, 0x0a, 0x9e, 0x08, 0xa0, 0xee, 0x05, 0x51, 0x37, 0x2d, 0x27, - 0x73, 0x8c, 0x77, 0x62, 0x8e, 0x12, 0x34, 0x9c, 0x44, 0xf4, 0x2f, 0xe6, 0x6c, 0xca, 0x0c, 0xc5, - 0xc8, 0x28, 0xe3, 0xb5, 0x87, 0xe4, 0x0e, 0xf8, 0xa4, 0x0e, 0x8c, 0xa8, 0x97, 0x71, 0x50, 0x9f, - 0x9b, 0x2c, 0x47, 0x7d, 0xc0, 0xf6, 0xeb, 0x15, 0x18, 0x31, 0x3e, 0x1a, 0xfa, 0xe5, 0x6c, 0xa1, - 0x16, 0xab, 0xbc, 0x57, 0x62, 0xf4, 0x27, 0x74, 0x29, 0x16, 0xfe, 0x4a, 0xcf, 0xf4, 0xd6, 0x68, - 0xb9, 0xb7, 0x33, 0x7e, 0x32, 0x57, 0x85, 0x25, 0x53, 0xb7, 0xe5, 0xfc, 0xc7, 0xe0, 0x44, 0x8e, - 0x4c, 0xc1, 0x2b, 0xaf, 0x64, 0xef, 0xe2, 0x3d, 0xa4, 0x5b, 0xca, 0x1c, 0xb2, 0x6f, 0xd0, 0x21, - 0xd3, 0x57, 0xb4, 0x0f, 0xe0, 0x8e, 0xcb, 0xe5, 0xc8, 0x55, 0x06, 0xcc, 0x91, 0x7b, 0x16, 0x1a, - 0x51, 0xe8, 0x7b, 0xae, 0xa7, 0x4a, 0x7a, 0xb1, 0xac, 0xbc, 0x25, 0xd1, 0x86, 0x15, 0x14, 0xdd, - 0x85, 0xa6, 0xba, 0xb6, 0x58, 0x04, 0x21, 0x96, 0xe5, 0xea, 0x55, 0x4a, 0x8b, 0xbe, 0x8e, 0x58, - 0xf3, 0x42, 0x36, 0x0c, 0xb1, 0x4d, 0x50, 0x06, 0xfc, 0xb2, 0x0c, 0x4e, 0xb6, 0x3b, 0x26, 0x58, - 0x40, 0xec, 0xaf, 0x37, 0xe1, 0x4c, 0x51, 0x91, 0x59, 0xf4, 0x51, 0x18, 0xe2, 0x7d, 0x2c, 0xa7, - 0x8e, 0x79, 0x11, 0x8f, 0x2b, 0x8c, 0xa0, 0xe8, 0x16, 0xfb, 0x8d, 0x05, 0x4f, 0xc1, 0xdd, 0x77, - 0x56, 0xc5, 0x0c, 0x39, 0x1a, 0xee, 0xf3, 0x8e, 0xe6, 0x3e, 0xef, 0x70, 0xee, 0xbe, 0xb3, 0x8a, - 0xb6, 0xa0, 0xde, 0xf6, 0x52, 0xe2, 0x08, 0x27, 0xc2, 0xed, 0x23, 0x61, 0x4e, 0x1c, 0xae, 0xa5, - 0xb1, 0x9f, 0x98, 0x33, 0x44, 0x5f, 0xb3, 0xe0, 0xc4, 0x6a, 0x36, 0x21, 0x56, 0x08, 0x4f, 0xe7, - 0x08, 0x0a, 0x09, 0x67, 0x19, 0xf1, 0x1b, 0x29, 0x72, 0x8d, 0x38, 0xdf, 0x1d, 0xf4, 0x29, 0x0b, - 0x86, 0xd7, 0x3c, 0xdf, 0xa8, 0x29, 0x79, 0x04, 0x1f, 0xe7, 0x32, 0x63, 0xa0, 0x2d, 0x0e, 0xfe, - 0x3f, 0xc1, 0x92, 0x73, 0xbf, 0x9d, 0x6a, 0xe8, 0xb0, 0x3b, 0xd5, 0xf0, 0x43, 0xda, 0xa9, 0x3e, - 0x6d, 0x41, 0x53, 0x8d, 0xb4, 0x48, 0x72, 0xfc, 0xd0, 0x11, 0x7e, 0x72, 0xee, 0x39, 0x51, 0x7f, - 0xb1, 0x66, 0x8e, 0xbe, 0x68, 0xc1, 0x88, 0xf3, 0x56, 0x37, 0x26, 0x2d, 0xb2, 0x19, 0x46, 0x89, - 0xb8, 0x05, 0xea, 0xf5, 0xf2, 0x3b, 0x33, 0x45, 0x99, 0xcc, 0x92, 0xcd, 0xc5, 0x28, 0x11, 0xc9, - 0x08, 0xba, 0x01, 0x9b, 0x5d, 0xb0, 0x77, 0x2a, 0x30, 0xbe, 0x07, 0x05, 0xf4, 0x32, 0x8c, 0x86, - 0x71, 0xdb, 0x09, 0xbc, 0xb7, 0xcc, 0x0c, 0x77, 0xa5, 0x65, 0x2d, 0x1a, 0x30, 0x9c, 0xc1, 0x34, - 0xd3, 0x30, 0x2b, 0x7b, 0xa4, 0x61, 0x5e, 0x80, 0x5a, 0x4c, 0xa2, 0x30, 0x6f, 0x2c, 0xb0, 0x40, - 0x60, 0x06, 0x41, 0x4f, 0x42, 0xd5, 0x89, 0x3c, 0x11, 0x7e, 0xa2, 0x6c, 0xa0, 0xa9, 0xa5, 0x39, - 0x4c, 0xdb, 0x33, 0x59, 0xe1, 0xf5, 0x07, 0x92, 0x15, 0x4e, 0xb7, 0x01, 0x71, 0x76, 0x31, 0xa4, - 0xb7, 0x81, 0xec, 0x99, 0x82, 0xfd, 0x95, 0x2a, 0x3c, 0x79, 0xdf, 0xf9, 0xa2, 0xa3, 0x6f, 0xac, - 0xfb, 0x44, 0xdf, 0xc8, 0xe1, 0xa9, 0xec, 0x35, 0x3c, 0xd5, 0x3e, 0xc3, 0xf3, 0x29, 0xba, 0x0c, - 0x64, 0x65, 0x80, 0x72, 0x2e, 0x24, 0xea, 0x57, 0x68, 0x40, 0xac, 0x00, 0x09, 0xc5, 0x9a, 0x2f, - 0xb5, 0x01, 0x32, 0x29, 0x88, 0xf5, 0x32, 0xb6, 0x81, 0xbe, 0x95, 0x02, 0xf8, 0xdc, 0xef, 0x97, - 0xd7, 0x68, 0xff, 0x42, 0x05, 0x9e, 0x1e, 0x40, 0x7a, 0x9b, 0xb3, 0xd8, 0x1a, 0x70, 0x16, 0x7f, - 0x6f, 0x7f, 0x26, 0xfb, 0x2f, 0x59, 0x70, 0xbe, 0xff, 0xe6, 0x81, 0x5e, 0x80, 0x91, 0xd5, 0xd8, - 0x09, 0xdc, 0x75, 0x76, 0xc9, 0x9a, 0x1c, 0x14, 0x36, 0xd6, 0xba, 0x19, 0x9b, 0x38, 0xd4, 0xbc, - 0xe5, 0x85, 0xdd, 0x0d, 0x0c, 0x99, 0x32, 0x46, 0xcd, 0xdb, 0x95, 0x3c, 0x10, 0xf7, 0xe2, 0xdb, - 0x7f, 0x5a, 0x29, 0xee, 0x16, 0x57, 0x32, 0xf6, 0xf3, 0x9d, 0xc4, 0x57, 0xa8, 0x0c, 0x20, 0x4b, - 0xaa, 0x0f, 0x5a, 0x96, 0xd4, 0xfa, 0xc9, 0x12, 0x34, 0x0b, 0x27, 0x8d, 0xfb, 0x08, 0x78, 0x1a, - 0x20, 0x0f, 0xb3, 0x53, 0xb9, 0xf1, 0x4b, 0x39, 0x38, 0xee, 0x79, 0x02, 0x3d, 0x07, 0x0d, 0x2f, - 0x48, 0x88, 0xdb, 0x8d, 0x79, 0x78, 0xa7, 0x91, 0x7a, 0x31, 0x27, 0xda, 0xb1, 0xc2, 0xb0, 0x7f, - 0xa5, 0x02, 0xe7, 0xfa, 0xea, 0x59, 0x0f, 0x48, 0x76, 0x99, 0x9f, 0xa3, 0xf6, 0x60, 0x3e, 0x87, - 0x39, 0x48, 0xf5, 0x3d, 0x07, 0xe9, 0x0f, 0xfa, 0x4f, 0x4c, 0xaa, 0x73, 0x7f, 0xdf, 0x8e, 0xd2, - 0x2b, 0x70, 0xcc, 0x89, 0x22, 0x8e, 0xc7, 0xa2, 0xb4, 0x72, 0xb5, 0x31, 0xa6, 0x4c, 0x20, 0xce, - 0xe2, 0x0e, 0xb4, 0x7b, 0xfe, 0x91, 0x05, 0x4d, 0x4c, 0xd6, 0xb8, 0x74, 0x40, 0x77, 0xc4, 0x10, - 0x59, 0x65, 0x54, 0xd1, 0xa3, 0x03, 0x9b, 0x78, 0xac, 0xba, 0x5c, 0xd1, 0x60, 0xf7, 0xde, 0x5b, - 0x51, 0xd9, 0xd7, 0xbd, 0x15, 0xea, 0xe6, 0x82, 0x6a, 0xff, 0x9b, 0x0b, 0xec, 0x6f, 0x0c, 0xd3, - 0xd7, 0x8b, 0xc2, 0x99, 0x98, 0xb4, 0x12, 0xfa, 0x7d, 0xbb, 0xb1, 0x2f, 0x26, 0x89, 0xfa, 0xbe, - 0x37, 0xf1, 0x3c, 0xa6, 0xed, 0x99, 0xa3, 0x98, 0xca, 0xbe, 0x2a, 0x03, 0x54, 0xf7, 0xac, 0x0c, - 0xf0, 0x0a, 0x1c, 0x4b, 0x92, 0xf5, 0xa5, 0xd8, 0xdb, 0x74, 0x52, 0x72, 0x9d, 0x6c, 0x0b, 0x2d, - 0x4b, 0x67, 0xf3, 0x2e, 0x5f, 0xd5, 0x40, 0x9c, 0xc5, 0x45, 0x57, 0xe0, 0x94, 0xce, 0xcf, 0x27, - 0x71, 0xca, 0x62, 0x7a, 0xf9, 0x4c, 0x50, 0xa9, 0x7b, 0x3a, 0xa3, 0x5f, 0x20, 0xe0, 0xde, 0x67, - 0xa8, 0x7c, 0xcb, 0x34, 0xd2, 0x8e, 0x0c, 0x65, 0xe5, 0x5b, 0x86, 0x0e, 0xed, 0x4b, 0xcf, 0x13, - 0x68, 0x01, 0x4e, 0xf3, 0x89, 0x31, 0x15, 0x45, 0xc6, 0x1b, 0x0d, 0x67, 0xab, 0x97, 0x5d, 0xe9, - 0x45, 0xc1, 0x45, 0xcf, 0xa1, 0x97, 0x60, 0x44, 0x35, 0xcf, 0xcd, 0x8a, 0x53, 0x04, 0xe5, 0xc5, - 0x50, 0x64, 0xe6, 0x5a, 0xd8, 0xc4, 0x43, 0x1f, 0x84, 0xc7, 0xf5, 0x5f, 0x9e, 0xf8, 0xc1, 0x8f, - 0xd6, 0x66, 0x45, 0xe9, 0x13, 0x55, 0x27, 0xff, 0x4a, 0x21, 0x5a, 0x0b, 0xf7, 0x7b, 0x1e, 0xad, - 0xc2, 0x79, 0x05, 0xba, 0x14, 0xa4, 0x2c, 0x8a, 0x3b, 0x21, 0xd3, 0x4e, 0x42, 0x6e, 0xc6, 0x3e, - 0x2b, 0x96, 0xd2, 0xd4, 0x57, 0x98, 0x5d, 0xf1, 0xd2, 0xab, 0x45, 0x98, 0x78, 0x1e, 0xdf, 0x87, - 0x0a, 0x9a, 0x84, 0x26, 0x09, 0x9c, 0x55, 0x9f, 0x2c, 0xce, 0xcc, 0xb1, 0x12, 0x2a, 0xc6, 0x49, - 0xde, 0x25, 0x09, 0xc0, 0x1a, 0x47, 0xc5, 0x95, 0x8d, 0xf6, 0xbd, 0x4e, 0x6f, 0x09, 0xce, 0xb4, - 0xdd, 0x88, 0xea, 0x1e, 0x9e, 0x4b, 0xa6, 0x5c, 0x16, 0x5b, 0x45, 0x3f, 0x0c, 0x2f, 0x2b, 0xa7, - 0x82, 0x26, 0xaf, 0xcc, 0x2c, 0xf5, 0xe0, 0xe0, 0xc2, 0x27, 0xe9, 0x1a, 0x8b, 0xe2, 0x70, 0x6b, - 0x7b, 0xec, 0x74, 0x76, 0x8d, 0x2d, 0xd1, 0x46, 0xcc, 0x61, 0xe8, 0x1a, 0x20, 0x16, 0x81, 0x7b, - 0x35, 0x4d, 0x23, 0xa5, 0xec, 0x8c, 0x9d, 0x61, 0xaf, 0x74, 0x5e, 0x3c, 0x81, 0x2e, 0xf7, 0x60, - 0xe0, 0x82, 0xa7, 0xec, 0x7f, 0x67, 0xc1, 0x31, 0xb5, 0x5e, 0x1f, 0x40, 0x0c, 0xba, 0x9f, 0x8d, - 0x41, 0xbf, 0x72, 0x78, 0x89, 0xc7, 0x7a, 0xde, 0x27, 0x90, 0xf1, 0x67, 0x47, 0x00, 0xb4, 0x54, - 0x54, 0x1b, 0x92, 0xd5, 0x77, 0x43, 0x7a, 0x64, 0x25, 0x52, 0x51, 0xbd, 0x84, 0xfa, 0xc3, 0xad, - 0x97, 0xb0, 0x0c, 0x67, 0xa5, 0xba, 0xc0, 0xcf, 0x8a, 0xae, 0x86, 0x89, 0x12, 0x70, 0x8d, 0xe9, - 0x27, 0x05, 0xa1, 0xb3, 0x73, 0x45, 0x48, 0xb8, 0xf8, 0xd9, 0x8c, 0x96, 0x32, 0xbc, 0x97, 0x96, - 0xa2, 0xd7, 0xf4, 0xfc, 0x9a, 0x2c, 0x88, 0x9f, 0x5b, 0xd3, 0xf3, 0x97, 0x97, 0xb1, 0xc6, 0x29, - 0x16, 0xec, 0xcd, 0x92, 0x04, 0x3b, 0xec, 0x5b, 0xb0, 0x4b, 0x11, 0x33, 0xd2, 0x57, 0xc4, 0x48, - 0x9f, 0xf4, 0x68, 0x5f, 0x9f, 0xf4, 0xfb, 0xe0, 0xb8, 0x17, 0xac, 0x93, 0xd8, 0x4b, 0x49, 0x8b, - 0xad, 0x05, 0x26, 0x7e, 0x1a, 0x7a, 0x5b, 0x9f, 0xcb, 0x40, 0x71, 0x0e, 0x3b, 0x2b, 0x17, 0x8f, - 0x0f, 0x20, 0x17, 0xfb, 0xec, 0x46, 0x27, 0xca, 0xd9, 0x8d, 0x4e, 0x1e, 0x7e, 0x37, 0x3a, 0x75, - 0xa4, 0xbb, 0x11, 0x2a, 0x65, 0x37, 0x1a, 0x48, 0xd0, 0x1b, 0xe6, 0xdf, 0x99, 0x3d, 0xcc, 0xbf, - 0x7e, 0x5b, 0xd1, 0xd9, 0x03, 0x6f, 0x45, 0xc5, 0xbb, 0xcc, 0x63, 0x07, 0xda, 0x65, 0x3e, 0x5d, - 0x81, 0xb3, 0x5a, 0x0e, 0xd3, 0xd9, 0xef, 0xad, 0x51, 0x49, 0xc4, 0xee, 0x54, 0xe1, 0xe7, 0x36, - 0x46, 0x4a, 0x84, 0xce, 0xae, 0x50, 0x10, 0x6c, 0x60, 0xb1, 0xcc, 0x02, 0x12, 0xb3, 0xe2, 0x99, - 0x79, 0x21, 0x3d, 0x23, 0xda, 0xb1, 0xc2, 0xa0, 0xf3, 0x8b, 0xfe, 0x16, 0xd9, 0x5a, 0xf9, 0x12, - 0x51, 0x33, 0x1a, 0x84, 0x4d, 0x3c, 0xf4, 0x2c, 0x67, 0xc2, 0x04, 0x04, 0x15, 0xd4, 0xa3, 0xe2, - 0x92, 0x45, 0x29, 0x13, 0x14, 0x54, 0x76, 0x87, 0xa5, 0x90, 0xd4, 0x7b, 0xbb, 0xc3, 0x42, 0xa0, - 0x14, 0x86, 0xfd, 0xdf, 0x2d, 0x38, 0x57, 0x38, 0x14, 0x0f, 0x60, 0xf3, 0xdd, 0xca, 0x6e, 0xbe, - 0xcb, 0x65, 0x99, 0x1b, 0xc6, 0x5b, 0xf4, 0xd9, 0x88, 0xff, 0x8d, 0x05, 0xc7, 0x35, 0xfe, 0x03, - 0x78, 0x55, 0x2f, 0xfb, 0xaa, 0xe5, 0x59, 0x56, 0xcd, 0x9e, 0x77, 0xfb, 0xdd, 0x0a, 0xa8, 0xb2, - 0x6d, 0x53, 0xae, 0x2c, 0x8a, 0xb9, 0xc7, 0x49, 0xe2, 0x36, 0x0c, 0xb1, 0x83, 0xd0, 0xa4, 0x9c, - 0x20, 0x8f, 0x2c, 0x7f, 0x76, 0xa8, 0xaa, 0x0f, 0x99, 0xd9, 0xdf, 0x04, 0x0b, 0x86, 0xac, 0xb4, - 0xab, 0x97, 0x50, 0x69, 0xde, 0x12, 0xc9, 0x18, 0xba, 0xb4, 0xab, 0x68, 0xc7, 0x0a, 0x83, 0x6e, - 0x0f, 0x9e, 0x1b, 0x06, 0x33, 0xbe, 0x93, 0xc8, 0x8b, 0xc4, 0xd4, 0xf6, 0x30, 0x27, 0x01, 0x58, - 0xe3, 0xb0, 0x33, 0x52, 0x2f, 0x89, 0x7c, 0x67, 0xdb, 0xb0, 0x9f, 0x8d, 0xac, 0x64, 0x05, 0xc2, - 0x26, 0x9e, 0xdd, 0x81, 0xb1, 0xec, 0x4b, 0xcc, 0x92, 0x35, 0x16, 0xa0, 0x38, 0xd0, 0x70, 0x4e, - 0x42, 0xd3, 0x61, 0x4f, 0xcd, 0x77, 0x9d, 0xfc, 0xfd, 0xbf, 0x53, 0x12, 0x80, 0x35, 0x8e, 0xfd, - 0x6b, 0x16, 0x9c, 0x2e, 0x18, 0xb4, 0x12, 0x93, 0x5d, 0x52, 0x2d, 0x6d, 0x8a, 0x36, 0xf6, 0x77, - 0xc1, 0x70, 0x8b, 0xac, 0x39, 0x32, 0x04, 0xce, 0x90, 0xed, 0xb3, 0xbc, 0x19, 0x4b, 0xb8, 0xfd, - 0x5f, 0x2d, 0x38, 0x91, 0xed, 0x6b, 0x42, 0xa5, 0x33, 0x7f, 0x99, 0x59, 0x2f, 0x71, 0xc3, 0x4d, - 0x12, 0x6f, 0xd3, 0x37, 0xe7, 0xbd, 0x56, 0xd2, 0x79, 0xaa, 0x07, 0x03, 0x17, 0x3c, 0xc5, 0x8a, - 0x36, 0xb6, 0xd4, 0x68, 0xcb, 0x19, 0x79, 0xab, 0xcc, 0x19, 0xa9, 0x3f, 0xa6, 0x79, 0x5c, 0xae, - 0x58, 0x62, 0x93, 0xbf, 0xfd, 0x9d, 0x1a, 0xa8, 0x6c, 0x38, 0x16, 0x7f, 0x54, 0x52, 0xf4, 0x56, - 0xe6, 0xce, 0xa3, 0xea, 0x00, 0x77, 0x1e, 0xc9, 0xc9, 0x50, 0xbb, 0x5f, 0x40, 0x00, 0xf7, 0x92, - 0x98, 0xae, 0x4b, 0xf5, 0x86, 0x2b, 0x1a, 0x84, 0x4d, 0x3c, 0xda, 0x13, 0xdf, 0xdb, 0x24, 0xfc, - 0xa1, 0xa1, 0x6c, 0x4f, 0xe6, 0x25, 0x00, 0x6b, 0x1c, 0xda, 0x93, 0x96, 0xb7, 0xb6, 0x26, 0x4c, - 0x7e, 0xd5, 0x13, 0x3a, 0x3a, 0x98, 0x41, 0x78, 0x1d, 0xde, 0x70, 0x43, 0x68, 0xc1, 0x46, 0x1d, - 0xde, 0x70, 0x03, 0x33, 0x08, 0xd5, 0xdb, 0x82, 0x30, 0xee, 0xb0, 0xfb, 0x99, 0x5b, 0x8a, 0x8b, - 0xd0, 0x7e, 0x95, 0xde, 0x76, 0xa3, 0x17, 0x05, 0x17, 0x3d, 0x47, 0x67, 0x60, 0x14, 0x93, 0x96, - 0xe7, 0xa6, 0x26, 0x35, 0xc8, 0xce, 0xc0, 0xa5, 0x1e, 0x0c, 0x5c, 0xf0, 0x14, 0x9a, 0x82, 0x13, - 0x32, 0x9b, 0x51, 0xd6, 0xaa, 0x18, 0xc9, 0xe6, 0xc6, 0xe3, 0x2c, 0x18, 0xe7, 0xf1, 0xa9, 0x54, - 0xeb, 0x88, 0x32, 0x35, 0x4c, 0x59, 0x36, 0xa4, 0x9a, 0x2c, 0x5f, 0x83, 0x15, 0x86, 0xfd, 0xc9, - 0x2a, 0xdd, 0x85, 0xfb, 0x94, 0x67, 0x7a, 0x60, 0xd1, 0x82, 0xd9, 0x19, 0x59, 0x1b, 0x60, 0x46, - 0xbe, 0x08, 0xa3, 0x77, 0x92, 0x30, 0x50, 0x91, 0x78, 0xf5, 0xbe, 0x91, 0x78, 0x06, 0x56, 0x71, - 0x24, 0xde, 0x50, 0x59, 0x91, 0x78, 0xc3, 0x07, 0x8c, 0xc4, 0xfb, 0x56, 0x1d, 0xd4, 0x85, 0x00, - 0x37, 0x48, 0x7a, 0x37, 0x8c, 0x37, 0xbc, 0xa0, 0xcd, 0xb2, 0x40, 0xbf, 0x66, 0xc1, 0x28, 0x5f, - 0x2f, 0xf3, 0x66, 0x26, 0xd5, 0x5a, 0x49, 0x95, 0xe6, 0x33, 0xcc, 0x26, 0x56, 0x0c, 0x46, 0xb9, - 0x7b, 0xec, 0x4c, 0x10, 0xce, 0xf4, 0x08, 0x7d, 0x0c, 0x40, 0xfa, 0x47, 0xd7, 0xa4, 0xc8, 0x9c, - 0x2b, 0xa7, 0x7f, 0x98, 0xac, 0x69, 0x1d, 0x78, 0x45, 0x31, 0xc1, 0x06, 0x43, 0xf4, 0xe9, 0xfc, - 0xfd, 0xf5, 0x1f, 0x39, 0x92, 0xb1, 0x19, 0x24, 0xc7, 0x0c, 0xc3, 0xb0, 0x17, 0xb4, 0xe9, 0x3c, - 0x11, 0x11, 0x4b, 0x3f, 0x54, 0x94, 0x41, 0x3d, 0x1f, 0x3a, 0xad, 0x69, 0xc7, 0x77, 0x02, 0x97, - 0xc4, 0x73, 0x1c, 0xdd, 0xbc, 0xbd, 0x95, 0x35, 0x60, 0x49, 0xa8, 0xe7, 0x2a, 0x85, 0xfa, 0x20, - 0x57, 0x29, 0x9c, 0x7f, 0x3f, 0x9c, 0xea, 0xf9, 0x98, 0xfb, 0x4a, 0x29, 0x3b, 0x78, 0x36, 0x9a, - 0xfd, 0x4f, 0x87, 0xf4, 0xa6, 0x75, 0x23, 0x6c, 0xf1, 0x82, 0xfe, 0xb1, 0xfe, 0xa2, 0x42, 0xc7, - 0x2d, 0x71, 0x8a, 0x18, 0x37, 0xc0, 0xaa, 0x46, 0x6c, 0xb2, 0xa4, 0x73, 0x34, 0x72, 0x62, 0x12, - 0x1c, 0xf5, 0x1c, 0x5d, 0x52, 0x4c, 0xb0, 0xc1, 0x10, 0xad, 0x67, 0x72, 0x4a, 0x2e, 0x1f, 0x3e, - 0xa7, 0x84, 0xd5, 0x96, 0x29, 0xaa, 0xc1, 0xfd, 0x45, 0x0b, 0x8e, 0x07, 0x99, 0x99, 0x5b, 0x4e, - 0x18, 0x69, 0xf1, 0xaa, 0xe0, 0xf7, 0xc9, 0x64, 0xdb, 0x70, 0x8e, 0x7f, 0xd1, 0x96, 0x56, 0xdf, - 0xe7, 0x96, 0xa6, 0x6f, 0x06, 0x19, 0xea, 0x77, 0x33, 0x08, 0x0a, 0xd4, 0xd5, 0x48, 0xc3, 0xa5, - 0x5f, 0x8d, 0x04, 0x05, 0xd7, 0x22, 0xdd, 0x86, 0xa6, 0x1b, 0x13, 0x27, 0x3d, 0xe0, 0x2d, 0x39, - 0xec, 0x80, 0x7e, 0x46, 0x12, 0xc0, 0x9a, 0x96, 0xfd, 0xbf, 0x6a, 0x70, 0x52, 0x8e, 0x88, 0x0c, - 0x41, 0xa7, 0xfb, 0x23, 0xe7, 0xab, 0x95, 0x5b, 0xb5, 0x3f, 0x5e, 0x95, 0x00, 0xac, 0x71, 0xa8, - 0x3e, 0xd6, 0x4d, 0xc8, 0x62, 0x44, 0x82, 0x79, 0x6f, 0x35, 0x11, 0xe7, 0x9c, 0x6a, 0xa1, 0xdc, - 0xd4, 0x20, 0x6c, 0xe2, 0x51, 0x65, 0x9c, 0xeb, 0xc5, 0x49, 0x3e, 0x7d, 0x45, 0xe8, 0xdb, 0x58, - 0xc2, 0xd1, 0x2f, 0x16, 0xd6, 0x8b, 0x2c, 0x27, 0x71, 0xab, 0x27, 0xf2, 0x7e, 0x9f, 0x17, 0xab, - 0xfd, 0x0d, 0x0b, 0xce, 0xf2, 0x56, 0x39, 0x92, 0x37, 0xa3, 0x96, 0x93, 0x92, 0xa4, 0x9c, 0xfa, - 0xcd, 0x05, 0xfd, 0xd3, 0x4e, 0xde, 0x22, 0xb6, 0xb8, 0xb8, 0x37, 0xe8, 0x0b, 0x16, 0x9c, 0xd8, - 0xc8, 0x64, 0xfa, 0xcb, 0xad, 0xe3, 0x90, 0x35, 0x69, 0xb2, 0xe5, 0x03, 0xf4, 0x52, 0xcb, 0xb6, - 0x27, 0x38, 0xcf, 0xdd, 0xfe, 0x53, 0x0b, 0x4c, 0x31, 0x3a, 0x98, 0x06, 0x68, 0x5c, 0x65, 0x5b, - 0xd9, 0xe3, 0x2a, 0x5b, 0xa9, 0x2c, 0x56, 0x07, 0x33, 0x4e, 0x6a, 0xfb, 0x30, 0x4e, 0xea, 0x7d, - 0xb5, 0xcb, 0x27, 0xa1, 0xda, 0xf5, 0x5a, 0xc2, 0xbe, 0xd0, 0xa7, 0xaf, 0x73, 0xb3, 0x98, 0xb6, - 0xdb, 0xff, 0xa8, 0xae, 0xfd, 0x16, 0x22, 0x2f, 0xea, 0xfb, 0xe2, 0xb5, 0xd7, 0x54, 0x89, 0x21, - 0xfe, 0xe6, 0x37, 0x7a, 0x4a, 0x0c, 0xfd, 0xe8, 0xfe, 0xd3, 0xde, 0xf8, 0x00, 0xf5, 0xab, 0x30, - 0x34, 0xbc, 0x47, 0xce, 0xdb, 0x1d, 0x68, 0x50, 0x13, 0x8c, 0x39, 0x20, 0x1b, 0x99, 0x4e, 0x35, - 0xae, 0x8a, 0xf6, 0x7b, 0x3b, 0xe3, 0x3f, 0xb2, 0xff, 0x6e, 0xc9, 0xa7, 0xb1, 0xa2, 0x8f, 0x12, - 0x68, 0xd2, 0xdf, 0x2c, 0x3d, 0x4f, 0x18, 0x77, 0x37, 0x95, 0xcc, 0x94, 0x80, 0x52, 0x72, 0xff, - 0x34, 0x1f, 0x14, 0x40, 0x93, 0xdd, 0x41, 0xc9, 0x98, 0x72, 0x1b, 0x70, 0x49, 0x25, 0xc9, 0x49, - 0xc0, 0xbd, 0x9d, 0xf1, 0x57, 0xf6, 0xcf, 0x54, 0x3d, 0x8e, 0x35, 0x0b, 0xfb, 0x4b, 0x35, 0x3d, - 0x77, 0x45, 0x65, 0xa9, 0xef, 0x8b, 0xb9, 0xfb, 0x72, 0x6e, 0xee, 0x5e, 0xe8, 0x99, 0xbb, 0xc7, - 0xf5, 0x5d, 0x89, 0x99, 0xd9, 0xf8, 0xa0, 0x15, 0x81, 0xbd, 0xfd, 0x0d, 0x4c, 0x03, 0x7a, 0xb3, - 0xeb, 0xc5, 0x24, 0x59, 0x8a, 0xbb, 0x81, 0x17, 0xb4, 0xc5, 0x1d, 0xf8, 0x86, 0x06, 0x94, 0x01, - 0xe3, 0x3c, 0x3e, 0xbb, 0x3f, 0x7f, 0x3b, 0x70, 0x6f, 0x3b, 0x9b, 0x7c, 0x56, 0x19, 0xc5, 0x76, - 0x96, 0x45, 0x3b, 0x56, 0x18, 0xf6, 0x37, 0xd8, 0x59, 0xb6, 0x91, 0x17, 0x4c, 0xe7, 0x84, 0xcf, - 0x2e, 0xfd, 0xe4, 0x95, 0x7a, 0xd4, 0x9c, 0xe0, 0x37, 0x7d, 0x72, 0x18, 0xba, 0x0b, 0xc3, 0xab, - 0xfc, 0xd6, 0xab, 0x72, 0xaa, 0x12, 0x8b, 0x2b, 0xb4, 0xd8, 0xdd, 0x06, 0xf2, 0x3e, 0xad, 0x7b, - 0xfa, 0x27, 0x96, 0xdc, 0xec, 0x6f, 0xd6, 0xe0, 0x44, 0xee, 0x5a, 0xc8, 0x4c, 0x8d, 0xc4, 0xca, - 0x9e, 0x35, 0x12, 0x3f, 0x0c, 0xd0, 0x22, 0x91, 0x1f, 0x6e, 0x33, 0x75, 0xac, 0xb6, 0x6f, 0x75, - 0x4c, 0x69, 0xf0, 0xb3, 0x8a, 0x0a, 0x36, 0x28, 0x8a, 0xf2, 0x44, 0xbc, 0xe4, 0x62, 0xae, 0x3c, - 0x91, 0x51, 0xbb, 0x7c, 0xe8, 0xc1, 0xd6, 0x2e, 0xf7, 0xe0, 0x04, 0xef, 0xa2, 0xca, 0xbe, 0x3d, - 0x40, 0x92, 0x2d, 0xcb, 0x5f, 0x98, 0xcd, 0x92, 0xc1, 0x79, 0xba, 0x0f, 0xf3, 0xd6, 0x57, 0xf4, - 0x6e, 0x68, 0xca, 0xef, 0x9c, 0x8c, 0x35, 0x75, 0x05, 0x03, 0x39, 0x0d, 0xd8, 0x6d, 0xac, 0xe2, - 0xa7, 0xfd, 0xf9, 0x0a, 0xd5, 0x9e, 0xf9, 0x3f, 0x55, 0x89, 0xe6, 0x19, 0x18, 0x72, 0xba, 0xe9, - 0x7a, 0xd8, 0x73, 0x73, 0xd6, 0x14, 0x6b, 0xc5, 0x02, 0x8a, 0xe6, 0xa1, 0xd6, 0xd2, 0xd5, 0x45, - 0xf6, 0x33, 0x8a, 0xda, 0x11, 0xe9, 0xa4, 0x04, 0x33, 0x2a, 0xe8, 0x09, 0xa8, 0xa5, 0x4e, 0x5b, - 0x26, 0x3a, 0xb1, 0xe4, 0xd6, 0x15, 0xa7, 0x9d, 0x60, 0xd6, 0x6a, 0x6e, 0x9a, 0xb5, 0x3d, 0x36, - 0xcd, 0x57, 0xe0, 0x58, 0xe2, 0xb5, 0x03, 0x27, 0xed, 0xc6, 0xc4, 0x38, 0x5c, 0xd3, 0xf1, 0x12, - 0x26, 0x10, 0x67, 0x71, 0xed, 0xdf, 0x1a, 0x85, 0x33, 0xcb, 0x33, 0x0b, 0xb2, 0x52, 0xee, 0x91, - 0xe5, 0x2a, 0x15, 0xf1, 0x78, 0x70, 0xb9, 0x4a, 0x7d, 0xb8, 0xfb, 0x46, 0xae, 0x92, 0x6f, 0xe4, - 0x2a, 0x65, 0x13, 0x47, 0xaa, 0x65, 0x24, 0x8e, 0x14, 0xf5, 0x60, 0x90, 0xc4, 0x91, 0x23, 0x4b, - 0x5e, 0xba, 0x6f, 0x87, 0xf6, 0x95, 0xbc, 0xa4, 0x32, 0xbb, 0x4a, 0x09, 0xe9, 0xef, 0xf3, 0xa9, - 0x0a, 0x33, 0xbb, 0x54, 0x56, 0x0d, 0x4f, 0x57, 0x11, 0x02, 0xf6, 0xf5, 0xf2, 0x3b, 0x30, 0x40, - 0x56, 0x8d, 0xc8, 0x98, 0x31, 0x33, 0xb9, 0x86, 0xcb, 0xc8, 0xe4, 0x2a, 0xea, 0xce, 0x9e, 0x99, - 0x5c, 0xaf, 0xc0, 0x31, 0xd7, 0x0f, 0x03, 0xb2, 0x14, 0x87, 0x69, 0xe8, 0x86, 0xbe, 0x50, 0xa6, - 0x95, 0x48, 0x98, 0x31, 0x81, 0x38, 0x8b, 0xdb, 0x2f, 0x0d, 0xac, 0x79, 0xd8, 0x34, 0x30, 0x78, - 0x48, 0x69, 0x60, 0x3f, 0xa7, 0x13, 0x96, 0x47, 0xd8, 0x17, 0xf9, 0x70, 0xf9, 0x5f, 0x64, 0x90, - 0xac, 0x65, 0xf4, 0x15, 0x7e, 0x75, 0x15, 0x55, 0x47, 0x67, 0xc2, 0x0e, 0x55, 0xb7, 0x46, 0xd9, - 0x90, 0xbc, 0x71, 0x04, 0x13, 0xf6, 0xf6, 0xb2, 0x66, 0xa3, 0xae, 0xb3, 0xd2, 0x4d, 0x38, 0xdb, - 0x91, 0xc3, 0x24, 0x54, 0x7f, 0xb5, 0x02, 0x3f, 0xb0, 0x67, 0x17, 0xd0, 0x5d, 0x80, 0xd4, 0x69, - 0x8b, 0x89, 0x2a, 0x8e, 0x29, 0x0e, 0x19, 0xd4, 0xb8, 0x22, 0xe9, 0xf1, 0x4a, 0x20, 0xea, 0x2f, - 0x3b, 0x00, 0x90, 0xbf, 0x59, 0x2c, 0x63, 0xe8, 0xf7, 0x54, 0x3d, 0xc4, 0xa1, 0x4f, 0x30, 0x83, - 0xd0, 0xed, 0x3f, 0x26, 0x6d, 0x7d, 0xd7, 0xaa, 0xfa, 0x7c, 0x98, 0xb5, 0x62, 0x01, 0x45, 0x2f, - 0xc1, 0x88, 0xe3, 0xfb, 0x3c, 0x2b, 0x85, 0x24, 0xe2, 0xee, 0x0a, 0x5d, 0xb9, 0x4d, 0x83, 0xb0, - 0x89, 0x67, 0xff, 0x49, 0x05, 0xc6, 0xf7, 0x90, 0x29, 0x3d, 0x79, 0x76, 0xf5, 0x81, 0xf3, 0xec, - 0x44, 0x66, 0xc0, 0x50, 0x9f, 0xcc, 0x80, 0x97, 0x60, 0x24, 0x25, 0x4e, 0x47, 0x84, 0x41, 0x09, - 0xfb, 0x5b, 0x9f, 0xbb, 0x6a, 0x10, 0x36, 0xf1, 0xa8, 0x14, 0x3b, 0xee, 0xb8, 0x2e, 0x49, 0x12, - 0x19, 0xfa, 0x2f, 0x7c, 0x98, 0xa5, 0xe5, 0x15, 0x30, 0xd7, 0xf0, 0x54, 0x86, 0x05, 0xce, 0xb1, - 0xcc, 0x0f, 0x78, 0x73, 0xc0, 0x01, 0xff, 0x7a, 0x05, 0x9e, 0xbc, 0xef, 0xee, 0x36, 0x70, 0x56, - 0x46, 0x37, 0x21, 0x71, 0x7e, 0xe2, 0xdc, 0x4c, 0x48, 0x8c, 0x19, 0x84, 0x8f, 0x52, 0x14, 0x19, - 0x77, 0xd9, 0x96, 0x9d, 0x32, 0xc4, 0x47, 0x29, 0xc3, 0x02, 0xe7, 0x58, 0x1e, 0x74, 0x5a, 0xfe, - 0x9d, 0x0a, 0x3c, 0x3d, 0x80, 0x0e, 0x50, 0x62, 0x6a, 0x55, 0x36, 0xc1, 0xad, 0xfa, 0x90, 0xf2, - 0x10, 0x0f, 0x38, 0x5c, 0xdf, 0xa8, 0xc0, 0xf9, 0xfe, 0x5b, 0x31, 0xfa, 0x31, 0x6a, 0xc3, 0xcb, - 0xd8, 0x27, 0x33, 0x37, 0xee, 0x34, 0xb7, 0xdf, 0x33, 0x20, 0x9c, 0xc7, 0x45, 0x13, 0x00, 0x91, - 0x93, 0xae, 0x27, 0x97, 0xb6, 0xbc, 0x24, 0x15, 0xb5, 0x5f, 0x8e, 0xf3, 0x13, 0x23, 0xd9, 0x8a, - 0x0d, 0x0c, 0xca, 0x8e, 0xfd, 0x9b, 0x0d, 0x6f, 0x84, 0x29, 0x7f, 0x88, 0x9b, 0x11, 0xa7, 0x65, - 0x7d, 0x7c, 0x03, 0x84, 0xf3, 0xb8, 0x94, 0x1d, 0x3b, 0x93, 0xe4, 0x1d, 0xe5, 0xf6, 0x05, 0x63, - 0x37, 0xaf, 0x5a, 0xb1, 0x81, 0x91, 0xcf, 0xfa, 0xab, 0xef, 0x9d, 0xf5, 0x67, 0xff, 0xc3, 0x0a, - 0x9c, 0xeb, 0xab, 0xca, 0x0d, 0xb6, 0x00, 0x1f, 0xbd, 0x4c, 0xbd, 0x83, 0xcd, 0x9d, 0x7d, 0x66, - 0x94, 0xfd, 0x51, 0x9f, 0x99, 0x26, 0x32, 0xca, 0x0e, 0x9e, 0x92, 0xfd, 0xe8, 0x8d, 0x67, 0x4f, - 0x12, 0x59, 0x6d, 0x1f, 0x49, 0x64, 0xb9, 0x8f, 0x51, 0x1f, 0x70, 0x21, 0xff, 0x59, 0xb5, 0xef, - 0xf0, 0x52, 0xd3, 0x6f, 0x20, 0xef, 0xe8, 0x2c, 0x9c, 0xf4, 0x02, 0x76, 0x57, 0xca, 0x72, 0x77, - 0x55, 0x94, 0x03, 0xa9, 0x64, 0x6f, 0x2a, 0x9e, 0xcb, 0xc1, 0x71, 0xcf, 0x13, 0x8f, 0x60, 0x52, - 0xdf, 0xc1, 0x86, 0x74, 0x7f, 0x69, 0xa5, 0x68, 0x11, 0xce, 0xca, 0xa1, 0x58, 0x77, 0x62, 0xd2, - 0x12, 0xdb, 0x48, 0x22, 0xd2, 0x18, 0xce, 0xf1, 0x54, 0x88, 0x02, 0x04, 0x5c, 0xfc, 0x1c, 0xbb, - 0x9e, 0x22, 0x8c, 0x3c, 0x57, 0x18, 0x39, 0xfa, 0x7a, 0x0a, 0xda, 0x88, 0x39, 0xcc, 0xfe, 0x30, - 0x34, 0xd5, 0xfb, 0xf3, 0x60, 0x6a, 0x35, 0xe9, 0x7a, 0x82, 0xa9, 0xd5, 0x8c, 0x33, 0xb0, 0xe8, - 0xd7, 0xa2, 0x2a, 0x71, 0x6e, 0xf5, 0x5c, 0x27, 0xdb, 0x4c, 0x3f, 0xb6, 0xdf, 0x03, 0xa3, 0xca, - 0xcf, 0x32, 0xe8, 0xa5, 0x1d, 0xf6, 0x97, 0x86, 0xe0, 0x58, 0xa6, 0x24, 0x5f, 0xc6, 0xad, 0x69, - 0xed, 0xe9, 0xd6, 0x64, 0xc1, 0xf1, 0xdd, 0x40, 0xde, 0xe8, 0x63, 0x04, 0xc7, 0x77, 0x03, 0x82, - 0x39, 0x8c, 0xaa, 0xb7, 0xad, 0x78, 0x1b, 0x77, 0x03, 0x11, 0xc4, 0xaa, 0xd4, 0xdb, 0x59, 0xd6, - 0x8a, 0x05, 0x14, 0x7d, 0xc2, 0x82, 0xd1, 0x84, 0xf9, 0xcc, 0xb9, 0x53, 0x58, 0x4c, 0xba, 0x6b, - 0x87, 0xaf, 0x38, 0xa8, 0xca, 0x4f, 0xb2, 0xb8, 0x14, 0xb3, 0x05, 0x67, 0x38, 0xa2, 0x9f, 0xb1, - 0xa0, 0xa9, 0x2e, 0x1e, 0x10, 0xd7, 0x6e, 0x2d, 0x97, 0x5b, 0xf1, 0x90, 0x7b, 0x13, 0xd5, 0xf1, - 0x83, 0xbe, 0x49, 0x5c, 0x33, 0x46, 0x89, 0xf2, 0xd8, 0x0e, 0x1f, 0x8d, 0xc7, 0x16, 0x0a, 0xbc, - 0xb5, 0xef, 0x86, 0x66, 0xc7, 0x09, 0xbc, 0x35, 0x92, 0xa4, 0xdc, 0x89, 0x2a, 0x0b, 0xb1, 0xca, - 0x46, 0xac, 0xe1, 0x74, 0x43, 0x4e, 0xd8, 0x8b, 0xa5, 0x86, 0xd7, 0x93, 0x6d, 0xc8, 0xcb, 0xba, - 0x19, 0x9b, 0x38, 0xa6, 0x8b, 0x16, 0x1e, 0xaa, 0x8b, 0x76, 0x64, 0x0f, 0x17, 0xed, 0xdf, 0xb3, - 0xe0, 0x6c, 0xe1, 0x57, 0x7b, 0x74, 0xc3, 0x0d, 0xed, 0x2f, 0xd7, 0xe1, 0x74, 0x41, 0x6d, 0x4d, - 0xb4, 0x6d, 0xce, 0x67, 0xab, 0x8c, 0x93, 0xfb, 0xec, 0x41, 0xb4, 0x1c, 0xc6, 0x82, 0x49, 0xbc, - 0xbf, 0x03, 0x12, 0x7d, 0x48, 0x51, 0x7d, 0xb0, 0x87, 0x14, 0xc6, 0xb4, 0xac, 0x3d, 0xd4, 0x69, - 0x59, 0xbf, 0xff, 0xb4, 0x44, 0xbf, 0x6e, 0xc1, 0x58, 0xa7, 0x4f, 0x41, 0x77, 0xe1, 0x78, 0xbc, - 0x75, 0x34, 0xe5, 0xe2, 0xa7, 0x9f, 0xd8, 0xdd, 0x19, 0xef, 0x5b, 0x47, 0x1f, 0xf7, 0xed, 0x95, - 0xfd, 0x9d, 0x2a, 0xb0, 0xc2, 0xae, 0xac, 0x7e, 0xda, 0x36, 0xfa, 0xb8, 0x59, 0xa2, 0xd7, 0x2a, - 0xab, 0x9c, 0x2c, 0x27, 0xae, 0x4a, 0xfc, 0xf2, 0x11, 0x2c, 0xaa, 0xf8, 0x9b, 0x17, 0x5a, 0x95, - 0x01, 0x84, 0x96, 0x2f, 0x6b, 0x21, 0x57, 0xcb, 0xaf, 0x85, 0xdc, 0xcc, 0xd7, 0x41, 0xbe, 0xff, - 0x27, 0xae, 0x3d, 0x92, 0x9f, 0xf8, 0xaf, 0x59, 0x5c, 0xf0, 0xe4, 0xbe, 0x82, 0xd6, 0x0c, 0xac, - 0xfb, 0x68, 0x06, 0xcf, 0xb1, 0x3b, 0xe1, 0xd7, 0xae, 0x12, 0xc7, 0x17, 0x1a, 0x84, 0x79, 0xbd, - 0x3b, 0x6b, 0xc7, 0x0a, 0x83, 0x5d, 0x91, 0xe8, 0xfb, 0xe1, 0xdd, 0x4b, 0x9d, 0x28, 0xdd, 0x16, - 0xba, 0x84, 0xbe, 0x22, 0x51, 0x41, 0xb0, 0x81, 0x65, 0xff, 0xf5, 0x0a, 0x9f, 0x81, 0x22, 0xf4, - 0xe0, 0xe5, 0xdc, 0xa5, 0x56, 0x83, 0x9f, 0xda, 0x7f, 0x14, 0xc0, 0x55, 0xd7, 0x41, 0x8b, 0x33, - 0xa1, 0xab, 0x87, 0xbe, 0xab, 0x56, 0xd0, 0xd3, 0xaf, 0xa1, 0xdb, 0xb0, 0xc1, 0x2f, 0x23, 0x4b, - 0xab, 0x7b, 0xca, 0xd2, 0x8c, 0x58, 0xa9, 0xed, 0xb1, 0xdb, 0xfd, 0x89, 0x05, 0x19, 0x8d, 0x08, - 0x45, 0x50, 0xa7, 0xdd, 0xdd, 0x2e, 0xe7, 0xa6, 0x6b, 0x93, 0x34, 0x15, 0x8d, 0x62, 0xda, 0xb3, - 0x9f, 0x98, 0x33, 0x42, 0xbe, 0x88, 0x50, 0xa8, 0x94, 0x71, 0x1b, 0xbb, 0xc9, 0xf0, 0x6a, 0x18, - 0x6e, 0xf0, 0x83, 0x4d, 0x1d, 0xed, 0x60, 0xbf, 0x0c, 0xa7, 0x7a, 0x3a, 0xc5, 0xee, 0xaf, 0x09, - 0xe5, 0xf5, 0xde, 0xc6, 0x74, 0x65, 0x69, 0x93, 0x98, 0xc3, 0xec, 0x6f, 0x58, 0x70, 0x32, 0x4f, - 0x1e, 0x7d, 0xc5, 0x82, 0x53, 0x49, 0x9e, 0xde, 0x51, 0x8d, 0x9d, 0x8a, 0x32, 0xec, 0x01, 0xe1, - 0xde, 0x4e, 0xd8, 0xff, 0x5b, 0x4c, 0xfe, 0xdb, 0x5e, 0xd0, 0x0a, 0xef, 0x2a, 0xc5, 0xc4, 0xea, - 0xab, 0x98, 0xd0, 0xf5, 0xe8, 0xae, 0x93, 0x56, 0xd7, 0xef, 0xc9, 0xd7, 0x5c, 0x16, 0xed, 0x58, - 0x61, 0xb0, 0xf4, 0xb4, 0xae, 0x28, 0x96, 0x9e, 0x9b, 0x94, 0xb3, 0xa2, 0x1d, 0x2b, 0x0c, 0xf4, - 0x22, 0x8c, 0x9a, 0x57, 0xd8, 0x8b, 0x79, 0xc9, 0x14, 0x72, 0xf3, 0xb6, 0x7b, 0x9c, 0xc1, 0x42, - 0x13, 0x00, 0x4a, 0xc9, 0x91, 0x5b, 0x24, 0x73, 0x14, 0x29, 0x49, 0x94, 0x60, 0x03, 0x83, 0x25, - 0x83, 0xf2, 0x7b, 0xe2, 0x65, 0x2c, 0x2e, 0x4f, 0x06, 0x15, 0x6d, 0x58, 0x41, 0xa9, 0x34, 0xe9, - 0x38, 0x41, 0xd7, 0xf1, 0xe9, 0x08, 0x09, 0xd3, 0x4f, 0x2d, 0xc3, 0x05, 0x05, 0xc1, 0x06, 0x16, - 0x7d, 0xe3, 0xd4, 0xeb, 0x90, 0xd7, 0xc2, 0x40, 0x46, 0x87, 0xe9, 0x63, 0x1f, 0xd1, 0x8e, 0x15, - 0x86, 0xfd, 0x9f, 0x2d, 0x38, 0xa1, 0x53, 0xcb, 0xf9, 0x4d, 0xb5, 0xa6, 0xa5, 0x6a, 0xed, 0x69, - 0xa9, 0x66, 0x73, 0x6e, 0x2b, 0x03, 0xe5, 0xdc, 0x9a, 0xe9, 0xb0, 0xd5, 0xfb, 0xa6, 0xc3, 0xfe, - 0xa0, 0xbe, 0x05, 0x91, 0xe7, 0xcd, 0x8e, 0x14, 0xdd, 0x80, 0x88, 0x6c, 0x18, 0x72, 0x1d, 0x55, - 0x57, 0x65, 0x94, 0xdb, 0x0e, 0x33, 0x53, 0x0c, 0x49, 0x40, 0xec, 0x45, 0x68, 0xaa, 0xd3, 0x0f, - 0x69, 0xa8, 0x5a, 0xc5, 0x86, 0xea, 0x40, 0x69, 0x79, 0xd3, 0xab, 0xdf, 0xfc, 0xee, 0x53, 0xef, - 0xf8, 0xbd, 0xef, 0x3e, 0xf5, 0x8e, 0x3f, 0xfc, 0xee, 0x53, 0xef, 0xf8, 0xc4, 0xee, 0x53, 0xd6, - 0x37, 0x77, 0x9f, 0xb2, 0x7e, 0x6f, 0xf7, 0x29, 0xeb, 0x0f, 0x77, 0x9f, 0xb2, 0xbe, 0xb3, 0xfb, - 0x94, 0xf5, 0xc5, 0xff, 0xf0, 0xd4, 0x3b, 0x5e, 0x2b, 0x0c, 0x0f, 0xa4, 0x3f, 0x9e, 0x77, 0x5b, - 0x93, 0x9b, 0x17, 0x59, 0x84, 0x1a, 0x5d, 0x5e, 0x93, 0xc6, 0x9c, 0x9a, 0x94, 0xcb, 0xeb, 0xff, - 0x06, 0x00, 0x00, 0xff, 0xff, 0x59, 0x76, 0x9f, 0x68, 0xfa, 0xd9, 0x00, 0x00, + // 9856 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x7d, 0x6d, 0x70, 0x24, 0xc7, + 0x75, 0x18, 0x67, 0x17, 0x0b, 0xec, 0x3e, 0x7c, 0xdc, 0xa1, 0xef, 0x8e, 0x04, 0x8f, 0xe4, 0xe1, + 0x32, 0x2c, 0xd3, 0x54, 0x44, 0x02, 0xe6, 0x89, 0x52, 0x2e, 0xa6, 0x4d, 0x19, 0x0b, 0xdc, 0xe1, + 0x70, 0x07, 0x1c, 0xc0, 0x06, 0xee, 0x4e, 0x22, 0x4d, 0x51, 0x83, 0xd9, 0xde, 0xc5, 0x1c, 0x66, + 0x67, 0xf6, 0x66, 0x66, 0x71, 0x00, 0x2d, 0xcb, 0x92, 0x2d, 0xc5, 0x4a, 0xf4, 0x41, 0x85, 0xfe, + 0x61, 0xb9, 0x92, 0x38, 0x8a, 0xed, 0x72, 0xc5, 0x95, 0xb0, 0xe2, 0x54, 0x7e, 0xc4, 0xf9, 0xaa, + 0x8a, 0xed, 0xfc, 0x60, 0x4a, 0x49, 0x45, 0x55, 0x71, 0x59, 0x4e, 0xec, 0xc0, 0x14, 0x52, 0xa9, + 0xa4, 0x52, 0x15, 0x57, 0xe5, 0xe3, 0x4f, 0xae, 0x5c, 0x95, 0x54, 0x7f, 0xf7, 0xcc, 0xee, 0x1e, + 0x16, 0xc0, 0xe0, 0xee, 0xa4, 0xe2, 0xbf, 0xdd, 0x7e, 0x6f, 0xde, 0xeb, 0xe9, 0xe9, 0x7e, 0xfd, + 0xde, 0xeb, 0xf7, 0x5e, 0xc3, 0x62, 0xc3, 0x4b, 0x36, 0xda, 0xeb, 0x53, 0x6e, 0xd8, 0x9c, 0x76, + 0xa2, 0x46, 0xd8, 0x8a, 0xc2, 0xdb, 0xec, 0xc7, 0x8b, 0x6e, 0x6d, 0x7a, 0xeb, 0xc2, 0x74, 0x6b, + 0xb3, 0x31, 0xed, 0xb4, 0xbc, 0x78, 0xda, 0x69, 0xb5, 0x7c, 0xcf, 0x75, 0x12, 0x2f, 0x0c, 0xa6, + 0xb7, 0x5e, 0x72, 0xfc, 0xd6, 0x86, 0xf3, 0xd2, 0x74, 0x83, 0x04, 0x24, 0x72, 0x12, 0x52, 0x9b, + 0x6a, 0x45, 0x61, 0x12, 0xa2, 0x9f, 0xd0, 0xd4, 0xa6, 0x24, 0x35, 0xf6, 0xe3, 0x2d, 0xb7, 0x36, + 0xb5, 0x75, 0x61, 0xaa, 0xb5, 0xd9, 0x98, 0xa2, 0xd4, 0xa6, 0x0c, 0x6a, 0x53, 0x92, 0xda, 0xd9, + 0x17, 0x8d, 0xbe, 0x34, 0xc2, 0x46, 0x38, 0xcd, 0x88, 0xae, 0xb7, 0xeb, 0xec, 0x1f, 0xfb, 0xc3, + 0x7e, 0x71, 0x66, 0x67, 0xed, 0xcd, 0x8b, 0xf1, 0x94, 0x17, 0xd2, 0xee, 0x4d, 0xbb, 0x61, 0x44, + 0xa6, 0xb7, 0x3a, 0x3a, 0x74, 0xf6, 0x8a, 0xc6, 0x21, 0xdb, 0x09, 0x09, 0x62, 0x2f, 0x0c, 0xe2, + 0x17, 0x69, 0x17, 0x48, 0xb4, 0x45, 0x22, 0xf3, 0xf5, 0x0c, 0x84, 0x6e, 0x94, 0x5e, 0xd6, 0x94, + 0x9a, 0x8e, 0xbb, 0xe1, 0x05, 0x24, 0xda, 0xd1, 0x8f, 0x37, 0x49, 0xe2, 0x74, 0x7b, 0x6a, 0xba, + 0xd7, 0x53, 0x51, 0x3b, 0x48, 0xbc, 0x26, 0xe9, 0x78, 0xe0, 0x13, 0xfb, 0x3d, 0x10, 0xbb, 0x1b, + 0xa4, 0xe9, 0x74, 0x3c, 0xf7, 0xb1, 0x5e, 0xcf, 0xb5, 0x13, 0xcf, 0x9f, 0xf6, 0x82, 0x24, 0x4e, + 0xa2, 0xec, 0x43, 0xf6, 0x1d, 0x18, 0x9d, 0xb9, 0xb5, 0x3a, 0xd3, 0x4e, 0x36, 0x66, 0xc3, 0xa0, + 0xee, 0x35, 0xd0, 0xc7, 0x61, 0xd8, 0xf5, 0xdb, 0x71, 0x42, 0xa2, 0xeb, 0x4e, 0x93, 0x4c, 0x58, + 0xe7, 0xad, 0xe7, 0x2b, 0xd5, 0x53, 0xef, 0xef, 0x4e, 0x3e, 0xb6, 0xb7, 0x3b, 0x39, 0x3c, 0xab, + 0x41, 0xd8, 0xc4, 0x43, 0x1f, 0x81, 0xa1, 0x28, 0xf4, 0xc9, 0x0c, 0xbe, 0x3e, 0x51, 0x60, 0x8f, + 0x9c, 0x10, 0x8f, 0x0c, 0x61, 0xde, 0x8c, 0x25, 0xdc, 0xfe, 0xc3, 0x02, 0xc0, 0x4c, 0xab, 0xb5, + 0x12, 0x85, 0xb7, 0x89, 0x9b, 0xa0, 0xcf, 0x42, 0x99, 0x0e, 0x5d, 0xcd, 0x49, 0x1c, 0xc6, 0x6d, + 0xf8, 0xc2, 0x8f, 0x4d, 0xf1, 0x37, 0x99, 0x32, 0xdf, 0x44, 0x4f, 0x1c, 0x8a, 0x3d, 0xb5, 0xf5, + 0xd2, 0xd4, 0xf2, 0x3a, 0x7d, 0x7e, 0x89, 0x24, 0x4e, 0x15, 0x09, 0x66, 0xa0, 0xdb, 0xb0, 0xa2, + 0x8a, 0x02, 0x18, 0x88, 0x5b, 0xc4, 0x65, 0x1d, 0x1b, 0xbe, 0xb0, 0x38, 0x75, 0x94, 0x19, 0x3a, + 0xa5, 0x7b, 0xbe, 0xda, 0x22, 0x6e, 0x75, 0x44, 0x70, 0x1e, 0xa0, 0xff, 0x30, 0xe3, 0x83, 0xb6, + 0x60, 0x30, 0x4e, 0x9c, 0xa4, 0x1d, 0x4f, 0x14, 0x19, 0xc7, 0xeb, 0xb9, 0x71, 0x64, 0x54, 0xab, + 0x63, 0x82, 0xe7, 0x20, 0xff, 0x8f, 0x05, 0x37, 0xfb, 0x3f, 0x59, 0x30, 0xa6, 0x91, 0x17, 0xbd, + 0x38, 0x41, 0x3f, 0xdd, 0x31, 0xb8, 0x53, 0xfd, 0x0d, 0x2e, 0x7d, 0x9a, 0x0d, 0xed, 0x49, 0xc1, + 0xac, 0x2c, 0x5b, 0x8c, 0x81, 0x6d, 0x42, 0xc9, 0x4b, 0x48, 0x33, 0x9e, 0x28, 0x9c, 0x2f, 0x3e, + 0x3f, 0x7c, 0xe1, 0x4a, 0x5e, 0xef, 0x59, 0x1d, 0x15, 0x4c, 0x4b, 0x0b, 0x94, 0x3c, 0xe6, 0x5c, + 0xec, 0xdf, 0x1a, 0x31, 0xdf, 0x8f, 0x0e, 0x38, 0x7a, 0x09, 0x86, 0xe3, 0xb0, 0x1d, 0xb9, 0x04, + 0x93, 0x56, 0x18, 0x4f, 0x58, 0xe7, 0x8b, 0x74, 0xea, 0xd1, 0x99, 0xba, 0xaa, 0x9b, 0xb1, 0x89, + 0x83, 0xbe, 0x61, 0xc1, 0x48, 0x8d, 0xc4, 0x89, 0x17, 0x30, 0xfe, 0xb2, 0xf3, 0x6b, 0x47, 0xee, + 0xbc, 0x6c, 0x9c, 0xd3, 0xc4, 0xab, 0xa7, 0xc5, 0x8b, 0x8c, 0x18, 0x8d, 0x31, 0x4e, 0xf1, 0xa7, + 0x2b, 0xae, 0x46, 0x62, 0x37, 0xf2, 0x5a, 0xf4, 0x3f, 0x9b, 0x33, 0xc6, 0x8a, 0x9b, 0xd3, 0x20, + 0x6c, 0xe2, 0xa1, 0x00, 0x4a, 0x74, 0x45, 0xc5, 0x13, 0x03, 0xac, 0xff, 0x0b, 0x47, 0xeb, 0xbf, + 0x18, 0x54, 0xba, 0x58, 0xf5, 0xe8, 0xd3, 0x7f, 0x31, 0xe6, 0x6c, 0xd0, 0xd7, 0x2d, 0x98, 0x10, + 0x2b, 0x1e, 0x13, 0x3e, 0xa0, 0xb7, 0x36, 0xbc, 0x84, 0xf8, 0x5e, 0x9c, 0x4c, 0x94, 0x58, 0x1f, + 0xa6, 0xfb, 0x9b, 0x5b, 0xf3, 0x51, 0xd8, 0x6e, 0x5d, 0xf3, 0x82, 0x5a, 0xf5, 0xbc, 0xe0, 0x34, + 0x31, 0xdb, 0x83, 0x30, 0xee, 0xc9, 0x12, 0xfd, 0x92, 0x05, 0x67, 0x03, 0xa7, 0x49, 0xe2, 0x96, + 0x43, 0x3f, 0x2d, 0x07, 0x57, 0x7d, 0xc7, 0xdd, 0x64, 0x3d, 0x1a, 0x3c, 0x5c, 0x8f, 0x6c, 0xd1, + 0xa3, 0xb3, 0xd7, 0x7b, 0x92, 0xc6, 0xf7, 0x61, 0x8b, 0x7e, 0xdd, 0x82, 0xf1, 0x30, 0x6a, 0x6d, + 0x38, 0x01, 0xa9, 0x49, 0x68, 0x3c, 0x31, 0xc4, 0x96, 0xde, 0x67, 0x8e, 0xf6, 0x89, 0x96, 0xb3, + 0x64, 0x97, 0xc2, 0xc0, 0x4b, 0xc2, 0x68, 0x95, 0x24, 0x89, 0x17, 0x34, 0xe2, 0xea, 0x99, 0xbd, + 0xdd, 0xc9, 0xf1, 0x0e, 0x2c, 0xdc, 0xd9, 0x1f, 0xf4, 0x33, 0x30, 0x1c, 0xef, 0x04, 0xee, 0x2d, + 0x2f, 0xa8, 0x85, 0x77, 0xe3, 0x89, 0x72, 0x1e, 0xcb, 0x77, 0x55, 0x11, 0x14, 0x0b, 0x50, 0x33, + 0xc0, 0x26, 0xb7, 0xee, 0x1f, 0x4e, 0x4f, 0xa5, 0x4a, 0xde, 0x1f, 0x4e, 0x4f, 0xa6, 0xfb, 0xb0, + 0x45, 0xbf, 0x68, 0xc1, 0x68, 0xec, 0x35, 0x02, 0x27, 0x69, 0x47, 0xe4, 0x1a, 0xd9, 0x89, 0x27, + 0x80, 0x75, 0xe4, 0xea, 0x11, 0x47, 0xc5, 0x20, 0x59, 0x3d, 0x23, 0xfa, 0x38, 0x6a, 0xb6, 0xc6, + 0x38, 0xcd, 0xb7, 0xdb, 0x42, 0xd3, 0xd3, 0x7a, 0x38, 0xdf, 0x85, 0xa6, 0x27, 0x75, 0x4f, 0x96, + 0xe8, 0xa7, 0xe0, 0x24, 0x6f, 0x52, 0x23, 0x1b, 0x4f, 0x8c, 0x30, 0x41, 0x7b, 0x7a, 0x6f, 0x77, + 0xf2, 0xe4, 0x6a, 0x06, 0x86, 0x3b, 0xb0, 0xd1, 0x1d, 0x98, 0x6c, 0x91, 0xa8, 0xe9, 0x25, 0xcb, + 0x81, 0xbf, 0x23, 0xc5, 0xb7, 0x1b, 0xb6, 0x48, 0x4d, 0x74, 0x27, 0x9e, 0x18, 0x3d, 0x6f, 0x3d, + 0x5f, 0xae, 0xfe, 0xa8, 0xe8, 0xe6, 0xe4, 0xca, 0xfd, 0xd1, 0xf1, 0x7e, 0xf4, 0xec, 0x7f, 0x5d, + 0x80, 0x93, 0xd9, 0x8d, 0x13, 0xfd, 0xa6, 0x05, 0x27, 0x6e, 0xdf, 0x4d, 0xd6, 0xc2, 0x4d, 0x12, + 0xc4, 0xd5, 0x1d, 0x2a, 0xde, 0xd8, 0x96, 0x31, 0x7c, 0xc1, 0xcd, 0x77, 0x8b, 0x9e, 0xba, 0x9a, + 0xe6, 0x72, 0x29, 0x48, 0xa2, 0x9d, 0xea, 0x13, 0xe2, 0xed, 0x4e, 0x5c, 0xbd, 0xb5, 0x66, 0x42, + 0x71, 0xb6, 0x53, 0x67, 0xbf, 0x6a, 0xc1, 0xe9, 0x6e, 0x24, 0xd0, 0x49, 0x28, 0x6e, 0x92, 0x1d, + 0xae, 0x95, 0x61, 0xfa, 0x13, 0xbd, 0x09, 0xa5, 0x2d, 0xc7, 0x6f, 0x13, 0xa1, 0xdd, 0xcc, 0x1f, + 0xed, 0x45, 0x54, 0xcf, 0x30, 0xa7, 0xfa, 0xe3, 0x85, 0x8b, 0x96, 0xfd, 0xef, 0x8a, 0x30, 0x6c, + 0xec, 0x6f, 0x0f, 0x40, 0x63, 0x0b, 0x53, 0x1a, 0xdb, 0x52, 0x6e, 0x5b, 0x73, 0x4f, 0x95, 0xed, + 0x6e, 0x46, 0x65, 0x5b, 0xce, 0x8f, 0xe5, 0x7d, 0x75, 0x36, 0x94, 0x40, 0x25, 0x6c, 0x51, 0x8d, + 0x9c, 0x6e, 0xfd, 0x03, 0x79, 0x7c, 0xc2, 0x65, 0x49, 0xae, 0x3a, 0xba, 0xb7, 0x3b, 0x59, 0x51, + 0x7f, 0xb1, 0x66, 0x64, 0x7f, 0xcf, 0x82, 0xd3, 0x46, 0x1f, 0x67, 0xc3, 0xa0, 0xe6, 0xb1, 0x4f, + 0x7b, 0x1e, 0x06, 0x92, 0x9d, 0x96, 0x54, 0xfb, 0xd5, 0x48, 0xad, 0xed, 0xb4, 0x08, 0x66, 0x10, + 0xaa, 0xe8, 0x37, 0x49, 0x1c, 0x3b, 0x0d, 0x92, 0x55, 0xf4, 0x97, 0x78, 0x33, 0x96, 0x70, 0x14, + 0x01, 0xf2, 0x9d, 0x38, 0x59, 0x8b, 0x9c, 0x20, 0x66, 0xe4, 0xd7, 0xbc, 0x26, 0x11, 0x03, 0xfc, + 0x17, 0xfb, 0x9b, 0x31, 0xf4, 0x89, 0xea, 0xe3, 0x7b, 0xbb, 0x93, 0x68, 0xb1, 0x83, 0x12, 0xee, + 0x42, 0xdd, 0xfe, 0x25, 0x0b, 0x1e, 0xef, 0xae, 0x8b, 0xa1, 0xe7, 0x60, 0x90, 0x9b, 0x7c, 0xe2, + 0xed, 0xf4, 0x27, 0x61, 0xad, 0x58, 0x40, 0xd1, 0x34, 0x54, 0xd4, 0x3e, 0x21, 0xde, 0x71, 0x5c, + 0xa0, 0x56, 0xf4, 0xe6, 0xa2, 0x71, 0xe8, 0xa0, 0xd1, 0x3f, 0x42, 0x73, 0x53, 0x83, 0xc6, 0x8c, + 0x24, 0x06, 0xb1, 0xff, 0xd4, 0x82, 0x13, 0x46, 0xaf, 0x1e, 0x80, 0x6a, 0x1e, 0xa4, 0x55, 0xf3, + 0x85, 0xdc, 0xe6, 0x73, 0x0f, 0xdd, 0xfc, 0xeb, 0x16, 0x9c, 0x35, 0xb0, 0x96, 0x9c, 0xc4, 0xdd, + 0xb8, 0xb4, 0xdd, 0x8a, 0x48, 0x4c, 0xcd, 0x69, 0xf4, 0x8c, 0x21, 0xb7, 0xaa, 0xc3, 0x82, 0x42, + 0xf1, 0x1a, 0xd9, 0xe1, 0x42, 0xec, 0x05, 0x28, 0xf3, 0xc9, 0x19, 0x46, 0x62, 0xc4, 0xd5, 0xbb, + 0x2d, 0x8b, 0x76, 0xac, 0x30, 0x90, 0x0d, 0x83, 0x4c, 0x38, 0xd1, 0xc5, 0x4a, 0xb7, 0x21, 0xa0, + 0x1f, 0xf1, 0x26, 0x6b, 0xc1, 0x02, 0x62, 0x2f, 0xa7, 0xba, 0xb3, 0x12, 0x11, 0xf6, 0x71, 0x6b, + 0x97, 0x3d, 0xe2, 0xd7, 0x62, 0x6a, 0x36, 0x38, 0x41, 0x10, 0x26, 0xc2, 0x02, 0x30, 0xcc, 0x86, + 0x19, 0xdd, 0x8c, 0x4d, 0x1c, 0x7b, 0xaf, 0xc0, 0x8c, 0x0f, 0xb5, 0xac, 0xc9, 0x83, 0xb0, 0x5c, + 0xa3, 0x94, 0x1c, 0x5c, 0xc9, 0x4f, 0x28, 0x91, 0xde, 0xd6, 0xeb, 0xdb, 0x19, 0x51, 0x88, 0x73, + 0xe5, 0x7a, 0x7f, 0x0b, 0xf6, 0x77, 0x0b, 0x30, 0x99, 0x7e, 0xa0, 0x43, 0x92, 0x52, 0x73, 0xc9, + 0x60, 0x94, 0x75, 0x50, 0x18, 0xf8, 0xd8, 0xc4, 0xeb, 0x21, 0x8c, 0x0a, 0xc7, 0x29, 0x8c, 0x4c, + 0x59, 0x59, 0xdc, 0x47, 0x56, 0x3e, 0xa7, 0x46, 0x7d, 0x20, 0x23, 0x9c, 0xd2, 0xfb, 0xc5, 0x79, + 0x18, 0x88, 0x13, 0xd2, 0x9a, 0x28, 0xa5, 0x65, 0xcd, 0x6a, 0x42, 0x5a, 0x98, 0x41, 0xec, 0xff, + 0x5e, 0x80, 0x27, 0xd2, 0x63, 0xa8, 0xc5, 0xfb, 0x27, 0x53, 0xe2, 0xfd, 0xa3, 0xa6, 0x78, 0xbf, + 0xb7, 0x3b, 0xf9, 0x54, 0x8f, 0xc7, 0x7e, 0x60, 0xa4, 0x3f, 0x9a, 0xcf, 0x8c, 0xe2, 0x74, 0x7a, + 0x14, 0xef, 0xed, 0x4e, 0x3e, 0xd3, 0xe3, 0x1d, 0x33, 0xc3, 0xfc, 0x1c, 0x0c, 0x46, 0xc4, 0x89, + 0xc3, 0x40, 0x0c, 0xb4, 0xfa, 0x1c, 0x98, 0xb5, 0x62, 0x01, 0xb5, 0xff, 0xb4, 0x9c, 0x1d, 0xec, + 0x79, 0xee, 0x60, 0x0b, 0x23, 0xe4, 0xc1, 0x00, 0x53, 0xd9, 0xb9, 0x68, 0xb8, 0x76, 0xb4, 0x65, + 0x44, 0x45, 0xbc, 0x22, 0x5d, 0x2d, 0xd3, 0xaf, 0x46, 0x9b, 0x30, 0x63, 0x81, 0xb6, 0xa1, 0xec, + 0x4a, 0x4d, 0xba, 0x90, 0x87, 0xcf, 0x49, 0xe8, 0xd1, 0x9a, 0xe3, 0x08, 0x95, 0xc5, 0x4a, 0xfd, + 0x56, 0xdc, 0x10, 0x81, 0x62, 0xc3, 0x4b, 0xc4, 0x67, 0x3d, 0xa2, 0xad, 0x34, 0xef, 0x19, 0xaf, + 0x38, 0x44, 0x37, 0x88, 0x79, 0x2f, 0xc1, 0x94, 0x3e, 0xfa, 0xb2, 0x05, 0xc3, 0xb1, 0xdb, 0x5c, + 0x89, 0xc2, 0x2d, 0xaf, 0x46, 0x22, 0xa1, 0x29, 0x1d, 0x51, 0x34, 0xad, 0xce, 0x2e, 0x49, 0x82, + 0x9a, 0x2f, 0xb7, 0x5d, 0x35, 0x04, 0x9b, 0x7c, 0xa9, 0x05, 0xf1, 0x84, 0x78, 0xf7, 0x39, 0xe2, + 0x7a, 0x74, 0x6f, 0x93, 0x06, 0x13, 0x9b, 0x29, 0x47, 0xd6, 0x1c, 0xe7, 0xda, 0xee, 0x26, 0x5d, + 0x6f, 0xba, 0x43, 0x4f, 0xed, 0xed, 0x4e, 0x3e, 0x31, 0xdb, 0x9d, 0x27, 0xee, 0xd5, 0x19, 0x36, + 0x60, 0xad, 0xb6, 0xef, 0x63, 0x72, 0xa7, 0x4d, 0x98, 0x3b, 0x24, 0x87, 0x01, 0x5b, 0xd1, 0x04, + 0x33, 0x03, 0x66, 0x40, 0xb0, 0xc9, 0x17, 0xdd, 0x81, 0xc1, 0xa6, 0x93, 0x44, 0xde, 0xb6, 0xf0, + 0x81, 0x1c, 0x51, 0x97, 0x5f, 0x62, 0xb4, 0x34, 0x73, 0xb6, 0xf5, 0xf3, 0x46, 0x2c, 0x18, 0xa1, + 0x26, 0x94, 0x9a, 0x24, 0x6a, 0x90, 0x89, 0x72, 0x1e, 0xfe, 0xde, 0x25, 0x4a, 0x4a, 0x33, 0xac, + 0x50, 0xcd, 0x87, 0xb5, 0x61, 0xce, 0x05, 0xbd, 0x09, 0xe5, 0x98, 0xf8, 0xc4, 0xa5, 0xba, 0x4b, + 0x85, 0x71, 0xfc, 0x58, 0x9f, 0x7a, 0x9c, 0xb3, 0x4e, 0xfc, 0x55, 0xf1, 0x28, 0x5f, 0x60, 0xf2, + 0x1f, 0x56, 0x24, 0xed, 0xff, 0x62, 0x01, 0x4a, 0x4b, 0x98, 0x07, 0xa0, 0x3d, 0xde, 0x49, 0x6b, + 0x8f, 0x8b, 0x79, 0xaa, 0x00, 0x3d, 0x14, 0xc8, 0xf7, 0xcb, 0x90, 0x91, 0xcd, 0xd7, 0x49, 0x9c, + 0x90, 0xda, 0x87, 0xf2, 0xf4, 0x43, 0x79, 0xfa, 0xa1, 0x3c, 0x55, 0xf2, 0x74, 0x3d, 0x23, 0x4f, + 0x5f, 0x35, 0x56, 0xbd, 0x3e, 0xbd, 0x7c, 0x4b, 0x1d, 0x6f, 0x9a, 0x3d, 0x30, 0x10, 0xa8, 0x24, + 0xb8, 0xba, 0xba, 0x7c, 0xbd, 0xab, 0x00, 0x7d, 0x2b, 0x2d, 0x40, 0x8f, 0xca, 0xe2, 0x81, 0x8b, + 0xcc, 0xbf, 0x51, 0x80, 0x27, 0xd3, 0xa2, 0x04, 0x87, 0xbe, 0x1f, 0xb6, 0x13, 0xaa, 0x25, 0xa3, + 0x5f, 0xb5, 0xe0, 0x64, 0x33, 0x6d, 0x9e, 0xc6, 0xc2, 0x0b, 0xf8, 0xa9, 0xdc, 0xe4, 0x5c, 0xc6, + 0xfe, 0xad, 0x4e, 0x08, 0x99, 0x77, 0x32, 0x03, 0x88, 0x71, 0x47, 0x5f, 0xd0, 0x9b, 0x50, 0x69, + 0x3a, 0xdb, 0x37, 0x5a, 0x35, 0x27, 0x91, 0x06, 0x4a, 0x6f, 0xbb, 0xb2, 0x9d, 0x78, 0xfe, 0x14, + 0x3f, 0xdb, 0x9d, 0x5a, 0x08, 0x92, 0xe5, 0x68, 0x35, 0x89, 0xbc, 0xa0, 0xc1, 0x7d, 0x3f, 0x4b, + 0x92, 0x0c, 0xd6, 0x14, 0xed, 0xbf, 0x65, 0x65, 0x05, 0xad, 0x1a, 0x9d, 0xc8, 0x49, 0x48, 0x63, + 0x07, 0x7d, 0x0e, 0x4a, 0xd4, 0x92, 0x90, 0xa3, 0x72, 0x2b, 0x4f, 0xe9, 0x6f, 0x7c, 0x09, 0xbd, + 0x11, 0xd0, 0x7f, 0x31, 0xe6, 0x4c, 0xed, 0x3f, 0x2f, 0x65, 0x37, 0x3c, 0x76, 0xd2, 0x77, 0x01, + 0xa0, 0x11, 0xae, 0x91, 0x66, 0xcb, 0xa7, 0xc3, 0x62, 0x31, 0x77, 0xb1, 0x32, 0x9e, 0xe7, 0x15, + 0x04, 0x1b, 0x58, 0xe8, 0xaf, 0x5a, 0x00, 0x0d, 0xb9, 0xb0, 0xe4, 0x66, 0x76, 0x23, 0xcf, 0xd7, + 0xd1, 0xcb, 0x56, 0xf7, 0x45, 0x31, 0xc4, 0x06, 0x73, 0xf4, 0xf3, 0x16, 0x94, 0x13, 0xd9, 0x7d, + 0x2e, 0xde, 0xd7, 0xf2, 0xec, 0x89, 0x7c, 0x69, 0xbd, 0xaf, 0xab, 0x21, 0x51, 0x7c, 0xd1, 0x5f, + 0xb1, 0x00, 0xe2, 0x9d, 0xc0, 0x5d, 0x09, 0x7d, 0xcf, 0xdd, 0x11, 0x52, 0xff, 0x66, 0xae, 0x06, + 0xbe, 0xa2, 0x5e, 0x1d, 0xa3, 0xa3, 0xa1, 0xff, 0x63, 0x83, 0x33, 0xfa, 0x3c, 0x94, 0x63, 0x31, + 0xdd, 0x84, 0x9c, 0x5f, 0xcb, 0xd7, 0xcd, 0xc0, 0x69, 0x0b, 0x11, 0x21, 0xfe, 0x61, 0xc5, 0x13, + 0xfd, 0xb2, 0x05, 0x27, 0x5a, 0x69, 0xa7, 0x90, 0x10, 0xe9, 0xf9, 0xc9, 0x80, 0x8c, 0xd3, 0xa9, + 0x7a, 0x6a, 0x6f, 0x77, 0xf2, 0x44, 0xa6, 0x11, 0x67, 0x7b, 0x61, 0x7f, 0xa7, 0x90, 0x72, 0xcd, + 0x2a, 0x9f, 0x09, 0x9b, 0xcc, 0xae, 0x34, 0x57, 0xe5, 0xda, 0xcc, 0x75, 0x32, 0x2b, 0x63, 0x58, + 0x4f, 0x66, 0xd5, 0x14, 0x63, 0x83, 0x39, 0xdd, 0xb6, 0xc7, 0x9d, 0xac, 0x67, 0x46, 0xac, 0xaf, + 0x37, 0xf3, 0xec, 0x52, 0xa7, 0x23, 0xfd, 0x49, 0xd1, 0xb5, 0xf1, 0x0e, 0x10, 0xee, 0xec, 0x92, + 0xfd, 0x9d, 0xb4, 0x3b, 0xd8, 0x98, 0x1a, 0x7d, 0xb8, 0xba, 0xbf, 0x61, 0xc1, 0x70, 0x14, 0xfa, + 0xbe, 0x17, 0x34, 0xe8, 0x34, 0x16, 0xb2, 0xf8, 0x8d, 0x63, 0x11, 0x87, 0x62, 0xbe, 0xb2, 0xcd, + 0x1f, 0x6b, 0x9e, 0xd8, 0xec, 0x80, 0xfd, 0x45, 0x0b, 0x26, 0x7a, 0x2d, 0x37, 0x44, 0xe0, 0x29, + 0x39, 0x97, 0xd4, 0x41, 0xef, 0x72, 0x30, 0x47, 0x7c, 0xa2, 0xfc, 0x64, 0xe5, 0xea, 0xb3, 0xe2, + 0x35, 0x9f, 0x5a, 0xe9, 0x8d, 0x8a, 0xef, 0x47, 0xc7, 0xfe, 0x8d, 0x42, 0x76, 0x44, 0x95, 0xb8, + 0xfd, 0x96, 0xd5, 0x61, 0x94, 0x7c, 0xea, 0x38, 0x44, 0x1c, 0x33, 0x5f, 0xd4, 0x79, 0x6f, 0x6f, + 0x9c, 0x87, 0x78, 0xa0, 0x64, 0xff, 0x9b, 0x01, 0xb8, 0x4f, 0xcf, 0xd4, 0x91, 0x81, 0xd5, 0xeb, + 0xc8, 0xe0, 0xe0, 0xa7, 0x10, 0x5f, 0xb3, 0x60, 0xd0, 0xa7, 0xfa, 0x11, 0x77, 0x8b, 0x0f, 0x5f, + 0xa8, 0x1d, 0xd7, 0xd8, 0x73, 0x35, 0x2c, 0xe6, 0x87, 0x9a, 0xca, 0x33, 0xc6, 0x1b, 0xb1, 0xe8, + 0x03, 0xfa, 0xb6, 0x95, 0xf6, 0xb1, 0xf3, 0x28, 0x15, 0xef, 0xd8, 0xfa, 0x64, 0x38, 0xee, 0x79, + 0xc7, 0xb4, 0x4b, 0xb8, 0x87, 0x4b, 0x1f, 0x4d, 0x01, 0xd4, 0xbd, 0xc0, 0xf1, 0xbd, 0xb7, 0xa9, + 0x9d, 0x57, 0x62, 0x87, 0x00, 0x6c, 0xd3, 0xba, 0xac, 0x5a, 0xb1, 0x81, 0x71, 0xf6, 0x2f, 0xc3, + 0xb0, 0xf1, 0xe6, 0x5d, 0xce, 0x62, 0x4f, 0x9b, 0x67, 0xb1, 0x15, 0xe3, 0x08, 0xf5, 0xec, 0xab, + 0x70, 0x32, 0xdb, 0xc1, 0x83, 0x3c, 0x6f, 0xff, 0xe6, 0x60, 0xd6, 0x31, 0xbe, 0x46, 0xa2, 0x26, + 0xed, 0xda, 0x87, 0xf6, 0xf1, 0x87, 0xf6, 0xf1, 0x87, 0xf6, 0xb1, 0xfc, 0x63, 0xef, 0x95, 0x20, + 0xa5, 0x19, 0xf0, 0xde, 0x7d, 0x04, 0x86, 0x22, 0xd2, 0x0a, 0x6f, 0xe0, 0x45, 0x21, 0x71, 0x75, + 0x74, 0x2a, 0x6f, 0xc6, 0x12, 0x4e, 0x25, 0x73, 0xcb, 0x49, 0x36, 0x84, 0xc8, 0x55, 0x92, 0x79, + 0xc5, 0x49, 0x36, 0x30, 0x83, 0xa0, 0x57, 0x61, 0x2c, 0x71, 0xa2, 0x06, 0x49, 0x30, 0xd9, 0x62, + 0x83, 0x20, 0x0e, 0x1b, 0x1e, 0x17, 0xb8, 0x63, 0x6b, 0x29, 0x28, 0xce, 0x60, 0xa3, 0x3b, 0x30, + 0xb0, 0x41, 0xfc, 0xa6, 0x30, 0xe0, 0x57, 0xf3, 0x93, 0x88, 0xec, 0x5d, 0xaf, 0x10, 0xbf, 0xc9, + 0xd7, 0x2b, 0xfd, 0x85, 0x19, 0x2b, 0xfa, 0x75, 0x2a, 0x9b, 0xed, 0x38, 0x09, 0x9b, 0xde, 0xdb, + 0xd2, 0xac, 0xff, 0x54, 0xce, 0x8c, 0xaf, 0x49, 0xfa, 0xdc, 0xf6, 0x54, 0x7f, 0xb1, 0xe6, 0xcc, + 0xfa, 0x51, 0xf3, 0x22, 0x66, 0xa6, 0xef, 0x4c, 0xc0, 0xb1, 0xf4, 0x63, 0x4e, 0xd2, 0xe7, 0xfd, + 0x50, 0x7f, 0xb1, 0xe6, 0x8c, 0x76, 0x60, 0xb0, 0xe5, 0xb7, 0x1b, 0x5e, 0x30, 0x31, 0xcc, 0xfa, + 0x70, 0x23, 0xe7, 0x3e, 0xac, 0x30, 0xe2, 0xdc, 0xb9, 0xc2, 0x7f, 0x63, 0xc1, 0x10, 0x3d, 0x0b, + 0x25, 0x77, 0xc3, 0x89, 0x92, 0x89, 0x11, 0x36, 0x69, 0x94, 0x0d, 0x3c, 0x4b, 0x1b, 0x31, 0x87, + 0xa1, 0x67, 0xa0, 0x18, 0x91, 0x3a, 0x0b, 0x8a, 0x32, 0x8e, 0xcb, 0x31, 0xa9, 0x63, 0xda, 0x6e, + 0xff, 0x9d, 0x42, 0x5a, 0xb9, 0x48, 0xbf, 0x37, 0x9f, 0xed, 0x6e, 0x3b, 0x8a, 0xa5, 0x9d, 0x6c, + 0xcc, 0x76, 0xd6, 0x8c, 0x25, 0x1c, 0x7d, 0xd1, 0x82, 0xa1, 0xdb, 0x71, 0x18, 0x04, 0x24, 0x11, + 0x82, 0xfc, 0x66, 0xce, 0x43, 0x71, 0x95, 0x53, 0xd7, 0x7d, 0x10, 0x0d, 0x58, 0xf2, 0xa5, 0xdd, + 0x25, 0xdb, 0xae, 0xdf, 0xae, 0x75, 0x9c, 0x92, 0x5e, 0xe2, 0xcd, 0x58, 0xc2, 0x29, 0xaa, 0x17, + 0x70, 0xd4, 0x81, 0x34, 0xea, 0x42, 0x20, 0x50, 0x05, 0xdc, 0xfe, 0xed, 0x12, 0x9c, 0xe9, 0xba, + 0x38, 0xe8, 0xb6, 0xcf, 0x36, 0xd6, 0xcb, 0x9e, 0x4f, 0xe4, 0xd9, 0x3f, 0xdb, 0xf6, 0x6f, 0xaa, + 0x56, 0x6c, 0x60, 0xa0, 0x9f, 0x03, 0x68, 0x39, 0x91, 0xd3, 0x24, 0x62, 0xbb, 0x2b, 0x1e, 0x7d, + 0x77, 0xa5, 0xfd, 0x58, 0x91, 0x34, 0xb5, 0xb5, 0xa5, 0x9a, 0x62, 0x6c, 0xb0, 0x44, 0x1f, 0x87, + 0xe1, 0x88, 0xf8, 0xc4, 0x89, 0x59, 0x4c, 0x5d, 0x36, 0x40, 0x18, 0x6b, 0x10, 0x36, 0xf1, 0xd0, + 0x73, 0x2a, 0x4c, 0x22, 0x73, 0xa4, 0x9c, 0x0e, 0x95, 0x40, 0xef, 0x58, 0x30, 0x56, 0xf7, 0x7c, + 0xa2, 0xb9, 0x8b, 0x70, 0xde, 0xe5, 0xa3, 0xbf, 0xe4, 0x65, 0x93, 0xae, 0x96, 0x90, 0xa9, 0xe6, + 0x18, 0x67, 0xd8, 0xd3, 0xcf, 0xbc, 0x45, 0x22, 0x26, 0x5a, 0x07, 0xd3, 0x9f, 0xf9, 0x26, 0x6f, + 0xc6, 0x12, 0x8e, 0x66, 0xe0, 0x44, 0xcb, 0x89, 0xe3, 0xd9, 0x88, 0xd4, 0x48, 0x90, 0x78, 0x8e, + 0xcf, 0x83, 0x6d, 0xcb, 0x3a, 0xd8, 0x6e, 0x25, 0x0d, 0xc6, 0x59, 0x7c, 0xf4, 0x69, 0x78, 0xc2, + 0x6b, 0x04, 0x61, 0x44, 0x96, 0xbc, 0x38, 0xf6, 0x82, 0x86, 0x9e, 0x06, 0x4c, 0x52, 0x96, 0xab, + 0x93, 0x82, 0xd4, 0x13, 0x0b, 0xdd, 0xd1, 0x70, 0xaf, 0xe7, 0xd1, 0x0b, 0x50, 0x8e, 0x37, 0xbd, + 0xd6, 0x6c, 0x54, 0x8b, 0x99, 0xa3, 0xb3, 0xac, 0xbd, 0x33, 0xab, 0xa2, 0x1d, 0x2b, 0x0c, 0xfb, + 0x57, 0x0a, 0x69, 0xf3, 0xce, 0x5c, 0x3f, 0x28, 0xa6, 0xab, 0x24, 0xb9, 0xe9, 0x44, 0xd2, 0xf4, + 0x3f, 0x62, 0xb8, 0xae, 0xa0, 0x7b, 0xd3, 0x89, 0xcc, 0xf5, 0xc6, 0x18, 0x60, 0xc9, 0x09, 0xdd, + 0x86, 0x81, 0xc4, 0x77, 0x72, 0x8a, 0xef, 0x37, 0x38, 0x6a, 0x6b, 0x7b, 0x71, 0x26, 0xc6, 0x8c, + 0x07, 0x7a, 0x9a, 0xaa, 0xaf, 0xeb, 0x32, 0xa6, 0x47, 0x68, 0x9c, 0xeb, 0x31, 0x66, 0xad, 0xf6, + 0xff, 0x2b, 0x77, 0x11, 0x79, 0x6a, 0x8f, 0x41, 0x17, 0x00, 0xa8, 0x25, 0xb4, 0x12, 0x91, 0xba, + 0xb7, 0x2d, 0xf6, 0x78, 0xb5, 0xac, 0xae, 0x2b, 0x08, 0x36, 0xb0, 0xe4, 0x33, 0xab, 0xed, 0x3a, + 0x7d, 0xa6, 0xd0, 0xf9, 0x0c, 0x87, 0x60, 0x03, 0x0b, 0xbd, 0x0c, 0x83, 0x5e, 0xd3, 0x69, 0xa8, + 0xd0, 0xa3, 0xa7, 0xe9, 0x7a, 0x5a, 0x60, 0x2d, 0xf7, 0x76, 0x27, 0xc7, 0x54, 0x87, 0x58, 0x13, + 0x16, 0xb8, 0xe8, 0x37, 0x2c, 0x18, 0x71, 0xc3, 0x66, 0x33, 0x0c, 0xb8, 0xfd, 0x20, 0x8c, 0xa1, + 0xdb, 0xc7, 0xb5, 0x03, 0x4f, 0xcd, 0x1a, 0xcc, 0xb8, 0x35, 0xa4, 0x12, 0x11, 0x4c, 0x10, 0x4e, + 0xf5, 0xca, 0x5c, 0x76, 0xa5, 0x7d, 0x96, 0xdd, 0xef, 0x58, 0x30, 0xce, 0x9f, 0x35, 0xcc, 0x1a, + 0x11, 0x73, 0x1f, 0x1e, 0xf3, 0x6b, 0x75, 0x58, 0x7a, 0xca, 0x25, 0xd4, 0x01, 0xc7, 0x9d, 0x9d, + 0x44, 0xf3, 0x30, 0x5e, 0x0f, 0x23, 0x97, 0x98, 0x03, 0x21, 0x64, 0x86, 0x22, 0x74, 0x39, 0x8b, + 0x80, 0x3b, 0x9f, 0x41, 0x37, 0xe1, 0x71, 0xa3, 0xd1, 0x1c, 0x07, 0x2e, 0x36, 0xce, 0x09, 0x6a, + 0x8f, 0x5f, 0xee, 0x8a, 0x85, 0x7b, 0x3c, 0x9d, 0xb6, 0xfc, 0x2b, 0x7d, 0x58, 0xfe, 0x6f, 0xc1, + 0x93, 0x6e, 0xe7, 0xc8, 0x6c, 0xc5, 0xed, 0xf5, 0x38, 0x61, 0x4a, 0x56, 0xb9, 0xfa, 0x17, 0x04, + 0x81, 0x27, 0x67, 0x7b, 0x21, 0xe2, 0xde, 0x34, 0xd0, 0xe7, 0xa0, 0x1c, 0x11, 0xf6, 0x55, 0x62, + 0x11, 0x80, 0x7e, 0x44, 0x73, 0x4f, 0x2b, 0x87, 0x9c, 0xac, 0x16, 0x8b, 0xa2, 0x21, 0xc6, 0x8a, + 0xe3, 0xd9, 0x4f, 0xc2, 0x78, 0xc7, 0x7c, 0x3e, 0x90, 0xf1, 0x3d, 0x07, 0x8f, 0x77, 0x9f, 0x39, + 0x07, 0x32, 0xc1, 0xff, 0x51, 0x26, 0xae, 0xca, 0x50, 0xf4, 0xfa, 0x70, 0xe7, 0x38, 0x50, 0x24, + 0xc1, 0x96, 0x10, 0xa4, 0x97, 0x8f, 0x36, 0x7a, 0x97, 0x82, 0x2d, 0x3e, 0xf1, 0x99, 0xcd, 0x7a, + 0x29, 0xd8, 0xc2, 0x94, 0x36, 0x7a, 0xd7, 0x4a, 0x29, 0x2a, 0xdc, 0x09, 0xf4, 0x99, 0x63, 0xd1, + 0x6c, 0xfb, 0xd6, 0x5d, 0xec, 0x7f, 0x5b, 0x80, 0xf3, 0xfb, 0x11, 0xe9, 0x63, 0xf8, 0x9e, 0x85, + 0xc1, 0x98, 0x1d, 0x6c, 0x09, 0xc9, 0x34, 0x4c, 0xa5, 0x12, 0x3f, 0xea, 0x7a, 0x0b, 0x0b, 0x10, + 0xf2, 0xa1, 0xd8, 0x74, 0x5a, 0xc2, 0x37, 0xb0, 0x70, 0xd4, 0x28, 0x6a, 0xfa, 0xdf, 0xf1, 0x97, + 0x9c, 0x16, 0xb7, 0x38, 0x8d, 0x06, 0x4c, 0xd9, 0xa0, 0x04, 0x4a, 0x4e, 0x14, 0x39, 0xf2, 0x14, + 0xe5, 0x5a, 0x3e, 0xfc, 0x66, 0x28, 0xc9, 0xea, 0xf8, 0xde, 0xee, 0xe4, 0x68, 0xaa, 0x09, 0x73, + 0x66, 0xf6, 0xd7, 0x86, 0x52, 0x91, 0xc4, 0xec, 0x68, 0x2c, 0x86, 0x41, 0xe1, 0x12, 0xb0, 0xf2, + 0x0e, 0x5e, 0xe7, 0xa9, 0x20, 0xcc, 0x8e, 0x11, 0x09, 0x75, 0x82, 0x15, 0xfa, 0xaa, 0xc5, 0xd2, + 0xd6, 0x64, 0x74, 0xb5, 0xb0, 0x1e, 0x8e, 0x27, 0x8b, 0xce, 0x4c, 0x86, 0x93, 0x8d, 0xd8, 0xe4, + 0x4e, 0xb7, 0xae, 0x16, 0x4f, 0xc0, 0xc8, 0xda, 0x10, 0x32, 0xb1, 0x4d, 0xc2, 0xd1, 0x76, 0x97, + 0x23, 0xb0, 0x1c, 0x52, 0x9f, 0xfa, 0x38, 0xf4, 0xfa, 0xb6, 0x05, 0xe3, 0x5c, 0x53, 0x9c, 0xf3, + 0xea, 0x75, 0x12, 0x91, 0xc0, 0x25, 0x52, 0xd7, 0x3e, 0xe2, 0x21, 0xab, 0xf4, 0xc3, 0x2c, 0x64, + 0xc9, 0xeb, 0x3d, 0xad, 0x03, 0x84, 0x3b, 0x3b, 0x83, 0x6a, 0x30, 0xe0, 0x05, 0xf5, 0x50, 0xec, + 0xe4, 0xd5, 0xa3, 0x75, 0x6a, 0x21, 0xa8, 0x87, 0x7a, 0x35, 0xd3, 0x7f, 0x98, 0x51, 0x47, 0x8b, + 0x70, 0x3a, 0x12, 0xde, 0x90, 0x2b, 0x5e, 0x4c, 0x6d, 0xd6, 0x45, 0xaf, 0xe9, 0x25, 0x6c, 0x17, + 0x2e, 0x56, 0x27, 0xf6, 0x76, 0x27, 0x4f, 0xe3, 0x2e, 0x70, 0xdc, 0xf5, 0x29, 0xf4, 0x36, 0x0c, + 0xc9, 0x3c, 0xbb, 0x72, 0x1e, 0x76, 0x4b, 0xe7, 0xfc, 0x57, 0x93, 0x69, 0x55, 0xa4, 0xd4, 0x49, + 0x86, 0xf6, 0xbf, 0x04, 0xe8, 0x3c, 0x88, 0x42, 0x3f, 0x0b, 0x95, 0x48, 0xe5, 0xfe, 0x59, 0x79, + 0x84, 0x50, 0xc9, 0xef, 0x2b, 0x0e, 0xc1, 0x94, 0x3e, 0xa0, 0xb3, 0xfc, 0x34, 0x47, 0xaa, 0xb5, + 0xc7, 0xfa, 0xbc, 0x2a, 0x87, 0xb9, 0x2d, 0xb8, 0xea, 0x73, 0x8e, 0x9d, 0xc0, 0xc5, 0x8c, 0x07, + 0x8a, 0x60, 0x70, 0x83, 0x38, 0x7e, 0xb2, 0x91, 0x8f, 0x4b, 0xf6, 0x0a, 0xa3, 0x95, 0x8d, 0x12, + 0xe7, 0xad, 0x58, 0x70, 0x42, 0xdb, 0x30, 0xb4, 0xc1, 0x27, 0x80, 0x50, 0xa4, 0x97, 0x8e, 0x3a, + 0xb8, 0xa9, 0x59, 0xa5, 0x3f, 0xb7, 0x68, 0xc0, 0x92, 0x1d, 0x3b, 0x3f, 0x37, 0xce, 0x60, 0xf9, + 0xd2, 0xcd, 0x2f, 0x40, 0xbe, 0xff, 0x03, 0xd8, 0xcf, 0xc2, 0x48, 0x44, 0xdc, 0x30, 0x70, 0x3d, + 0x9f, 0xd4, 0x66, 0xa4, 0xbb, 0xf5, 0x20, 0x61, 0xd5, 0x27, 0xa9, 0x31, 0x80, 0x0d, 0x1a, 0x38, + 0x45, 0x11, 0x7d, 0xc5, 0x82, 0x31, 0x95, 0x30, 0x44, 0x3f, 0x08, 0x11, 0x0e, 0xcb, 0xc5, 0x9c, + 0xd2, 0x93, 0x18, 0xcd, 0x2a, 0xda, 0xdb, 0x9d, 0x1c, 0x4b, 0xb7, 0xe1, 0x0c, 0x5f, 0xf4, 0x3a, + 0x40, 0xb8, 0xce, 0x0f, 0xc9, 0x67, 0x12, 0xe1, 0xbd, 0x3c, 0xc8, 0xab, 0x8e, 0xf1, 0xfc, 0x0a, + 0x49, 0x01, 0x1b, 0xd4, 0xd0, 0x35, 0x00, 0xbe, 0x6c, 0xd6, 0x76, 0x5a, 0x52, 0xdb, 0x96, 0x71, + 0xf1, 0xb0, 0xaa, 0x20, 0xf7, 0x76, 0x27, 0x3b, 0xbd, 0x49, 0xec, 0xa8, 0xd8, 0x78, 0x1c, 0xfd, + 0x0c, 0x0c, 0xc5, 0xed, 0x66, 0xd3, 0x51, 0xbe, 0xcd, 0x1c, 0x33, 0x36, 0x38, 0x5d, 0x43, 0x14, + 0xf1, 0x06, 0x2c, 0x39, 0xa2, 0xdb, 0x54, 0xa8, 0xc6, 0xc2, 0xcd, 0xc5, 0x56, 0x11, 0xd7, 0x09, + 0x86, 0xd9, 0x3b, 0x7d, 0x42, 0x3c, 0x77, 0x1a, 0x77, 0xc1, 0xb9, 0xb7, 0x3b, 0xf9, 0x78, 0xba, + 0x7d, 0x31, 0x14, 0x39, 0x14, 0x5d, 0x69, 0xa2, 0xab, 0x32, 0xed, 0x9e, 0xbe, 0xb6, 0xcc, 0x06, + 0x7d, 0x5e, 0xa7, 0xdd, 0xb3, 0xe6, 0xde, 0x63, 0x66, 0x3e, 0x6c, 0x07, 0xe9, 0x70, 0x1f, 0xf1, + 0x36, 0x2f, 0xc3, 0x08, 0xd9, 0x4e, 0x48, 0x14, 0x38, 0xfe, 0x0d, 0xbc, 0x28, 0xdd, 0x74, 0x6c, + 0xd2, 0x5e, 0x32, 0xda, 0x71, 0x0a, 0x0b, 0xd9, 0xca, 0x3c, 0x2f, 0xe8, 0xcc, 0x20, 0x6e, 0x9e, + 0x4b, 0x63, 0xdc, 0xfe, 0xbf, 0x85, 0x94, 0x06, 0xb5, 0x16, 0x11, 0x82, 0x42, 0x28, 0x05, 0x61, + 0x4d, 0x09, 0xeb, 0xab, 0xf9, 0x08, 0xeb, 0xeb, 0x61, 0xcd, 0x48, 0xa6, 0xa7, 0xff, 0x62, 0xcc, + 0xf9, 0xb0, 0x6c, 0x63, 0x99, 0x96, 0xcd, 0x00, 0xc2, 0x32, 0xc8, 0x93, 0xb3, 0xca, 0x36, 0x5e, + 0x36, 0x19, 0xe1, 0x34, 0x5f, 0xb4, 0x09, 0xa5, 0x8d, 0x30, 0x4e, 0xa4, 0xbd, 0x70, 0x44, 0xd3, + 0xe4, 0x4a, 0x18, 0x27, 0x6c, 0xdb, 0x57, 0xaf, 0x4d, 0x5b, 0x62, 0xcc, 0x79, 0xd8, 0xff, 0xd5, + 0x4a, 0x39, 0x65, 0x6f, 0xb1, 0xd0, 0xb7, 0x2d, 0x12, 0xd0, 0x75, 0x68, 0x46, 0x63, 0xfc, 0xa5, + 0x4c, 0x66, 0xca, 0x8f, 0xf6, 0x2a, 0x6d, 0x72, 0x97, 0x52, 0x98, 0x62, 0x24, 0x8c, 0xc0, 0x8d, + 0x2f, 0x58, 0xe9, 0x1c, 0xa1, 0x42, 0x1e, 0x16, 0x81, 0x99, 0x03, 0xb7, 0x6f, 0xba, 0x91, 0xfd, + 0xae, 0x05, 0x43, 0x55, 0xc7, 0xdd, 0x0c, 0xeb, 0x75, 0xf4, 0x02, 0x94, 0x6b, 0xed, 0xc8, 0x4c, + 0x57, 0x52, 0xe6, 0xee, 0x9c, 0x68, 0xc7, 0x0a, 0x83, 0xce, 0xe1, 0xba, 0xe3, 0xca, 0x4c, 0xb8, + 0x22, 0x9f, 0xc3, 0x97, 0x59, 0x0b, 0x16, 0x10, 0xf4, 0x71, 0x18, 0x6e, 0x3a, 0xdb, 0xf2, 0xe1, + 0xac, 0x47, 0x78, 0x49, 0x83, 0xb0, 0x89, 0x67, 0xff, 0x2b, 0x0b, 0x26, 0xaa, 0x4e, 0xec, 0xb9, + 0x33, 0xed, 0x64, 0xa3, 0xea, 0x25, 0xeb, 0x6d, 0x77, 0x93, 0x24, 0x3c, 0xfd, 0x91, 0xf6, 0xb2, + 0x1d, 0xd3, 0xa5, 0xa4, 0x0c, 0x31, 0xd5, 0xcb, 0x1b, 0xa2, 0x1d, 0x2b, 0x0c, 0xf4, 0x36, 0x0c, + 0xb7, 0x9c, 0x38, 0xbe, 0x1b, 0x46, 0x35, 0x4c, 0xea, 0xf9, 0x24, 0x1f, 0xaf, 0x12, 0x37, 0x22, + 0x09, 0x26, 0x75, 0x71, 0xc6, 0xa7, 0xe9, 0x63, 0x93, 0x99, 0xfd, 0xbb, 0x15, 0x18, 0x12, 0x07, + 0x94, 0x7d, 0x27, 0x75, 0x4a, 0x13, 0xb3, 0xd0, 0xd3, 0xc4, 0x8c, 0x61, 0xd0, 0x65, 0x25, 0x70, + 0x84, 0x26, 0x73, 0x2d, 0x97, 0x13, 0x6d, 0x5e, 0x55, 0x47, 0x77, 0x8b, 0xff, 0xc7, 0x82, 0x15, + 0xfa, 0xa6, 0x05, 0x27, 0xdc, 0x30, 0x08, 0x88, 0xab, 0xb7, 0xd9, 0x81, 0x3c, 0x62, 0x54, 0x66, + 0xd3, 0x44, 0xb5, 0x3b, 0x3c, 0x03, 0xc0, 0x59, 0xf6, 0xe8, 0x15, 0x18, 0xe5, 0x63, 0x76, 0x33, + 0xe5, 0x0b, 0xd4, 0xb5, 0x0b, 0x4c, 0x20, 0x4e, 0xe3, 0xa2, 0x29, 0xee, 0x53, 0x15, 0x55, 0x02, + 0x06, 0xf5, 0xd9, 0x8a, 0x51, 0x1f, 0xc0, 0xc0, 0x40, 0x11, 0xa0, 0x88, 0xd4, 0x23, 0x12, 0x6f, + 0x88, 0x03, 0x5c, 0xb6, 0xc5, 0x0f, 0x1d, 0x2e, 0x49, 0x0c, 0x77, 0x50, 0xc2, 0x5d, 0xa8, 0xa3, + 0x4d, 0x61, 0xe3, 0x94, 0xf3, 0x90, 0x0a, 0xe2, 0x33, 0xf7, 0x34, 0x75, 0x26, 0xa1, 0x14, 0x6f, + 0x38, 0x51, 0x8d, 0xa9, 0x16, 0x45, 0x1e, 0x0b, 0xbd, 0x4a, 0x1b, 0x30, 0x6f, 0x47, 0x73, 0x70, + 0x32, 0x53, 0x79, 0x21, 0x16, 0x3e, 0x3b, 0x15, 0x33, 0x9c, 0xa9, 0xd9, 0x10, 0xe3, 0x8e, 0x27, + 0x4c, 0xfb, 0x77, 0x78, 0x1f, 0xfb, 0x77, 0x47, 0x85, 0x09, 0x8d, 0x30, 0x89, 0xff, 0x5a, 0x2e, + 0x03, 0xd0, 0x57, 0x4c, 0xd0, 0xd7, 0x33, 0x31, 0x41, 0xa3, 0xac, 0x03, 0x37, 0xf3, 0xe9, 0xc0, + 0xc1, 0x03, 0x80, 0x1e, 0x66, 0x40, 0xcf, 0xff, 0xb1, 0x40, 0x7e, 0xd7, 0x59, 0xc7, 0xdd, 0x20, + 0x74, 0xca, 0xa0, 0x57, 0x61, 0x4c, 0x59, 0x71, 0xb3, 0x61, 0x3b, 0xe0, 0xb1, 0x3c, 0x45, 0x7d, + 0x6e, 0x86, 0x53, 0x50, 0x9c, 0xc1, 0x46, 0xd3, 0x50, 0xa1, 0xe3, 0xc4, 0x1f, 0xe5, 0xbb, 0x87, + 0xb2, 0x14, 0x67, 0x56, 0x16, 0xc4, 0x53, 0x1a, 0x07, 0x85, 0x30, 0xee, 0x3b, 0x71, 0xc2, 0x7a, + 0x40, 0x8d, 0xba, 0x43, 0xa6, 0x68, 0xb2, 0xc2, 0x33, 0x8b, 0x59, 0x42, 0xb8, 0x93, 0xb6, 0xfd, + 0xbd, 0x01, 0x18, 0x4d, 0x49, 0xc6, 0x03, 0x6e, 0x3b, 0x2f, 0x40, 0x59, 0xee, 0x04, 0xd9, 0x44, + 0x71, 0xb5, 0x5d, 0x28, 0x0c, 0xba, 0x4d, 0xae, 0x13, 0x27, 0x22, 0x11, 0xab, 0x69, 0x91, 0xdd, + 0x26, 0xab, 0x1a, 0x84, 0x4d, 0x3c, 0x26, 0x94, 0x13, 0x3f, 0x9e, 0xf5, 0x3d, 0x12, 0x24, 0xbc, + 0x9b, 0xf9, 0x08, 0xe5, 0xb5, 0xc5, 0x55, 0x93, 0xa8, 0x16, 0xca, 0x19, 0x00, 0xce, 0xb2, 0x47, + 0x5f, 0xb2, 0x60, 0xd4, 0xb9, 0x1b, 0xeb, 0x3a, 0x6d, 0x22, 0xfa, 0xe7, 0x88, 0x9b, 0x54, 0xaa, + 0xf4, 0x1b, 0xf7, 0x3a, 0xa6, 0x9a, 0x70, 0x9a, 0x29, 0xfa, 0x96, 0x05, 0x88, 0x6c, 0x13, 0x57, + 0xc6, 0x27, 0x89, 0xbe, 0x0c, 0xe6, 0x61, 0xec, 0x5c, 0xea, 0xa0, 0xcb, 0xa5, 0x7a, 0x67, 0x3b, + 0xee, 0xd2, 0x07, 0xfb, 0x9f, 0x16, 0xd5, 0x82, 0xd2, 0x21, 0x71, 0x8e, 0x91, 0x68, 0x62, 0x1d, + 0x3e, 0xd1, 0x44, 0x1f, 0xda, 0x76, 0x24, 0x9b, 0xa4, 0xe3, 0xfa, 0x0b, 0x0f, 0x29, 0xae, 0xff, + 0xe7, 0xad, 0x54, 0x49, 0x84, 0xe1, 0x0b, 0xaf, 0xe7, 0x1b, 0x8e, 0x37, 0xc5, 0x43, 0x06, 0x32, + 0xd2, 0x3d, 0x1d, 0x47, 0x40, 0xa5, 0xa9, 0x81, 0x76, 0x20, 0x69, 0xf8, 0x1f, 0x8b, 0x30, 0x6c, + 0xec, 0xa4, 0x5d, 0xd5, 0x22, 0xeb, 0x11, 0x53, 0x8b, 0x0a, 0x07, 0x50, 0x8b, 0x7e, 0x0e, 0x2a, + 0xae, 0x94, 0xf2, 0xf9, 0x14, 0x05, 0xcc, 0xee, 0x1d, 0x5a, 0xd0, 0xab, 0x26, 0xac, 0x79, 0xa2, + 0xf9, 0x54, 0xbc, 0xbe, 0xd8, 0x21, 0x06, 0xd8, 0x0e, 0xd1, 0x2d, 0xa0, 0x5e, 0xec, 0x14, 0x9d, + 0xcf, 0xb0, 0xca, 0x19, 0x2d, 0x4f, 0xbc, 0x97, 0x0c, 0x9a, 0xe5, 0x95, 0x33, 0x56, 0x16, 0x64, + 0x33, 0x36, 0x71, 0xec, 0xef, 0x59, 0xea, 0xe3, 0x3e, 0x80, 0xd4, 0xd5, 0xdb, 0xe9, 0xd4, 0xd5, + 0x4b, 0xb9, 0x0c, 0x73, 0x8f, 0x9c, 0xd5, 0xeb, 0x30, 0x34, 0x1b, 0x36, 0x9b, 0x4e, 0x50, 0x43, + 0x3f, 0x02, 0x43, 0x2e, 0xff, 0x29, 0x5c, 0x15, 0xec, 0x84, 0x4a, 0x40, 0xb1, 0x84, 0xa1, 0xa7, + 0x61, 0xc0, 0x89, 0x1a, 0xd2, 0x3d, 0xc1, 0x82, 0x1c, 0x66, 0xa2, 0x46, 0x8c, 0x59, 0xab, 0xfd, + 0x4e, 0x11, 0x60, 0x36, 0x6c, 0xb6, 0x9c, 0x88, 0xd4, 0xd6, 0x42, 0x56, 0x94, 0xe8, 0x58, 0xcf, + 0x75, 0xb4, 0xb1, 0xf4, 0x28, 0x9f, 0xed, 0x18, 0xfe, 0xfd, 0xe2, 0x83, 0xf6, 0xef, 0x7f, 0xcd, + 0x02, 0x44, 0xbf, 0x48, 0x18, 0x90, 0x20, 0xd1, 0x07, 0x96, 0xd3, 0x50, 0x71, 0x65, 0xab, 0xd0, + 0x5a, 0xf4, 0xfa, 0x93, 0x00, 0xac, 0x71, 0xfa, 0x30, 0x3f, 0x9f, 0x95, 0xc2, 0xb1, 0x98, 0x8e, + 0x0b, 0x64, 0x22, 0x55, 0xc8, 0x4a, 0xfb, 0xf7, 0x0a, 0xf0, 0x38, 0xdf, 0xef, 0x96, 0x9c, 0xc0, + 0x69, 0x90, 0x26, 0xed, 0x55, 0xbf, 0x47, 0xd0, 0x2e, 0xb5, 0x7b, 0x3c, 0x19, 0xe7, 0x77, 0xd4, + 0x85, 0xc1, 0x27, 0x34, 0x9f, 0xc2, 0x0b, 0x81, 0x97, 0x60, 0x46, 0x1c, 0xc5, 0x50, 0x96, 0x25, + 0x66, 0x85, 0xa0, 0xcb, 0x89, 0x91, 0x5a, 0xf3, 0x62, 0x53, 0x22, 0x58, 0x31, 0xa2, 0x5a, 0xa1, + 0x1f, 0xba, 0x9b, 0x98, 0xb4, 0x42, 0x26, 0xd4, 0x8c, 0x30, 0xab, 0x45, 0xd1, 0x8e, 0x15, 0x86, + 0xfd, 0x7b, 0x16, 0x64, 0xc5, 0xbd, 0x51, 0x7e, 0xc5, 0xba, 0x6f, 0xf9, 0x95, 0x03, 0xd4, 0x3f, + 0xf9, 0x69, 0x18, 0x76, 0x12, 0xba, 0x43, 0x73, 0x9b, 0xb6, 0x78, 0x38, 0xb7, 0xf5, 0x52, 0x58, + 0xf3, 0xea, 0x1e, 0xb3, 0x65, 0x4d, 0x72, 0xf6, 0xff, 0x1a, 0x80, 0xf1, 0x8e, 0xd8, 0x6d, 0x74, + 0x11, 0x46, 0x5c, 0x31, 0x3d, 0x5a, 0x98, 0xd4, 0xc5, 0xcb, 0x18, 0xb1, 0x3f, 0x1a, 0x86, 0x53, + 0x98, 0x7d, 0x4c, 0xd0, 0x05, 0x38, 0x15, 0x51, 0x2b, 0xba, 0x4d, 0x66, 0xea, 0x09, 0x89, 0x56, + 0x89, 0x1b, 0x06, 0x35, 0x5e, 0x24, 0xa8, 0x58, 0x7d, 0x62, 0x6f, 0x77, 0xf2, 0x14, 0xee, 0x04, + 0xe3, 0x6e, 0xcf, 0xa0, 0x16, 0x8c, 0xfa, 0xa6, 0x82, 0x25, 0xb4, 0xeb, 0x43, 0xe9, 0x66, 0x6a, + 0x03, 0x4e, 0x35, 0xe3, 0x34, 0x83, 0xb4, 0x96, 0x56, 0x7a, 0x48, 0x5a, 0xda, 0x2f, 0x68, 0x2d, + 0x8d, 0x9f, 0xaf, 0xbe, 0x91, 0x73, 0xec, 0xfe, 0x71, 0xab, 0x69, 0xaf, 0x41, 0x59, 0xc6, 0x9e, + 0xf4, 0x15, 0xb3, 0x61, 0xd2, 0xe9, 0x21, 0xd1, 0xee, 0x15, 0xa0, 0x8b, 0x86, 0x4f, 0xd7, 0x99, + 0xde, 0x4e, 0x53, 0xeb, 0xec, 0x60, 0x5b, 0x2a, 0xda, 0xe6, 0x71, 0x37, 0x7c, 0xe3, 0xf8, 0x74, + 0xde, 0x16, 0x8a, 0x0e, 0xc5, 0x51, 0x41, 0xda, 0x2a, 0x1c, 0xe7, 0x02, 0x80, 0xd6, 0x82, 0x44, + 0x08, 0xae, 0x3a, 0xd6, 0xd3, 0xca, 0x12, 0x36, 0xb0, 0xa8, 0xc1, 0xea, 0x05, 0x71, 0xe2, 0xf8, + 0xfe, 0x15, 0x2f, 0x48, 0x84, 0xe7, 0x4d, 0xed, 0x90, 0x0b, 0x1a, 0x84, 0x4d, 0xbc, 0xb3, 0x9f, + 0x30, 0xbe, 0xcb, 0x41, 0xbe, 0xe7, 0x06, 0x3c, 0x39, 0xef, 0x25, 0x2a, 0x70, 0x5c, 0xcd, 0x23, + 0xaa, 0xe4, 0xa8, 0x44, 0x08, 0xab, 0x67, 0x22, 0x84, 0x11, 0xb8, 0x5d, 0x48, 0xc7, 0x99, 0x67, + 0x03, 0xb7, 0xed, 0x8b, 0x70, 0x7a, 0xde, 0x4b, 0x2e, 0x7b, 0x3e, 0x39, 0x20, 0x13, 0xfb, 0x4b, + 0x25, 0x18, 0x31, 0x13, 0x75, 0x0e, 0x92, 0xcb, 0xf1, 0x0d, 0xaa, 0xc7, 0x88, 0xb7, 0xf3, 0xd4, + 0x19, 0xcb, 0xad, 0x23, 0x67, 0x0d, 0x75, 0x1f, 0x31, 0x43, 0x95, 0xd1, 0x3c, 0xb1, 0xd9, 0x01, + 0x74, 0x17, 0x4a, 0x75, 0x16, 0x58, 0x5c, 0xcc, 0xe3, 0xe4, 0xb8, 0xdb, 0x88, 0xea, 0x65, 0xc6, + 0x43, 0x93, 0x39, 0x3f, 0xba, 0x43, 0x46, 0xe9, 0x6c, 0x15, 0x23, 0xe2, 0x4e, 0xe4, 0xa9, 0x28, + 0x8c, 0x5e, 0xa2, 0xbe, 0x74, 0x08, 0x51, 0x9f, 0x12, 0xbc, 0x83, 0x0f, 0x49, 0xf0, 0xb2, 0x20, + 0xf1, 0x64, 0x83, 0xe9, 0x6f, 0x22, 0x44, 0x78, 0x88, 0x0d, 0x82, 0x11, 0x24, 0x9e, 0x02, 0xe3, + 0x2c, 0xbe, 0xfd, 0xb5, 0x02, 0x8c, 0xcd, 0x07, 0xed, 0x95, 0xf9, 0x95, 0xf6, 0xba, 0xef, 0xb9, + 0xd7, 0xc8, 0x0e, 0x95, 0x6f, 0x9b, 0x64, 0x67, 0x61, 0x4e, 0x4c, 0x43, 0x35, 0xf0, 0xd7, 0x68, + 0x23, 0xe6, 0x30, 0xba, 0xa2, 0xeb, 0x5e, 0xd0, 0x20, 0x51, 0x2b, 0xf2, 0x84, 0x53, 0xce, 0x58, + 0xd1, 0x97, 0x35, 0x08, 0x9b, 0x78, 0x94, 0x76, 0x78, 0x37, 0x20, 0x51, 0x56, 0x1b, 0x5c, 0xa6, + 0x8d, 0x98, 0xc3, 0x28, 0x52, 0x12, 0xb5, 0xe3, 0x44, 0x7c, 0x51, 0x85, 0xb4, 0x46, 0x1b, 0x31, + 0x87, 0xd1, 0xe5, 0x12, 0xb7, 0xd7, 0xd9, 0xe9, 0x76, 0x26, 0xa8, 0x77, 0x95, 0x37, 0x63, 0x09, + 0xa7, 0xa8, 0x9b, 0x64, 0x67, 0x8e, 0xda, 0x65, 0x99, 0xb0, 0xfb, 0x6b, 0xbc, 0x19, 0x4b, 0x38, + 0xab, 0x4a, 0x94, 0x1e, 0x8e, 0x1f, 0xb8, 0xaa, 0x44, 0xe9, 0xee, 0xf7, 0xb0, 0xf0, 0x7e, 0xcd, + 0x82, 0x11, 0x33, 0x26, 0x05, 0x35, 0x32, 0x8a, 0xe2, 0x72, 0x47, 0x85, 0xb9, 0x9f, 0xec, 0x76, + 0x9d, 0x46, 0xc3, 0x4b, 0xc2, 0x56, 0xfc, 0x22, 0x09, 0x1a, 0x5e, 0x40, 0xd8, 0xc9, 0x25, 0x8f, + 0x65, 0x49, 0x05, 0xbc, 0xcc, 0x86, 0x35, 0x72, 0x08, 0x4d, 0xd3, 0xbe, 0x05, 0xe3, 0x1d, 0xb9, + 0x16, 0x7d, 0xec, 0xcf, 0xfb, 0x66, 0xba, 0xd9, 0x18, 0x86, 0x29, 0x61, 0x1e, 0x88, 0x18, 0xa3, + 0x59, 0x18, 0xe7, 0x3a, 0x04, 0xe5, 0xb4, 0xea, 0x6e, 0x90, 0xa6, 0xca, 0x9f, 0x61, 0x1e, 0xe0, + 0x9b, 0x59, 0x20, 0xee, 0xc4, 0xb7, 0xbf, 0x6e, 0xc1, 0x68, 0x2a, 0xfd, 0x25, 0x27, 0x4d, 0x82, + 0xad, 0xb4, 0x90, 0x85, 0x48, 0xb1, 0x38, 0xd1, 0x22, 0xdb, 0x91, 0xf4, 0x4a, 0xd3, 0x20, 0x6c, + 0xe2, 0xd9, 0xef, 0x16, 0xa0, 0x2c, 0x4f, 0xad, 0xfb, 0xe8, 0xca, 0x57, 0x2d, 0x18, 0x55, 0x5e, + 0x77, 0xe6, 0xce, 0x29, 0xe4, 0x11, 0x10, 0x4d, 0x7b, 0xa0, 0x62, 0xf8, 0x82, 0x7a, 0xa8, 0xd5, + 0x5a, 0x6c, 0x32, 0xc3, 0x69, 0xde, 0xe8, 0x26, 0x40, 0xbc, 0x13, 0x27, 0xa4, 0x69, 0x38, 0x96, + 0x6c, 0x63, 0xc5, 0x4d, 0xb9, 0x61, 0x44, 0xe8, 0xfa, 0xba, 0x1e, 0xd6, 0xc8, 0xaa, 0xc2, 0xd4, + 0x7a, 0x88, 0x6e, 0xc3, 0x06, 0x25, 0xfb, 0x1f, 0x14, 0xe0, 0x64, 0xb6, 0x4b, 0xe8, 0x0d, 0x18, + 0x91, 0xdc, 0x8d, 0xab, 0x41, 0xe4, 0x51, 0xfd, 0x08, 0x36, 0x60, 0xf7, 0x76, 0x27, 0x27, 0x3b, + 0xaf, 0x66, 0x99, 0x32, 0x51, 0x70, 0x8a, 0x18, 0x3f, 0xfa, 0x10, 0x67, 0x74, 0xd5, 0x9d, 0x99, + 0x56, 0x4b, 0x9c, 0x5f, 0x18, 0x47, 0x1f, 0x26, 0x14, 0x67, 0xb0, 0xd1, 0x0a, 0x9c, 0x36, 0x5a, + 0xae, 0x13, 0xaf, 0xb1, 0xb1, 0x1e, 0x46, 0xd2, 0x3c, 0x79, 0x5a, 0x47, 0xbf, 0x74, 0xe2, 0xe0, + 0xae, 0x4f, 0xd2, 0x2d, 0xd3, 0x75, 0x5a, 0x8e, 0xeb, 0x25, 0x3b, 0xc2, 0x53, 0xa6, 0x64, 0xd3, + 0xac, 0x68, 0xc7, 0x0a, 0xc3, 0x5e, 0x82, 0x81, 0x3e, 0x67, 0x50, 0x5f, 0x6a, 0xf1, 0x6b, 0x50, + 0xa6, 0xe4, 0xa4, 0x8e, 0x94, 0x07, 0xc9, 0x10, 0xca, 0xb2, 0xba, 0x37, 0xb2, 0xa1, 0xe8, 0x39, + 0xf2, 0x74, 0x49, 0xbd, 0xd6, 0x42, 0x1c, 0xb7, 0x99, 0xa5, 0x49, 0x81, 0xe8, 0x59, 0x28, 0x92, + 0xed, 0x56, 0xf6, 0x18, 0xe9, 0xd2, 0x76, 0xcb, 0x8b, 0x48, 0x4c, 0x91, 0xc8, 0x76, 0x0b, 0x9d, + 0x85, 0x82, 0x57, 0x13, 0x9b, 0x14, 0x08, 0x9c, 0xc2, 0xc2, 0x1c, 0x2e, 0x78, 0x35, 0x7b, 0x1b, + 0x2a, 0xaa, 0x9c, 0x38, 0xda, 0x94, 0xb2, 0xdb, 0xca, 0x23, 0xcc, 0x44, 0xd2, 0xed, 0x21, 0xb5, + 0xdb, 0x00, 0x3a, 0xd9, 0x28, 0x2f, 0xf9, 0x72, 0x1e, 0x06, 0xdc, 0x50, 0xe4, 0x28, 0x96, 0x35, + 0x19, 0x26, 0xb4, 0x19, 0xc4, 0xbe, 0x05, 0x63, 0xd7, 0x82, 0xf0, 0x2e, 0xab, 0x97, 0xca, 0xaa, + 0xb9, 0x50, 0xc2, 0x75, 0xfa, 0x23, 0xab, 0x22, 0x30, 0x28, 0xe6, 0x30, 0x55, 0x88, 0xa4, 0xd0, + 0xab, 0x10, 0x89, 0xfd, 0x05, 0x0b, 0x4e, 0xaa, 0x94, 0x09, 0x29, 0x8d, 0x2f, 0xc2, 0xc8, 0x7a, + 0xdb, 0xf3, 0x6b, 0xe2, 0x7f, 0xd6, 0xd6, 0xaf, 0x1a, 0x30, 0x9c, 0xc2, 0xa4, 0x96, 0xc9, 0xba, + 0x17, 0x38, 0xd1, 0xce, 0x8a, 0x16, 0xff, 0x4a, 0x22, 0x54, 0x15, 0x04, 0x1b, 0x58, 0xf6, 0x57, + 0xcd, 0x2e, 0x88, 0x24, 0x8d, 0x3e, 0x46, 0xf6, 0x06, 0x94, 0x5c, 0x75, 0x1a, 0x79, 0xa8, 0x3a, + 0x56, 0x2a, 0x3f, 0x96, 0x79, 0xa4, 0x39, 0x35, 0xfb, 0x9f, 0x17, 0x60, 0x34, 0x55, 0xa1, 0x00, + 0xf9, 0x50, 0x26, 0x3e, 0xf3, 0x87, 0xc9, 0x29, 0x76, 0xd4, 0xb2, 0x65, 0x6a, 0x59, 0x5c, 0x12, + 0x74, 0xb1, 0xe2, 0xf0, 0x68, 0x1c, 0xfa, 0x5c, 0x84, 0x11, 0xd9, 0xa1, 0x4f, 0x3b, 0x4d, 0x5f, + 0xac, 0x42, 0x35, 0x01, 0x2e, 0x19, 0x30, 0x9c, 0xc2, 0xb4, 0x7f, 0xbf, 0x08, 0x13, 0xdc, 0x81, + 0x58, 0x53, 0x71, 0x19, 0x4b, 0x52, 0xcb, 0xfa, 0x6b, 0xba, 0x8e, 0x08, 0x1f, 0xc8, 0xf5, 0xa3, + 0x96, 0xec, 0xec, 0xce, 0xa8, 0xaf, 0x88, 0x81, 0x5f, 0xcd, 0x44, 0x0c, 0xf0, 0xcd, 0xb6, 0x71, + 0x4c, 0x3d, 0xfa, 0xc1, 0x0a, 0x21, 0xf8, 0xbb, 0x05, 0x38, 0x91, 0xa9, 0x87, 0x8a, 0xde, 0x49, + 0x57, 0x3c, 0xb3, 0xf2, 0x70, 0x33, 0xdd, 0xb7, 0x2a, 0xe7, 0xc1, 0xea, 0x9e, 0x3d, 0xa4, 0xa5, + 0x62, 0xff, 0x41, 0x01, 0xc6, 0xd2, 0x85, 0x5c, 0x1f, 0xc1, 0x91, 0xfa, 0x28, 0x54, 0x58, 0x79, + 0x44, 0x76, 0xf9, 0x0c, 0xf7, 0x66, 0xf1, 0x2a, 0x7e, 0xb2, 0x11, 0x6b, 0xf8, 0x23, 0x51, 0x4e, + 0xce, 0xfe, 0x7b, 0x16, 0x9c, 0xe1, 0x6f, 0x99, 0x9d, 0x87, 0x7f, 0xbd, 0xdb, 0xe8, 0xbe, 0x99, + 0x6f, 0x07, 0x33, 0xf5, 0x6f, 0xf6, 0x1b, 0x5f, 0x76, 0xe9, 0x85, 0xe8, 0x6d, 0x7a, 0x2a, 0x3c, + 0x82, 0x9d, 0x3d, 0xd0, 0x64, 0xb0, 0xff, 0xa0, 0x08, 0xfa, 0x9e, 0x0f, 0xe4, 0x89, 0xf4, 0x8f, + 0x5c, 0xea, 0x00, 0xad, 0xee, 0x04, 0xae, 0xbe, 0x51, 0xa4, 0x9c, 0xc9, 0xfe, 0xf8, 0x45, 0x0b, + 0x86, 0xbd, 0xc0, 0x4b, 0x3c, 0x87, 0x29, 0xcf, 0xf9, 0xdc, 0x53, 0xa0, 0xd8, 0x2d, 0x70, 0xca, + 0x61, 0x64, 0xba, 0x40, 0x15, 0x33, 0x6c, 0x72, 0x46, 0x9f, 0x15, 0x41, 0x7d, 0xc5, 0xdc, 0x12, + 0x97, 0xca, 0x99, 0x48, 0xbe, 0x16, 0x94, 0x22, 0x92, 0x44, 0x39, 0xe5, 0xfb, 0x61, 0x4a, 0x4a, + 0x95, 0x7d, 0xd3, 0x37, 0xae, 0xd1, 0x66, 0xcc, 0x19, 0xd9, 0x31, 0xa0, 0xce, 0xb1, 0x38, 0x60, + 0xc0, 0xd4, 0x34, 0x54, 0x9c, 0x76, 0x12, 0x36, 0xe9, 0x30, 0x09, 0x2f, 0xad, 0x0e, 0x09, 0x93, + 0x00, 0xac, 0x71, 0xec, 0x77, 0x4a, 0x90, 0xc9, 0xc7, 0x40, 0xdb, 0xe6, 0x1d, 0x35, 0x56, 0xbe, + 0x77, 0xd4, 0xa8, 0xce, 0x74, 0xbb, 0xa7, 0x06, 0x35, 0xa0, 0xd4, 0xda, 0x70, 0x62, 0xa9, 0x1b, + 0xbf, 0x26, 0x87, 0x69, 0x85, 0x36, 0xde, 0xdb, 0x9d, 0xfc, 0xa9, 0xfe, 0x7c, 0x2d, 0x74, 0xae, + 0x4e, 0xf3, 0xf4, 0x66, 0xcd, 0x9a, 0xd1, 0xc0, 0x9c, 0xfe, 0x41, 0x6e, 0x6a, 0xf8, 0xa2, 0xa8, + 0xa1, 0x89, 0x49, 0xdc, 0xf6, 0x13, 0x31, 0x1b, 0x5e, 0xcb, 0x71, 0x95, 0x71, 0xc2, 0x3a, 0x93, + 0x90, 0xff, 0xc7, 0x06, 0x53, 0xf4, 0x06, 0x54, 0xe2, 0xc4, 0x89, 0x92, 0x43, 0xe6, 0xfe, 0xa8, + 0x41, 0x5f, 0x95, 0x44, 0xb0, 0xa6, 0x87, 0x5e, 0x67, 0x65, 0xd1, 0xbc, 0x78, 0xe3, 0x90, 0xb1, + 0xb8, 0xb2, 0x84, 0x9a, 0xa0, 0x80, 0x0d, 0x6a, 0xd4, 0xf4, 0x60, 0x73, 0x9b, 0x07, 0xa0, 0x94, + 0x99, 0x6d, 0xa9, 0x44, 0x21, 0x56, 0x10, 0x6c, 0x60, 0xd9, 0x3f, 0x06, 0xe9, 0x54, 0x58, 0x34, + 0x29, 0x33, 0x6f, 0xb9, 0xef, 0x89, 0xc5, 0xd4, 0xa6, 0x92, 0x64, 0x7f, 0xc7, 0x02, 0x33, 0x5f, + 0x17, 0xdd, 0xe1, 0x89, 0xc1, 0x56, 0x1e, 0x4e, 0x77, 0x83, 0xee, 0xd4, 0x92, 0xd3, 0xca, 0x9c, + 0xfe, 0xc8, 0xec, 0xe0, 0xb3, 0x9f, 0x80, 0xb2, 0x84, 0x1e, 0x48, 0xa9, 0xfb, 0x3c, 0x9c, 0xca, + 0xde, 0xe0, 0x27, 0x7c, 0xcd, 0x8d, 0x28, 0x6c, 0xb7, 0xb2, 0x86, 0x24, 0xbb, 0xe1, 0x0d, 0x73, + 0x18, 0x35, 0xc7, 0x36, 0xbd, 0xa0, 0x96, 0x35, 0x24, 0xaf, 0x79, 0x41, 0x0d, 0x33, 0x48, 0x1f, + 0x37, 0x15, 0xfd, 0x33, 0x0b, 0xce, 0xef, 0x77, 0xd1, 0x20, 0x7a, 0x1a, 0x06, 0xee, 0x3a, 0x91, + 0xac, 0x29, 0xc9, 0x04, 0xe5, 0x2d, 0x27, 0x0a, 0x30, 0x6b, 0x45, 0x3b, 0x30, 0xc8, 0x13, 0x4b, + 0x85, 0xb6, 0xfe, 0x5a, 0xbe, 0xd7, 0x1e, 0x5e, 0x23, 0x86, 0xb9, 0xc0, 0x93, 0x5a, 0xb1, 0x60, + 0x68, 0x7f, 0x60, 0x01, 0x5a, 0xde, 0x22, 0x51, 0xe4, 0xd5, 0x8c, 0x54, 0x58, 0xf4, 0x32, 0x8c, + 0xdc, 0x5e, 0x5d, 0xbe, 0xbe, 0x12, 0x7a, 0x01, 0x4b, 0x8d, 0x37, 0x92, 0x89, 0xae, 0x1a, 0xed, + 0x38, 0x85, 0x85, 0x66, 0x61, 0xfc, 0xf6, 0x1d, 0x6a, 0xfc, 0x9a, 0x85, 0xa2, 0x0b, 0xda, 0xdd, + 0x79, 0xf5, 0xb5, 0x0c, 0x10, 0x77, 0xe2, 0xa3, 0x65, 0x38, 0xd3, 0xe4, 0xe6, 0x06, 0xaf, 0xef, + 0xca, 0x6d, 0x8f, 0x48, 0xd6, 0x0f, 0x79, 0x72, 0x6f, 0x77, 0xf2, 0xcc, 0x52, 0x37, 0x04, 0xdc, + 0xfd, 0x39, 0xfb, 0xbd, 0x02, 0x0c, 0x1b, 0x97, 0x75, 0xf6, 0x61, 0x83, 0x67, 0xee, 0x17, 0x2d, + 0xf4, 0x79, 0xbf, 0xe8, 0xf3, 0x50, 0x6e, 0x85, 0xbe, 0xe7, 0x7a, 0xaa, 0xd8, 0x09, 0xab, 0xc9, + 0xb7, 0x22, 0xda, 0xb0, 0x82, 0xa2, 0xbb, 0x50, 0x51, 0x17, 0xd8, 0x89, 0x8c, 0xcc, 0xbc, 0xfc, + 0x3b, 0x4a, 0x52, 0xe9, 0x8b, 0xe9, 0x34, 0x2f, 0x64, 0xc3, 0x20, 0x9b, 0xf9, 0x32, 0x0e, 0x8d, + 0xa5, 0xca, 0xb0, 0x25, 0x11, 0x63, 0x01, 0xb1, 0xbf, 0x3c, 0x04, 0xa7, 0xbb, 0xd5, 0x91, 0x43, + 0x9f, 0x83, 0x41, 0xde, 0xc7, 0x7c, 0x4a, 0x95, 0x76, 0xe3, 0x31, 0xcf, 0x08, 0x8a, 0x6e, 0xb1, + 0xdf, 0x58, 0xf0, 0x14, 0xdc, 0x7d, 0x67, 0x5d, 0xe8, 0x4c, 0xc7, 0xc3, 0x7d, 0xd1, 0xd1, 0xdc, + 0x17, 0x1d, 0xce, 0xdd, 0x77, 0xd6, 0xd1, 0x36, 0x94, 0x1a, 0x5e, 0x42, 0x1c, 0x61, 0x39, 0xdc, + 0x3a, 0x16, 0xe6, 0xc4, 0xe1, 0xa2, 0x99, 0xfd, 0xc4, 0x9c, 0x21, 0xfa, 0xb6, 0x05, 0x27, 0xd6, + 0xd3, 0x99, 0x47, 0x62, 0x0b, 0x75, 0x8e, 0xa1, 0x56, 0x60, 0x9a, 0x11, 0xaf, 0xc0, 0x9c, 0x69, + 0xc4, 0xd9, 0xee, 0xa0, 0x5f, 0xb0, 0x60, 0xa8, 0xee, 0xf9, 0x46, 0x21, 0xac, 0x63, 0xf8, 0x38, + 0x97, 0x19, 0x03, 0xad, 0x66, 0xf0, 0xff, 0x31, 0x96, 0x9c, 0x7b, 0x9d, 0xc1, 0x0e, 0x1e, 0xf5, + 0x0c, 0x76, 0xe8, 0x21, 0xd9, 0x8a, 0xbf, 0x5c, 0x80, 0x67, 0xfb, 0xf8, 0x46, 0x66, 0x26, 0x8b, + 0xb5, 0x4f, 0x26, 0xcb, 0x79, 0x18, 0x88, 0x48, 0x2b, 0xcc, 0xee, 0x77, 0x2c, 0xdc, 0x8b, 0x41, + 0xd0, 0x33, 0x50, 0x74, 0x5a, 0x9e, 0xd8, 0xee, 0xd4, 0x26, 0x3d, 0xb3, 0xb2, 0x80, 0x69, 0x3b, + 0xfd, 0xd2, 0x95, 0x75, 0x99, 0x0f, 0x97, 0x4f, 0x35, 0xf4, 0x5e, 0xe9, 0x75, 0xdc, 0x7a, 0x53, + 0x50, 0xac, 0xf9, 0xda, 0xcb, 0x70, 0xb6, 0xf7, 0x0c, 0x41, 0x2f, 0xc1, 0xf0, 0x7a, 0xe4, 0x04, + 0xee, 0x06, 0xbb, 0x39, 0x40, 0x8e, 0x09, 0xcb, 0x5f, 0xd0, 0xcd, 0xd8, 0xc4, 0xb1, 0x7f, 0xbf, + 0xd0, 0x9d, 0x22, 0x17, 0x02, 0x07, 0x19, 0x61, 0x31, 0x7e, 0x85, 0x1e, 0xe3, 0x77, 0x07, 0xca, + 0x09, 0x4b, 0x9f, 0x20, 0x75, 0x21, 0x49, 0x72, 0xcb, 0x00, 0x64, 0x7b, 0xcd, 0x9a, 0x20, 0x8e, + 0x15, 0x1b, 0x2a, 0xf2, 0x7d, 0x5d, 0x43, 0x4b, 0x88, 0xfc, 0x8c, 0xd3, 0x70, 0x0e, 0x4e, 0x1a, + 0x25, 0x41, 0x79, 0xf4, 0x38, 0x3f, 0xfb, 0x56, 0x29, 0x55, 0x2b, 0x19, 0x38, 0xee, 0x78, 0xc2, + 0xfe, 0xb5, 0x02, 0x3c, 0xd9, 0x53, 0xb2, 0xe9, 0x03, 0x7a, 0xeb, 0x3e, 0x07, 0xf4, 0x47, 0x9e, + 0xa0, 0xe6, 0x00, 0x0f, 0x3c, 0x98, 0x01, 0x7e, 0x01, 0xca, 0x5e, 0x10, 0x13, 0xb7, 0x1d, 0xf1, + 0x41, 0x33, 0x62, 0x29, 0x17, 0x44, 0x3b, 0x56, 0x18, 0xf6, 0x1f, 0xf6, 0x9e, 0x6a, 0x74, 0x97, + 0xfb, 0xa1, 0x1d, 0xa5, 0x57, 0x60, 0xd4, 0x69, 0xb5, 0x38, 0x1e, 0x3b, 0x0c, 0xcd, 0x24, 0x49, + 0xce, 0x98, 0x40, 0x9c, 0xc6, 0x35, 0xe6, 0xf0, 0x60, 0xaf, 0x39, 0x6c, 0xff, 0x89, 0x05, 0x15, + 0x4c, 0xea, 0xbc, 0x94, 0x2c, 0xba, 0x2d, 0x86, 0xc8, 0xca, 0xa3, 0xa2, 0x07, 0xbb, 0x06, 0xdf, + 0x63, 0x95, 0x2e, 0xba, 0x0d, 0x76, 0x67, 0x79, 0xdb, 0xc2, 0x81, 0xca, 0xdb, 0xaa, 0x02, 0xa7, + 0xc5, 0xde, 0x05, 0x4e, 0xed, 0xf7, 0x86, 0xe8, 0xeb, 0xb5, 0xc2, 0xd9, 0x88, 0xd4, 0x62, 0xfa, + 0x7d, 0xdb, 0x91, 0x9f, 0xbd, 0x1d, 0xf4, 0x06, 0x5e, 0xc4, 0xb4, 0x3d, 0xe5, 0xf1, 0x28, 0x1c, + 0x28, 0x45, 0xac, 0xb8, 0x6f, 0x8a, 0xd8, 0x2b, 0x30, 0x1a, 0xc7, 0x1b, 0x2b, 0x91, 0xb7, 0xe5, + 0x24, 0xd4, 0xb4, 0x10, 0xb1, 0x34, 0x3a, 0xad, 0x63, 0xf5, 0x8a, 0x06, 0xe2, 0x34, 0x2e, 0x9a, + 0x87, 0x71, 0x9d, 0xa8, 0x45, 0xa2, 0x84, 0x85, 0xce, 0xf0, 0x99, 0xa0, 0xb2, 0x2a, 0x74, 0x6a, + 0x97, 0x40, 0xc0, 0x9d, 0xcf, 0x50, 0x89, 0x95, 0x6a, 0xa4, 0x1d, 0x19, 0x4c, 0x4b, 0xac, 0x14, + 0x1d, 0xda, 0x97, 0x8e, 0x27, 0xd0, 0x12, 0x9c, 0xe2, 0x13, 0x83, 0x5d, 0x47, 0xad, 0xde, 0x88, + 0x87, 0x3a, 0x3d, 0x25, 0x08, 0x9d, 0x9a, 0xef, 0x44, 0xc1, 0xdd, 0x9e, 0xa3, 0x76, 0x83, 0x6a, + 0x5e, 0x98, 0x13, 0xc6, 0xba, 0xb2, 0x1b, 0x14, 0x99, 0x85, 0x1a, 0x36, 0xf1, 0xd0, 0xa7, 0xe1, + 0x09, 0xfd, 0x97, 0x07, 0x29, 0x72, 0x0f, 0xd6, 0x9c, 0xc8, 0x81, 0x55, 0xe5, 0x34, 0xe7, 0xbb, + 0xa2, 0xd5, 0x70, 0xaf, 0xe7, 0xd1, 0x3a, 0x9c, 0x55, 0xa0, 0x4b, 0xd4, 0x48, 0x6b, 0x45, 0x5e, + 0x4c, 0xaa, 0x4e, 0x4c, 0x6e, 0x44, 0x3e, 0xcb, 0x9a, 0xad, 0xe8, 0x7b, 0x01, 0xe6, 0xbd, 0xe4, + 0x4a, 0x37, 0x4c, 0xbc, 0x88, 0xef, 0x43, 0x05, 0x4d, 0x43, 0x85, 0x04, 0xce, 0xba, 0x4f, 0x96, + 0x67, 0x17, 0x58, 0x2e, 0xad, 0xe1, 0x30, 0xbb, 0x24, 0x01, 0x58, 0xe3, 0xa8, 0xe3, 0xdb, 0x91, + 0x9e, 0xf7, 0x48, 0xac, 0xc0, 0xe9, 0x86, 0xdb, 0xa2, 0x7a, 0x80, 0xe7, 0x92, 0x19, 0x97, 0x1d, + 0x61, 0xd2, 0x0f, 0xc3, 0xcb, 0xfb, 0xaa, 0xd8, 0x84, 0xf9, 0xd9, 0x95, 0x0e, 0x1c, 0xdc, 0xf5, + 0x49, 0xba, 0xc6, 0x5a, 0x51, 0xb8, 0xbd, 0x33, 0x71, 0x2a, 0xbd, 0xc6, 0x56, 0x68, 0x23, 0xe6, + 0x30, 0x74, 0x15, 0x10, 0x0b, 0x74, 0xb9, 0x92, 0x24, 0x2d, 0xa5, 0x78, 0x4c, 0x9c, 0x66, 0xaf, + 0x74, 0x56, 0x3c, 0x81, 0x2e, 0x77, 0x60, 0xe0, 0x2e, 0x4f, 0xd9, 0x7f, 0x6c, 0xc1, 0xa8, 0x5a, + 0xaf, 0x0f, 0x20, 0xd4, 0xcb, 0x4f, 0x87, 0x7a, 0xcd, 0x1f, 0x5d, 0xe2, 0xb1, 0x9e, 0xf7, 0x88, + 0x17, 0xf8, 0xf2, 0x30, 0x80, 0x96, 0x8a, 0x6a, 0x43, 0xb2, 0x7a, 0x6e, 0x48, 0x8f, 0xac, 0x44, + 0xea, 0x96, 0x38, 0x57, 0x7a, 0xb8, 0x89, 0x73, 0xab, 0x70, 0x46, 0xaa, 0x0b, 0xdc, 0x25, 0x73, + 0x25, 0x8c, 0x95, 0x80, 0x2b, 0x57, 0x9f, 0x11, 0x84, 0xce, 0x2c, 0x74, 0x43, 0xc2, 0xdd, 0x9f, + 0x4d, 0x69, 0x29, 0x43, 0xfb, 0x69, 0x29, 0x7a, 0x4d, 0x2f, 0xd6, 0x65, 0x71, 0xce, 0xcc, 0x9a, + 0x5e, 0xbc, 0xbc, 0x8a, 0x35, 0x4e, 0x77, 0xc1, 0x5e, 0xc9, 0x49, 0xb0, 0xc3, 0x81, 0x05, 0xbb, + 0x14, 0x31, 0xc3, 0x3d, 0x45, 0x8c, 0xf4, 0x02, 0x8d, 0xf4, 0xf4, 0x02, 0xbd, 0x0a, 0x63, 0x5e, + 0xb0, 0x41, 0x22, 0x2f, 0x21, 0x35, 0xb6, 0x16, 0x98, 0xf8, 0x29, 0xeb, 0x6d, 0x7d, 0x21, 0x05, + 0xc5, 0x19, 0xec, 0xb4, 0x5c, 0x1c, 0xeb, 0x43, 0x2e, 0xf6, 0xd8, 0x8d, 0x4e, 0xe4, 0xb3, 0x1b, + 0x9d, 0x3c, 0xfa, 0x6e, 0x34, 0x7e, 0xac, 0xbb, 0x11, 0xca, 0x65, 0x37, 0xea, 0x4b, 0xd0, 0x1b, + 0x06, 0xdd, 0xe9, 0x7d, 0x0c, 0xba, 0x5e, 0x5b, 0xd1, 0x99, 0x43, 0x6f, 0x45, 0xdd, 0x77, 0x99, + 0xc7, 0x0f, 0xb5, 0xcb, 0x7c, 0xa5, 0x00, 0x67, 0xb4, 0x1c, 0xa6, 0xb3, 0xdf, 0xab, 0x53, 0x49, + 0xc4, 0xea, 0x3b, 0xf3, 0xa8, 0x1d, 0x23, 0xf2, 0x50, 0x07, 0x31, 0x2a, 0x08, 0x36, 0xb0, 0x58, + 0x00, 0x1f, 0x89, 0x58, 0x5d, 0xa0, 0xac, 0x90, 0x9e, 0x15, 0xed, 0x58, 0x61, 0xd0, 0xf9, 0x45, + 0x7f, 0x8b, 0xa0, 0xe8, 0x6c, 0xad, 0x80, 0x59, 0x0d, 0xc2, 0x26, 0x1e, 0x7a, 0x9e, 0x33, 0x61, + 0x02, 0x82, 0x0a, 0xea, 0x11, 0x71, 0x73, 0x89, 0x94, 0x09, 0x0a, 0x2a, 0xbb, 0xc3, 0x22, 0x35, + 0x4b, 0x9d, 0xdd, 0x61, 0x27, 0x8d, 0x0a, 0xc3, 0xfe, 0xdf, 0x16, 0x3c, 0xd9, 0x75, 0x28, 0x1e, + 0xc0, 0xe6, 0xbb, 0x9d, 0xde, 0x7c, 0x57, 0xf3, 0x32, 0x37, 0x8c, 0xb7, 0xe8, 0xb1, 0x11, 0xff, + 0x07, 0x0b, 0xc6, 0x34, 0xfe, 0x03, 0x78, 0x55, 0x2f, 0xfd, 0xaa, 0xf9, 0x59, 0x56, 0x95, 0x8e, + 0x77, 0xfb, 0x63, 0xf6, 0x6e, 0xfc, 0x0c, 0x63, 0x86, 0xed, 0x8f, 0x7d, 0xf8, 0xee, 0x77, 0x60, + 0x90, 0x15, 0xd3, 0x8d, 0xf3, 0x39, 0x4b, 0x49, 0xf3, 0x67, 0x21, 0xd8, 0xfa, 0x2c, 0x85, 0xfd, + 0x8d, 0xb1, 0x60, 0xc8, 0xaa, 0x56, 0x79, 0x31, 0x95, 0xe6, 0x35, 0x11, 0xf3, 0xa8, 0xab, 0x56, + 0x89, 0x76, 0xac, 0x30, 0xec, 0x26, 0x4c, 0xa4, 0x89, 0xcf, 0x91, 0x3a, 0x3b, 0x9f, 0xef, 0xeb, + 0x35, 0xa7, 0xa1, 0xe2, 0xb0, 0xa7, 0x16, 0xdb, 0x4e, 0xf6, 0xb2, 0xab, 0x19, 0x09, 0xc0, 0x1a, + 0xc7, 0xfe, 0x2d, 0x0b, 0x4e, 0x75, 0x79, 0x99, 0x1c, 0x63, 0x3d, 0x13, 0x2d, 0x05, 0xba, 0x6d, + 0xb8, 0x1f, 0x81, 0xa1, 0x1a, 0xa9, 0x3b, 0xf2, 0x04, 0xd8, 0x90, 0xb9, 0x73, 0xbc, 0x19, 0x4b, + 0xb8, 0xfd, 0x3f, 0x2c, 0x38, 0x91, 0xee, 0x6b, 0x4c, 0xa5, 0x26, 0x7f, 0x99, 0x39, 0x2f, 0x76, + 0xc3, 0x2d, 0x12, 0xed, 0xd0, 0x37, 0xe7, 0xbd, 0x56, 0x52, 0x73, 0xa6, 0x03, 0x03, 0x77, 0x79, + 0x8a, 0x55, 0xd5, 0xa9, 0xa9, 0xd1, 0x96, 0x33, 0xe5, 0x66, 0x9e, 0x33, 0x45, 0x7f, 0x4c, 0xf3, + 0xe0, 0x48, 0xb1, 0xc4, 0x26, 0x7f, 0xfb, 0x83, 0x01, 0x50, 0xc1, 0xe0, 0xec, 0xf8, 0x2d, 0xa7, + 0xc3, 0xcb, 0x54, 0x5d, 0xf4, 0x62, 0x1f, 0x75, 0xd1, 0xe5, 0x64, 0x18, 0xb8, 0xdf, 0xd1, 0x18, + 0xf7, 0x5e, 0x98, 0x4e, 0x42, 0xf5, 0x86, 0x6b, 0x1a, 0x84, 0x4d, 0x3c, 0xda, 0x13, 0xdf, 0xdb, + 0x22, 0xfc, 0xa1, 0xc1, 0x74, 0x4f, 0x16, 0x25, 0x00, 0x6b, 0x1c, 0xda, 0x93, 0x9a, 0x57, 0xaf, + 0x0b, 0x53, 0x5c, 0xf5, 0x84, 0x8e, 0x0e, 0x66, 0x10, 0x8a, 0xb1, 0x11, 0x86, 0x9b, 0x42, 0x3b, + 0x55, 0x18, 0x57, 0xc2, 0x70, 0x13, 0x33, 0x08, 0xd5, 0xa7, 0x82, 0x30, 0x6a, 0xb2, 0xcb, 0xc8, + 0x6a, 0x8a, 0x8b, 0xd0, 0x4a, 0x95, 0x3e, 0x75, 0xbd, 0x13, 0x05, 0x77, 0x7b, 0x8e, 0xce, 0xc0, + 0x56, 0x44, 0x6a, 0x9e, 0x9b, 0x98, 0xd4, 0x20, 0x3d, 0x03, 0x57, 0x3a, 0x30, 0x70, 0x97, 0xa7, + 0xd0, 0x0c, 0x9c, 0x90, 0xc1, 0xfc, 0x32, 0xdf, 0x71, 0x38, 0x9d, 0x5f, 0x85, 0xd3, 0x60, 0x9c, + 0xc5, 0xa7, 0xd2, 0xa6, 0x29, 0x52, 0x9d, 0x99, 0x12, 0x6b, 0x48, 0x1b, 0x99, 0x02, 0x8d, 0x15, + 0x86, 0xfd, 0xc5, 0x22, 0xdd, 0x1d, 0x7b, 0x94, 0x3c, 0x7e, 0x60, 0x87, 0xe5, 0xe9, 0x19, 0x39, + 0xd0, 0xc7, 0x8c, 0x7c, 0x19, 0x46, 0x6e, 0xc7, 0x61, 0xa0, 0x0e, 0xa2, 0x4b, 0x3d, 0x0f, 0xa2, + 0x0d, 0xac, 0xee, 0x07, 0xd1, 0x83, 0x79, 0x1d, 0x44, 0x0f, 0x1d, 0xf2, 0x20, 0xfa, 0x3b, 0x25, + 0x50, 0x45, 0x43, 0xaf, 0x93, 0xe4, 0x6e, 0x18, 0x6d, 0x7a, 0x41, 0x83, 0x25, 0x41, 0x7c, 0xdb, + 0x82, 0x11, 0xbe, 0x5e, 0x16, 0xcd, 0x40, 0xe2, 0x7a, 0x4e, 0xc5, 0x2d, 0x53, 0xcc, 0xa6, 0xd6, + 0x0c, 0x46, 0x99, 0xbb, 0x2e, 0x4c, 0x10, 0x4e, 0xf5, 0x08, 0xfd, 0x2c, 0x80, 0xf4, 0x5b, 0xd6, + 0xa5, 0xc8, 0x5c, 0xc8, 0xa7, 0x7f, 0x98, 0xd4, 0xb5, 0x6e, 0xba, 0xa6, 0x98, 0x60, 0x83, 0x21, + 0xfa, 0x4a, 0xf6, 0xb2, 0xc6, 0xcf, 0x1e, 0xcb, 0xd8, 0xf4, 0x13, 0x62, 0x8d, 0x61, 0xc8, 0x0b, + 0x1a, 0x74, 0x9e, 0x88, 0xb3, 0xfb, 0x1f, 0xed, 0x96, 0x40, 0xb4, 0x18, 0x3a, 0xb5, 0xaa, 0xe3, + 0x3b, 0x81, 0x4b, 0xa2, 0x05, 0x8e, 0x6e, 0x5e, 0xbe, 0xc4, 0x1a, 0xb0, 0x24, 0xd4, 0x51, 0xbd, + 0xb5, 0xd4, 0x4f, 0xf5, 0xd6, 0xb3, 0x9f, 0x84, 0xf1, 0x8e, 0x8f, 0x79, 0xa0, 0x88, 0xea, 0xc3, + 0x07, 0x63, 0xdb, 0xff, 0x62, 0x50, 0x6f, 0x5a, 0xd7, 0xc3, 0x1a, 0xaf, 0x21, 0x1a, 0xe9, 0x2f, + 0x2a, 0x74, 0xcf, 0x1c, 0xa7, 0x88, 0x71, 0x81, 0x93, 0x6a, 0xc4, 0x26, 0x4b, 0x3a, 0x47, 0x5b, + 0x4e, 0x44, 0x82, 0xe3, 0x9e, 0xa3, 0x2b, 0x8a, 0x09, 0x36, 0x18, 0xa2, 0x8d, 0x54, 0x48, 0xe5, + 0xe5, 0xa3, 0x87, 0x54, 0xb2, 0xfc, 0xe4, 0x6e, 0x45, 0x12, 0xbf, 0x69, 0xc1, 0x58, 0x90, 0x9a, + 0xb9, 0xe2, 0x1c, 0x67, 0xed, 0x38, 0x56, 0x05, 0xaf, 0x39, 0x9d, 0x6e, 0xc3, 0x19, 0xfe, 0xdd, + 0xb6, 0xb4, 0xd2, 0x01, 0xb7, 0x34, 0x5d, 0x8c, 0x78, 0xb0, 0x57, 0x31, 0x62, 0x14, 0xa8, 0xf2, + 0xe9, 0x43, 0xb9, 0x97, 0x4f, 0x87, 0x2e, 0xa5, 0xd3, 0x6f, 0x41, 0xc5, 0x8d, 0x88, 0x93, 0x1c, + 0xb2, 0x92, 0x36, 0x3b, 0xc4, 0x9e, 0x95, 0x04, 0xb0, 0xa6, 0x65, 0xff, 0xfb, 0x22, 0x9c, 0x94, + 0x23, 0x22, 0x23, 0xb0, 0xe8, 0xfe, 0xc8, 0xf9, 0x6a, 0xe5, 0x56, 0xed, 0x8f, 0x57, 0x24, 0x00, + 0x6b, 0x1c, 0xaa, 0x8f, 0xb5, 0x63, 0xb2, 0xdc, 0x22, 0xc1, 0xa2, 0xb7, 0x1e, 0x8b, 0xf3, 0x47, + 0xb5, 0x50, 0x6e, 0x68, 0x10, 0x36, 0xf1, 0xa8, 0x32, 0xce, 0xf5, 0xe2, 0x38, 0x1b, 0xbd, 0x29, + 0xf4, 0x6d, 0x2c, 0xe1, 0xe8, 0x57, 0xba, 0xde, 0xc1, 0x90, 0x4f, 0xdc, 0x72, 0x47, 0xe0, 0xd9, + 0x01, 0x2f, 0x5f, 0x78, 0xc7, 0x82, 0x13, 0x9b, 0xa9, 0x04, 0x32, 0x29, 0x92, 0x8f, 0x98, 0xea, + 0x9c, 0xce, 0x4a, 0xd3, 0x53, 0x38, 0xdd, 0x1e, 0xe3, 0x2c, 0x77, 0xfb, 0x7f, 0x5a, 0x60, 0x8a, + 0xa7, 0xfe, 0x34, 0x2b, 0xe3, 0x1a, 0xa9, 0xc2, 0x3e, 0xd7, 0x48, 0x49, 0x25, 0xac, 0xd8, 0x9f, + 0xd2, 0x3f, 0x70, 0x00, 0xa5, 0xbf, 0xd4, 0x53, 0x6b, 0x7b, 0x06, 0x8a, 0x6d, 0xaf, 0x26, 0xf4, + 0x76, 0x7d, 0xda, 0xb8, 0x30, 0x87, 0x69, 0xbb, 0xfd, 0x4f, 0x4a, 0xda, 0x4e, 0x17, 0xe1, 0xb6, + 0x3f, 0x14, 0xaf, 0x5d, 0x57, 0x99, 0xeb, 0xfc, 0xcd, 0xaf, 0x77, 0x64, 0xae, 0xff, 0xc4, 0xc1, + 0xa3, 0xa9, 0xf9, 0x00, 0xf5, 0x4a, 0x5c, 0x1f, 0xda, 0x27, 0x94, 0xfa, 0x36, 0x94, 0xa9, 0x69, + 0xc3, 0x1c, 0x6e, 0xe5, 0x54, 0xa7, 0xca, 0x57, 0x44, 0xfb, 0xbd, 0xdd, 0xc9, 0x1f, 0x3f, 0x78, + 0xb7, 0xe4, 0xd3, 0x58, 0xd1, 0x47, 0x31, 0x54, 0xe8, 0x6f, 0x16, 0xf5, 0x2d, 0x8c, 0xa6, 0x1b, + 0x4a, 0x16, 0x49, 0x40, 0x2e, 0x21, 0xe5, 0x9a, 0x0f, 0x0a, 0xa0, 0xc2, 0xee, 0x7f, 0x61, 0x4c, + 0xb9, 0x6d, 0xb5, 0xa2, 0x62, 0xaf, 0x25, 0xe0, 0xde, 0xee, 0xe4, 0x2b, 0x07, 0x67, 0xaa, 0x1e, + 0xc7, 0x9a, 0x85, 0xfd, 0xee, 0x80, 0x9e, 0xbb, 0xa2, 0x60, 0xc1, 0x0f, 0xc5, 0xdc, 0xbd, 0x98, + 0x99, 0xbb, 0xe7, 0x3b, 0xe6, 0xee, 0x98, 0xbe, 0xa7, 0x24, 0x35, 0x1b, 0x1f, 0xf4, 0x06, 0xbb, + 0xbf, 0x1d, 0xcf, 0x34, 0x8b, 0x3b, 0x6d, 0x2f, 0x22, 0xf1, 0x4a, 0xd4, 0x0e, 0xbc, 0xa0, 0x21, + 0xae, 0x86, 0x34, 0x34, 0x8b, 0x14, 0x18, 0x67, 0xf1, 0xd9, 0xb5, 0x92, 0x3b, 0x81, 0x7b, 0xcb, + 0xd9, 0xe2, 0xb3, 0xca, 0xc8, 0xe1, 0x5e, 0x15, 0xed, 0x58, 0x61, 0xd8, 0xef, 0xb1, 0xb3, 0x5b, + 0x23, 0xdd, 0x84, 0xce, 0x09, 0x9f, 0x5d, 0xb8, 0xc3, 0x13, 0xc0, 0xd5, 0x9c, 0xe0, 0xb7, 0xec, + 0x70, 0x18, 0xba, 0x0b, 0x43, 0xeb, 0xbc, 0x80, 0x7d, 0x3e, 0x15, 0xe3, 0x44, 0x35, 0x7c, 0x56, + 0xd4, 0x55, 0x96, 0xc6, 0xbf, 0xa7, 0x7f, 0x62, 0xc9, 0xcd, 0x7e, 0x7f, 0x00, 0x4e, 0x64, 0xae, + 0x64, 0x49, 0xd5, 0xaf, 0x29, 0xec, 0x5b, 0xbf, 0xe6, 0x33, 0x00, 0x35, 0xd2, 0xf2, 0xc3, 0x1d, + 0xa6, 0xe6, 0x0c, 0x1c, 0x58, 0xcd, 0x51, 0x9a, 0xf1, 0x9c, 0xa2, 0x82, 0x0d, 0x8a, 0x22, 0xeb, + 0x9d, 0x97, 0xc3, 0xc9, 0x64, 0xbd, 0x1b, 0x45, 0x1b, 0x07, 0x1f, 0x6c, 0xd1, 0x46, 0x0f, 0x4e, + 0xf0, 0x2e, 0xaa, 0xa4, 0x8e, 0x43, 0xe4, 0x6e, 0xb0, 0x08, 0xd9, 0xb9, 0x34, 0x19, 0x9c, 0xa5, + 0xfb, 0x30, 0x6f, 0x5c, 0x42, 0x1f, 0x85, 0x8a, 0xfc, 0xce, 0xf1, 0x44, 0x45, 0x27, 0xc6, 0xc9, + 0x69, 0xc0, 0x6e, 0x42, 0x12, 0x3f, 0xed, 0x6f, 0x14, 0xa8, 0x56, 0xca, 0xff, 0xa9, 0x04, 0xe7, + 0xe7, 0x60, 0xd0, 0x69, 0x27, 0x1b, 0x61, 0xc7, 0x95, 0x01, 0x33, 0xac, 0x15, 0x0b, 0x28, 0x5a, + 0x84, 0x81, 0x9a, 0x4e, 0x5a, 0x3d, 0xc8, 0x28, 0x6a, 0x07, 0x9f, 0x93, 0x10, 0xcc, 0xa8, 0xa0, + 0xa7, 0x61, 0x20, 0x71, 0x1a, 0xa9, 0xeb, 0x4d, 0xd7, 0x9c, 0x46, 0x8c, 0x59, 0xab, 0xb9, 0x69, + 0x0e, 0xec, 0xb3, 0x69, 0xbe, 0x02, 0xa3, 0xb1, 0xd7, 0x08, 0x9c, 0xa4, 0x1d, 0x11, 0xe3, 0x30, + 0x49, 0xc7, 0x07, 0x98, 0x40, 0x9c, 0xc6, 0xb5, 0x3f, 0xa8, 0xc0, 0xe9, 0x6e, 0xd7, 0xd0, 0xe7, + 0x1d, 0x0d, 0xdf, 0x8d, 0xc7, 0x83, 0x8b, 0x86, 0xef, 0xc1, 0xdd, 0x37, 0xa2, 0xe1, 0x7d, 0x23, + 0x1a, 0xfe, 0x2b, 0x16, 0x54, 0x54, 0x10, 0xb8, 0x08, 0x64, 0x7d, 0xe3, 0x18, 0xae, 0xfa, 0x97, + 0x2c, 0x44, 0x2c, 0xb0, 0xfc, 0x8b, 0x35, 0xf3, 0xe3, 0x0b, 0x8f, 0xbf, 0x6f, 0x87, 0x0e, 0x14, + 0x1e, 0xaf, 0x72, 0x07, 0x4a, 0x79, 0xe4, 0x0e, 0xf4, 0xf8, 0x54, 0x5d, 0x73, 0x07, 0xbe, 0x69, + 0xc1, 0xb0, 0xf3, 0x76, 0x3b, 0x22, 0x73, 0x64, 0x6b, 0xb9, 0x15, 0x0b, 0x01, 0xfb, 0x66, 0xfe, + 0x1d, 0x98, 0xd1, 0x4c, 0x44, 0x6d, 0x63, 0xdd, 0x80, 0xcd, 0x2e, 0xa4, 0x72, 0x05, 0x86, 0xf2, + 0xc8, 0x15, 0xe8, 0xd6, 0x9d, 0x7d, 0x73, 0x05, 0x5e, 0x81, 0x51, 0xd7, 0x0f, 0x03, 0xb2, 0x12, + 0x85, 0x49, 0xe8, 0x86, 0xbe, 0x50, 0xa6, 0x95, 0x48, 0x98, 0x35, 0x81, 0x38, 0x8d, 0xdb, 0x2b, + 0xd1, 0xa0, 0x72, 0xd4, 0x44, 0x03, 0x78, 0x48, 0x89, 0x06, 0x7f, 0x56, 0x80, 0xc9, 0x7d, 0x3e, + 0x2a, 0xba, 0x08, 0x23, 0x61, 0xd4, 0x70, 0x02, 0xef, 0x6d, 0x9e, 0xd4, 0x5a, 0x4a, 0x97, 0xce, + 0x58, 0x36, 0x60, 0x38, 0x85, 0x29, 0x43, 0x91, 0x07, 0x7b, 0x84, 0x22, 0x7f, 0x1c, 0x86, 0x13, + 0xe2, 0x34, 0x45, 0xdc, 0x85, 0x30, 0x80, 0xf4, 0x81, 0x92, 0x06, 0x61, 0x13, 0x8f, 0x4e, 0xa3, + 0x31, 0xc7, 0x75, 0x49, 0x1c, 0xcb, 0x58, 0x63, 0xe1, 0x9c, 0xc9, 0x2d, 0x90, 0x99, 0xf9, 0xbc, + 0x66, 0x52, 0x2c, 0x70, 0x86, 0x25, 0xed, 0xbc, 0xe3, 0xfb, 0x3c, 0xad, 0x80, 0xc8, 0x0b, 0xcb, + 0x75, 0x09, 0x0c, 0x0d, 0xc2, 0x26, 0x9e, 0xfd, 0xeb, 0x05, 0x78, 0xe6, 0xbe, 0xe2, 0xa5, 0xef, + 0x30, 0xf0, 0x76, 0x4c, 0xa2, 0xec, 0x81, 0xcc, 0x8d, 0x98, 0x44, 0x98, 0x41, 0xf8, 0x28, 0xb5, + 0x5a, 0xc6, 0xbd, 0x40, 0x79, 0x67, 0x1d, 0xf0, 0x51, 0x4a, 0xb1, 0xc0, 0x19, 0x96, 0xd9, 0x51, + 0x1a, 0xe8, 0x73, 0x94, 0xfe, 0x7e, 0x01, 0x9e, 0xed, 0x43, 0x08, 0xe7, 0x98, 0x9d, 0x91, 0xce, + 0x6e, 0x29, 0x3e, 0x9c, 0xec, 0x96, 0xc3, 0x0e, 0xd7, 0x7b, 0x05, 0x38, 0xdb, 0x5b, 0x16, 0xa2, + 0x9f, 0xa4, 0x46, 0x94, 0x0c, 0xb6, 0x30, 0x33, 0x63, 0x4e, 0x71, 0x03, 0x2a, 0x05, 0xc2, 0x59, + 0x5c, 0x34, 0x05, 0xd0, 0x72, 0x92, 0x8d, 0xf8, 0xd2, 0xb6, 0x17, 0x27, 0x22, 0xa7, 0x73, 0x8c, + 0xbb, 0xc2, 0x65, 0x2b, 0x36, 0x30, 0x28, 0x3b, 0xf6, 0x6f, 0x2e, 0xbc, 0x1e, 0x26, 0xfc, 0x21, + 0xae, 0xc7, 0x9d, 0x92, 0xc5, 0x23, 0x0d, 0x10, 0xce, 0xe2, 0x52, 0x76, 0xec, 0xb0, 0x85, 0x77, + 0x94, 0x2b, 0x78, 0x8c, 0xdd, 0xa2, 0x6a, 0xc5, 0x06, 0x46, 0x36, 0xe7, 0xa7, 0xd4, 0x47, 0xce, + 0xcf, 0x3f, 0x2e, 0xc0, 0x93, 0x3d, 0xf7, 0xd2, 0xfe, 0x16, 0xe0, 0xa3, 0x97, 0xec, 0x73, 0xb8, + 0xb9, 0x73, 0xc0, 0x14, 0x96, 0x3f, 0xe9, 0x31, 0xd3, 0x44, 0x0a, 0x4b, 0x76, 0xab, 0xb0, 0x0e, + 0xba, 0x55, 0x3c, 0x42, 0xe3, 0xd9, 0x91, 0xb5, 0x32, 0x70, 0x80, 0xac, 0x95, 0xcc, 0xc7, 0x28, + 0xf5, 0xb9, 0x90, 0xbf, 0xdb, 0x7b, 0x78, 0xa9, 0xee, 0xdd, 0x97, 0x7b, 0x6a, 0x0e, 0x4e, 0x7a, + 0x01, 0x2b, 0x24, 0xbc, 0xda, 0x5e, 0x17, 0x19, 0xbf, 0x85, 0xf4, 0x1d, 0x59, 0x0b, 0x19, 0x38, + 0xee, 0x78, 0xe2, 0x11, 0xcc, 0x22, 0x3a, 0xe4, 0x90, 0x7e, 0x06, 0x2a, 0x8a, 0x36, 0x8f, 0x8c, + 0x54, 0x1f, 0xb4, 0x23, 0x32, 0x52, 0x7d, 0x4d, 0x03, 0x8b, 0x8e, 0xc4, 0x26, 0xd9, 0xc9, 0xce, + 0xcc, 0x6b, 0x64, 0x87, 0x9d, 0x92, 0xda, 0x1f, 0x83, 0x11, 0x65, 0x44, 0xf6, 0x5b, 0xe8, 0xd6, + 0x7e, 0x77, 0x10, 0x46, 0x53, 0x65, 0x2c, 0x52, 0x3e, 0x1b, 0x6b, 0x5f, 0x9f, 0x0d, 0x8b, 0x74, + 0x6d, 0x07, 0xb2, 0x94, 0xb4, 0x11, 0xe9, 0xda, 0x0e, 0x08, 0xe6, 0x30, 0x6a, 0xba, 0xd7, 0xa2, + 0x1d, 0xdc, 0x0e, 0x44, 0x44, 0x9a, 0x32, 0xdd, 0xe7, 0x58, 0x2b, 0x16, 0x50, 0xf4, 0x05, 0x0b, + 0x46, 0x62, 0xe6, 0x10, 0xe4, 0x1e, 0x2f, 0xf1, 0x41, 0xaf, 0xe6, 0x71, 0x15, 0xb2, 0x28, 0xd9, + 0xc2, 0x0e, 0xb3, 0xcd, 0x16, 0x9c, 0xe2, 0x88, 0xbe, 0x64, 0x99, 0x97, 0x40, 0x0f, 0xe6, 0x11, + 0x49, 0x99, 0xad, 0x12, 0xc2, 0x5d, 0x25, 0xf7, 0xbf, 0x0b, 0x5a, 0xdf, 0x0d, 0x3f, 0xf4, 0xe0, + 0xee, 0x86, 0xff, 0x28, 0x54, 0x9a, 0x4e, 0xe0, 0xd5, 0x49, 0x9c, 0x70, 0x0f, 0x91, 0x2c, 0x5e, + 0x24, 0x1b, 0xb1, 0x86, 0xd3, 0xcd, 0x2e, 0x66, 0x2f, 0x96, 0x18, 0x2e, 0x1d, 0xb6, 0xd9, 0xad, + 0xea, 0x66, 0x6c, 0xe2, 0x98, 0xfe, 0x27, 0x78, 0xa8, 0xfe, 0xa7, 0xe1, 0x7d, 0xfc, 0x4f, 0xff, + 0xd0, 0x82, 0x33, 0x5d, 0xbf, 0xda, 0xa3, 0x1b, 0xa3, 0x64, 0x7f, 0x50, 0x84, 0x53, 0x5d, 0xea, + 0xd1, 0xa0, 0x9d, 0x63, 0xbb, 0xd4, 0x5c, 0x14, 0xbc, 0x19, 0xed, 0x39, 0x89, 0x0f, 0xe6, 0xfd, + 0xd5, 0x1e, 0xd8, 0xe2, 0x83, 0xf5, 0xc0, 0x1a, 0xd3, 0x72, 0xe0, 0xa1, 0x4e, 0xcb, 0xd2, 0x3e, + 0xd3, 0xf2, 0x83, 0x22, 0xb0, 0xca, 0x42, 0xac, 0x96, 0xc7, 0x0e, 0xfa, 0xbc, 0x59, 0x23, 0xca, + 0xca, 0xab, 0x9e, 0x11, 0x27, 0xae, 0x6a, 0x4c, 0xf1, 0xee, 0x74, 0x2b, 0x39, 0x95, 0x95, 0x00, + 0x85, 0x3e, 0x24, 0x80, 0x2f, 0x8b, 0x71, 0x15, 0xf3, 0x2f, 0xc6, 0x55, 0xc9, 0x16, 0xe2, 0x42, + 0xbf, 0x6d, 0xc1, 0x44, 0xb3, 0x47, 0xd1, 0xc8, 0x7c, 0xca, 0x06, 0xf4, 0x2a, 0x49, 0x59, 0x7d, + 0x7a, 0x6f, 0x77, 0xb2, 0x67, 0xad, 0x4e, 0xdc, 0xb3, 0x57, 0xf6, 0xdf, 0xb4, 0xf8, 0x2a, 0xce, + 0x7c, 0x05, 0xbd, 0xcd, 0x5a, 0xf7, 0xd9, 0x66, 0x5f, 0x60, 0xd7, 0xe6, 0xd5, 0xaf, 0x10, 0xc7, + 0x17, 0xdb, 0xb1, 0x79, 0x03, 0x1e, 0x6b, 0xc7, 0x0a, 0x83, 0x5d, 0x74, 0xe1, 0xfb, 0xe1, 0xdd, + 0x4b, 0xcd, 0x56, 0xb2, 0x23, 0x36, 0x66, 0x7d, 0xd1, 0x85, 0x82, 0x60, 0x03, 0xcb, 0xfe, 0xdb, + 0x05, 0x3e, 0x03, 0xc5, 0x21, 0xe5, 0xc5, 0x4c, 0x55, 0xf5, 0xfe, 0xcf, 0xf7, 0x3e, 0x07, 0xe0, + 0xaa, 0x1b, 0xb3, 0x84, 0xf7, 0xf8, 0xca, 0x91, 0x6f, 0x1c, 0x12, 0xf4, 0xcc, 0x6b, 0xf8, 0x65, + 0x1b, 0x36, 0xf8, 0xa5, 0x04, 0x53, 0x71, 0x5f, 0xc1, 0x94, 0x5a, 0xa3, 0x03, 0xfb, 0xac, 0xd1, + 0x3f, 0xb3, 0x20, 0xa5, 0x5e, 0xa0, 0x16, 0x94, 0x68, 0x77, 0x77, 0xf2, 0xb9, 0x0c, 0xcc, 0x24, + 0x4d, 0xe5, 0x8c, 0x98, 0xf6, 0xec, 0x27, 0xe6, 0x8c, 0x90, 0x2f, 0xce, 0x32, 0x0b, 0x79, 0x5c, + 0x58, 0x67, 0x32, 0xbc, 0x12, 0x86, 0x9b, 0xfc, 0x08, 0x44, 0x9f, 0x8b, 0xda, 0x17, 0x61, 0xbc, + 0xa3, 0x53, 0xac, 0x80, 0x72, 0x28, 0x6f, 0x40, 0x33, 0xa6, 0x2b, 0x4b, 0x28, 0xc2, 0x1c, 0x66, + 0xbf, 0x67, 0xc1, 0xc9, 0x2c, 0x79, 0xf4, 0x2d, 0x0b, 0xc6, 0xe3, 0x2c, 0xbd, 0xe3, 0x1a, 0x3b, + 0x15, 0xe7, 0xd3, 0x01, 0xc2, 0x9d, 0x9d, 0xb0, 0xff, 0x5c, 0x4c, 0xfe, 0x5b, 0x5e, 0x50, 0x0b, + 0xef, 0xaa, 0x5d, 0xde, 0xea, 0xb9, 0xcb, 0xd3, 0xf5, 0xe8, 0x6e, 0x90, 0x5a, 0xdb, 0xef, 0xc8, + 0x64, 0x5a, 0x15, 0xed, 0x58, 0x61, 0xa4, 0xae, 0x1b, 0x2f, 0xee, 0x7b, 0xdd, 0xf8, 0xcb, 0x30, + 0x62, 0xde, 0xf2, 0x27, 0xe6, 0x25, 0xd3, 0x6e, 0xcd, 0x0b, 0x01, 0x71, 0x0a, 0x2b, 0x73, 0xcf, + 0x73, 0x69, 0xdf, 0x7b, 0x9e, 0x9f, 0x87, 0xb2, 0xb8, 0xb3, 0x58, 0x46, 0xc3, 0xf1, 0x34, 0x29, + 0xd1, 0x86, 0x15, 0x94, 0x4a, 0x93, 0xa6, 0x13, 0xb4, 0x1d, 0x9f, 0x8e, 0x90, 0xc8, 0xed, 0x54, + 0xcb, 0x70, 0x49, 0x41, 0xb0, 0x81, 0x45, 0xdf, 0x38, 0xf1, 0x9a, 0xe4, 0xf5, 0x30, 0x90, 0x71, + 0x24, 0xda, 0x41, 0x2c, 0xda, 0xb1, 0xc2, 0xb0, 0xff, 0x9b, 0x05, 0xd9, 0x0b, 0x57, 0x53, 0x2e, + 0x03, 0x6b, 0xdf, 0x7c, 0xd2, 0x74, 0x36, 0x5a, 0xa1, 0xaf, 0x6c, 0x34, 0x33, 0x51, 0xac, 0x78, + 0xdf, 0x44, 0xb1, 0x1f, 0xd1, 0xd7, 0x70, 0xf0, 0x8c, 0xb2, 0xe1, 0x6e, 0x57, 0x70, 0x20, 0x1b, + 0x06, 0x5d, 0x47, 0x55, 0x1c, 0x18, 0xe1, 0x8a, 0xf8, 0xec, 0x0c, 0x43, 0x12, 0x90, 0xea, 0xfa, + 0xfb, 0xdf, 0x3f, 0xf7, 0xd8, 0x77, 0xbf, 0x7f, 0xee, 0xb1, 0x3f, 0xfa, 0xfe, 0xb9, 0xc7, 0xbe, + 0xb0, 0x77, 0xce, 0x7a, 0x7f, 0xef, 0x9c, 0xf5, 0xdd, 0xbd, 0x73, 0xd6, 0x1f, 0xed, 0x9d, 0xb3, + 0x3e, 0xd8, 0x3b, 0x67, 0x7d, 0xf3, 0x3f, 0x9f, 0x7b, 0xec, 0xf5, 0xae, 0x71, 0x3f, 0xf4, 0xc7, + 0x8b, 0x6e, 0x6d, 0x7a, 0xeb, 0x02, 0x0b, 0x3d, 0xa1, 0xab, 0x61, 0xda, 0x98, 0x02, 0xd3, 0x72, + 0x35, 0xfc, 0xff, 0x00, 0x00, 0x00, 0xff, 0xff, 0x6d, 0x33, 0xde, 0xe1, 0x3f, 0xc6, 0x00, 0x00, } func (m *AWSAuthConfig) Marshal() (dAtA []byte, err error) { @@ -5784,18 +5468,6 @@ func (m *ApplicationSetGenerator) MarshalToSizedBuffer(dAtA []byte) (int, error) _ = i var l int _ = l - if m.Plugin != nil { - { - size, err := m.Plugin.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x52 - } if m.Selector != nil { { size, err := m.Selector.MarshalToSizedBuffer(dAtA[:i]) @@ -5974,18 +5646,6 @@ func (m *ApplicationSetNestedGenerator) MarshalToSizedBuffer(dAtA []byte) (int, _ = i var l int _ = l - if m.Plugin != nil { - { - size, err := m.Plugin.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x52 - } if m.Selector != nil { { size, err := m.Selector.MarshalToSizedBuffer(dAtA[:i]) @@ -6203,23 +5863,6 @@ func (m *ApplicationSetSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - i-- - if m.ApplyNestedSelectors { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x40 - if len(m.GoTemplateOptions) > 0 { - for iNdEx := len(m.GoTemplateOptions) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.GoTemplateOptions[iNdEx]) - copy(dAtA[i:], m.GoTemplateOptions[iNdEx]) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.GoTemplateOptions[iNdEx]))) - i-- - dAtA[i] = 0x3a - } - } if m.PreservedFields != nil { { size, err := m.PreservedFields.MarshalToSizedBuffer(dAtA[:i]) @@ -6402,13 +6045,6 @@ func (m *ApplicationSetSyncPolicy) MarshalToSizedBuffer(dAtA []byte) (int, error _ = i var l int _ = l - if m.ApplicationsSync != nil { - i -= len(*m.ApplicationsSync) - copy(dAtA[i:], *m.ApplicationsSync) - i = encodeVarintGenerated(dAtA, i, uint64(len(*m.ApplicationsSync))) - i-- - dAtA[i] = 0x12 - } i-- if m.PreserveResourcesOnDeletion { dAtA[i] = 1 @@ -6573,30 +6209,6 @@ func (m *ApplicationSetTerminalGenerator) MarshalToSizedBuffer(dAtA []byte) (int _ = i var l int _ = l - if m.Selector != nil { - { - size, err := m.Selector.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x42 - } - if m.Plugin != nil { - { - size, err := m.Plugin.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x3a - } if m.PullRequest != nil { { size, err := m.PullRequest.MarshalToSizedBuffer(dAtA[:i]) @@ -6839,18 +6451,6 @@ func (m *ApplicationSourceHelm) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - if m.ValuesObject != nil { - { - size, err := m.ValuesObject.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x52 - } i-- if m.SkipCrds { dAtA[i] = 1 @@ -7372,11 +6972,6 @@ func (m *ApplicationStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - i -= len(m.ControllerNamespace) - copy(dAtA[i:], m.ControllerNamespace) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.ControllerNamespace))) - i-- - dAtA[i] = 0x6a if len(m.SourceTypes) > 0 { for iNdEx := len(m.SourceTypes) - 1; iNdEx >= 0; iNdEx-- { i -= len(m.SourceTypes[iNdEx]) @@ -7729,83 +7324,6 @@ func (m *BasicAuthBitbucketServer) MarshalToSizedBuffer(dAtA []byte) (int, error return len(dAtA) - i, nil } -func (m *BearerTokenBitbucketCloud) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *BearerTokenBitbucketCloud) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *BearerTokenBitbucketCloud) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.TokenRef != nil { - { - size, err := m.TokenRef.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *ChartDetails) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *ChartDetails) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *ChartDetails) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.Maintainers) > 0 { - for iNdEx := len(m.Maintainers) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.Maintainers[iNdEx]) - copy(dAtA[i:], m.Maintainers[iNdEx]) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Maintainers[iNdEx]))) - i-- - dAtA[i] = 0x1a - } - } - i -= len(m.Home) - copy(dAtA[i:], m.Home) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Home))) - i-- - dAtA[i] = 0x12 - i -= len(m.Description) - copy(dAtA[i:], m.Description) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Description))) - i-- - dAtA[i] = 0xa - return len(dAtA) - i, nil -} - func (m *Cluster) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -8309,20 +7827,6 @@ func (m *ComparedTo) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - if len(m.IgnoreDifferences) > 0 { - for iNdEx := len(m.IgnoreDifferences) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.IgnoreDifferences[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x22 - } - } if len(m.Sources) > 0 { for iNdEx := len(m.Sources) - 1; iNdEx >= 0; iNdEx-- { { @@ -8771,30 +8275,6 @@ func (m *GitGenerator) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - if len(m.Values) > 0 { - keysForValues := make([]string, 0, len(m.Values)) - for k := range m.Values { - keysForValues = append(keysForValues, string(k)) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForValues) - for iNdEx := len(keysForValues) - 1; iNdEx >= 0; iNdEx-- { - v := m.Values[string(keysForValues[iNdEx])] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarintGenerated(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(keysForValues[iNdEx]) - copy(dAtA[i:], keysForValues[iNdEx]) - i = encodeVarintGenerated(dAtA, i, uint64(len(keysForValues[iNdEx]))) - i-- - dAtA[i] = 0xa - i = encodeVarintGenerated(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x42 - } - } i -= len(m.PathParamPrefix) copy(dAtA[i:], m.PathParamPrefix) i = encodeVarintGenerated(dAtA, i, uint64(len(m.PathParamPrefix))) @@ -10174,168 +9654,6 @@ func (m *OverrideIgnoreDiff) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *PluginConfigMapRef) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *PluginConfigMapRef) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *PluginConfigMapRef) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0xa - return len(dAtA) - i, nil -} - -func (m *PluginGenerator) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *PluginGenerator) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *PluginGenerator) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.Values) > 0 { - keysForValues := make([]string, 0, len(m.Values)) - for k := range m.Values { - keysForValues = append(keysForValues, string(k)) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForValues) - for iNdEx := len(keysForValues) - 1; iNdEx >= 0; iNdEx-- { - v := m.Values[string(keysForValues[iNdEx])] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarintGenerated(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(keysForValues[iNdEx]) - copy(dAtA[i:], keysForValues[iNdEx]) - i = encodeVarintGenerated(dAtA, i, uint64(len(keysForValues[iNdEx]))) - i-- - dAtA[i] = 0xa - i = encodeVarintGenerated(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x2a - } - } - { - size, err := m.Template.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x22 - if m.RequeueAfterSeconds != nil { - i = encodeVarintGenerated(dAtA, i, uint64(*m.RequeueAfterSeconds)) - i-- - dAtA[i] = 0x18 - } - { - size, err := m.Input.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - { - size, err := m.ConfigMapRef.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - return len(dAtA) - i, nil -} - -func (m *PluginInput) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *PluginInput) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *PluginInput) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.Parameters) > 0 { - keysForParameters := make([]string, 0, len(m.Parameters)) - for k := range m.Parameters { - keysForParameters = append(keysForParameters, string(k)) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForParameters) - for iNdEx := len(keysForParameters) - 1; iNdEx >= 0; iNdEx-- { - v := m.Parameters[string(keysForParameters[iNdEx])] - baseI := i - { - size, err := (&v).MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x12 - i -= len(keysForParameters[iNdEx]) - copy(dAtA[i:], keysForParameters[iNdEx]) - i = encodeVarintGenerated(dAtA, i, uint64(len(keysForParameters[iNdEx]))) - i-- - dAtA[i] = 0xa - i = encodeVarintGenerated(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0xa - } - } - return len(dAtA) - i, nil -} - func (m *ProjectRole) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -10421,30 +9739,6 @@ func (m *PullRequestGenerator) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - if m.AzureDevOps != nil { - { - size, err := m.AzureDevOps.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x4a - } - if m.Bitbucket != nil { - { - size, err := m.Bitbucket.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x42 - } { size, err := m.Template.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -10525,132 +9819,6 @@ func (m *PullRequestGenerator) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *PullRequestGeneratorAzureDevOps) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *PullRequestGeneratorAzureDevOps) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *PullRequestGeneratorAzureDevOps) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if len(m.Labels) > 0 { - for iNdEx := len(m.Labels) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.Labels[iNdEx]) - copy(dAtA[i:], m.Labels[iNdEx]) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Labels[iNdEx]))) - i-- - dAtA[i] = 0x32 - } - } - if m.TokenRef != nil { - { - size, err := m.TokenRef.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x2a - } - i -= len(m.API) - copy(dAtA[i:], m.API) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.API))) - i-- - dAtA[i] = 0x22 - i -= len(m.Repo) - copy(dAtA[i:], m.Repo) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Repo))) - i-- - dAtA[i] = 0x1a - i -= len(m.Project) - copy(dAtA[i:], m.Project) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Project))) - i-- - dAtA[i] = 0x12 - i -= len(m.Organization) - copy(dAtA[i:], m.Organization) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Organization))) - i-- - dAtA[i] = 0xa - return len(dAtA) - i, nil -} - -func (m *PullRequestGeneratorBitbucket) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *PullRequestGeneratorBitbucket) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *PullRequestGeneratorBitbucket) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.BearerToken != nil { - { - size, err := m.BearerToken.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x2a - } - if m.BasicAuth != nil { - { - size, err := m.BasicAuth.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x22 - } - i -= len(m.API) - copy(dAtA[i:], m.API) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.API))) - i-- - dAtA[i] = 0x1a - i -= len(m.Repo) - copy(dAtA[i:], m.Repo) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Repo))) - i-- - dAtA[i] = 0x12 - i -= len(m.Owner) - copy(dAtA[i:], m.Owner) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Owner))) - i-- - dAtA[i] = 0xa - return len(dAtA) - i, nil -} - func (m *PullRequestGeneratorBitbucketServer) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -10721,13 +9889,6 @@ func (m *PullRequestGeneratorFilter) MarshalToSizedBuffer(dAtA []byte) (int, err _ = i var l int _ = l - if m.TargetBranchMatch != nil { - i -= len(*m.TargetBranchMatch) - copy(dAtA[i:], *m.TargetBranchMatch) - i = encodeVarintGenerated(dAtA, i, uint64(len(*m.TargetBranchMatch))) - i-- - dAtA[i] = 0x12 - } if m.BranchMatch != nil { i -= len(*m.BranchMatch) copy(dAtA[i:], *m.BranchMatch) @@ -10758,14 +9919,6 @@ func (m *PullRequestGeneratorGitLab) MarshalToSizedBuffer(dAtA []byte) (int, err _ = i var l int _ = l - i-- - if m.Insecure { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x30 i -= len(m.PullRequestState) copy(dAtA[i:], m.PullRequestState) i = encodeVarintGenerated(dAtA, i, uint64(len(m.PullRequestState))) @@ -11451,16 +10604,6 @@ func (m *ResourceAction) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - i -= len(m.DisplayName) - copy(dAtA[i:], m.DisplayName) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.DisplayName))) - i-- - dAtA[i] = 0x2a - i -= len(m.IconClass) - copy(dAtA[i:], m.IconClass) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.IconClass))) - i-- - dAtA[i] = 0x22 i-- if m.Disabled { dAtA[i] = 1 @@ -12007,16 +11150,6 @@ func (m *ResourceOverride) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - { - size, err := m.IgnoreResourceUpdates.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x32 i-- if m.UseOpenLibs { dAtA[i] = 1 @@ -12473,42 +11606,6 @@ func (m *SCMProviderGenerator) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - if m.AWSCodeCommit != nil { - { - size, err := m.AWSCodeCommit.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x62 - } - if len(m.Values) > 0 { - keysForValues := make([]string, 0, len(m.Values)) - for k := range m.Values { - keysForValues = append(keysForValues, string(k)) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForValues) - for iNdEx := len(keysForValues) - 1; iNdEx >= 0; iNdEx-- { - v := m.Values[string(keysForValues[iNdEx])] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarintGenerated(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(keysForValues[iNdEx]) - copy(dAtA[i:], keysForValues[iNdEx]) - i = encodeVarintGenerated(dAtA, i, uint64(len(keysForValues[iNdEx]))) - i-- - dAtA[i] = 0xa - i = encodeVarintGenerated(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x5a - } - } { size, err := m.Template.MarshalToSizedBuffer(dAtA[:i]) if err != nil { @@ -12618,61 +11715,6 @@ func (m *SCMProviderGenerator) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *SCMProviderGeneratorAWSCodeCommit) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *SCMProviderGeneratorAWSCodeCommit) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *SCMProviderGeneratorAWSCodeCommit) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - i-- - if m.AllBranches { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x20 - i -= len(m.Region) - copy(dAtA[i:], m.Region) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Region))) - i-- - dAtA[i] = 0x1a - i -= len(m.Role) - copy(dAtA[i:], m.Role) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Role))) - i-- - dAtA[i] = 0x12 - if len(m.TagFilters) > 0 { - for iNdEx := len(m.TagFilters) - 1; iNdEx >= 0; iNdEx-- { - { - size, err := m.TagFilters[iNdEx].MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - } - } - return len(dAtA) - i, nil -} - func (m *SCMProviderGeneratorAzureDevOps) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -13038,29 +12080,6 @@ func (m *SCMProviderGeneratorGitlab) MarshalToSizedBuffer(dAtA []byte) (int, err _ = i var l int _ = l - i -= len(m.Topic) - copy(dAtA[i:], m.Topic) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Topic))) - i-- - dAtA[i] = 0x42 - if m.IncludeSharedProjects != nil { - i-- - if *m.IncludeSharedProjects { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x38 - } - i-- - if m.Insecure { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x30 i-- if m.AllBranches { dAtA[i] = 1 @@ -13349,18 +12368,6 @@ func (m *SyncOperationResult) MarshalToSizedBuffer(dAtA []byte) (int, error) { _ = i var l int _ = l - if m.ManagedNamespaceMetadata != nil { - { - size, err := m.ManagedNamespaceMetadata.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintGenerated(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0x32 - } if len(m.Revisions) > 0 { for iNdEx := len(m.Revisions) - 1; iNdEx >= 0; iNdEx-- { i -= len(m.Revisions[iNdEx]) @@ -13829,39 +12836,6 @@ func (m *TLSClientConfig) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *TagFilter) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *TagFilter) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *TagFilter) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - i -= len(m.Value) - copy(dAtA[i:], m.Value) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Value))) - i-- - dAtA[i] = 0x12 - i -= len(m.Key) - copy(dAtA[i:], m.Key) - i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key))) - i-- - dAtA[i] = 0xa - return len(dAtA) - i, nil -} - func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int { offset -= sovGenerated(v) base := offset @@ -14213,10 +13187,6 @@ func (m *ApplicationSetGenerator) Size() (n int) { l = m.Selector.Size() n += 1 + l + sovGenerated(uint64(l)) } - if m.Plugin != nil { - l = m.Plugin.Size() - n += 1 + l + sovGenerated(uint64(l)) - } return n } @@ -14279,10 +13249,6 @@ func (m *ApplicationSetNestedGenerator) Size() (n int) { l = m.Selector.Size() n += 1 + l + sovGenerated(uint64(l)) } - if m.Plugin != nil { - l = m.Plugin.Size() - n += 1 + l + sovGenerated(uint64(l)) - } return n } @@ -14347,13 +13313,6 @@ func (m *ApplicationSetSpec) Size() (n int) { l = m.PreservedFields.Size() n += 1 + l + sovGenerated(uint64(l)) } - if len(m.GoTemplateOptions) > 0 { - for _, s := range m.GoTemplateOptions { - l = len(s) - n += 1 + l + sovGenerated(uint64(l)) - } - } - n += 2 return n } @@ -14400,10 +13359,6 @@ func (m *ApplicationSetSyncPolicy) Size() (n int) { var l int _ = l n += 2 - if m.ApplicationsSync != nil { - l = len(*m.ApplicationsSync) - n += 1 + l + sovGenerated(uint64(l)) - } return n } @@ -14485,14 +13440,6 @@ func (m *ApplicationSetTerminalGenerator) Size() (n int) { l = m.PullRequest.Size() n += 1 + l + sovGenerated(uint64(l)) } - if m.Plugin != nil { - l = m.Plugin.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - if m.Selector != nil { - l = m.Selector.Size() - n += 1 + l + sovGenerated(uint64(l)) - } return n } @@ -14580,10 +13527,6 @@ func (m *ApplicationSourceHelm) Size() (n int) { n += 2 n += 2 n += 2 - if m.ValuesObject != nil { - l = m.ValuesObject.Size() - n += 1 + l + sovGenerated(uint64(l)) - } return n } @@ -14802,8 +13745,6 @@ func (m *ApplicationStatus) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) } } - l = len(m.ControllerNamespace) - n += 1 + l + sovGenerated(uint64(l)) return n } @@ -14899,38 +13840,6 @@ func (m *BasicAuthBitbucketServer) Size() (n int) { return n } -func (m *BearerTokenBitbucketCloud) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.TokenRef != nil { - l = m.TokenRef.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - return n -} - -func (m *ChartDetails) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Description) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.Home) - n += 1 + l + sovGenerated(uint64(l)) - if len(m.Maintainers) > 0 { - for _, s := range m.Maintainers { - l = len(s) - n += 1 + l + sovGenerated(uint64(l)) - } - } - return n -} - func (m *Cluster) Size() (n int) { if m == nil { return 0 @@ -15121,12 +14030,6 @@ func (m *ComparedTo) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) } } - if len(m.IgnoreDifferences) > 0 { - for _, e := range m.IgnoreDifferences { - l = e.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - } return n } @@ -15302,14 +14205,6 @@ func (m *GitGenerator) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) l = len(m.PathParamPrefix) n += 1 + l + sovGenerated(uint64(l)) - if len(m.Values) > 0 { - for k, v := range m.Values { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v))) - n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize)) - } - } return n } @@ -15819,61 +14714,6 @@ func (m *OverrideIgnoreDiff) Size() (n int) { return n } -func (m *PluginConfigMapRef) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Name) - n += 1 + l + sovGenerated(uint64(l)) - return n -} - -func (m *PluginGenerator) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = m.ConfigMapRef.Size() - n += 1 + l + sovGenerated(uint64(l)) - l = m.Input.Size() - n += 1 + l + sovGenerated(uint64(l)) - if m.RequeueAfterSeconds != nil { - n += 1 + sovGenerated(uint64(*m.RequeueAfterSeconds)) - } - l = m.Template.Size() - n += 1 + l + sovGenerated(uint64(l)) - if len(m.Values) > 0 { - for k, v := range m.Values { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v))) - n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize)) - } - } - return n -} - -func (m *PluginInput) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.Parameters) > 0 { - for k, v := range m.Parameters { - _ = k - _ = v - l = v.Size() - mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l)) - n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize)) - } - } - return n -} - func (m *ProjectRole) Size() (n int) { if m == nil { return 0 @@ -15938,64 +14778,6 @@ func (m *PullRequestGenerator) Size() (n int) { } l = m.Template.Size() n += 1 + l + sovGenerated(uint64(l)) - if m.Bitbucket != nil { - l = m.Bitbucket.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - if m.AzureDevOps != nil { - l = m.AzureDevOps.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - return n -} - -func (m *PullRequestGeneratorAzureDevOps) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Organization) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.Project) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.Repo) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.API) - n += 1 + l + sovGenerated(uint64(l)) - if m.TokenRef != nil { - l = m.TokenRef.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - if len(m.Labels) > 0 { - for _, s := range m.Labels { - l = len(s) - n += 1 + l + sovGenerated(uint64(l)) - } - } - return n -} - -func (m *PullRequestGeneratorBitbucket) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Owner) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.Repo) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.API) - n += 1 + l + sovGenerated(uint64(l)) - if m.BasicAuth != nil { - l = m.BasicAuth.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - if m.BearerToken != nil { - l = m.BearerToken.Size() - n += 1 + l + sovGenerated(uint64(l)) - } return n } @@ -16028,10 +14810,6 @@ func (m *PullRequestGeneratorFilter) Size() (n int) { l = len(*m.BranchMatch) n += 1 + l + sovGenerated(uint64(l)) } - if m.TargetBranchMatch != nil { - l = len(*m.TargetBranchMatch) - n += 1 + l + sovGenerated(uint64(l)) - } return n } @@ -16057,7 +14835,6 @@ func (m *PullRequestGeneratorGitLab) Size() (n int) { } l = len(m.PullRequestState) n += 1 + l + sovGenerated(uint64(l)) - n += 2 return n } @@ -16290,10 +15067,6 @@ func (m *ResourceAction) Size() (n int) { } } n += 2 - l = len(m.IconClass) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.DisplayName) - n += 1 + l + sovGenerated(uint64(l)) return n } @@ -16515,8 +15288,6 @@ func (m *ResourceOverride) Size() (n int) { } } n += 2 - l = m.IgnoreResourceUpdates.Size() - n += 1 + l + sovGenerated(uint64(l)) return n } @@ -16710,38 +15481,6 @@ func (m *SCMProviderGenerator) Size() (n int) { } l = m.Template.Size() n += 1 + l + sovGenerated(uint64(l)) - if len(m.Values) > 0 { - for k, v := range m.Values { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + len(v) + sovGenerated(uint64(len(v))) - n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize)) - } - } - if m.AWSCodeCommit != nil { - l = m.AWSCodeCommit.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - return n -} - -func (m *SCMProviderGeneratorAWSCodeCommit) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.TagFilters) > 0 { - for _, e := range m.TagFilters { - l = e.Size() - n += 1 + l + sovGenerated(uint64(l)) - } - } - l = len(m.Role) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.Region) - n += 1 + l + sovGenerated(uint64(l)) - n += 2 return n } @@ -16889,12 +15628,6 @@ func (m *SCMProviderGeneratorGitlab) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) } n += 2 - n += 2 - if m.IncludeSharedProjects != nil { - n += 2 - } - l = len(m.Topic) - n += 1 + l + sovGenerated(uint64(l)) return n } @@ -17018,10 +15751,6 @@ func (m *SyncOperationResult) Size() (n int) { n += 1 + l + sovGenerated(uint64(l)) } } - if m.ManagedNamespaceMetadata != nil { - l = m.ManagedNamespaceMetadata.Size() - n += 1 + l + sovGenerated(uint64(l)) - } return n } @@ -17183,19 +15912,6 @@ func (m *TLSClientConfig) Size() (n int) { return n } -func (m *TagFilter) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Key) - n += 1 + l + sovGenerated(uint64(l)) - l = len(m.Value) - n += 1 + l + sovGenerated(uint64(l)) - return n -} - func sovGenerated(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -17452,7 +16168,6 @@ func (this *ApplicationSetGenerator) String() string { `Matrix:` + strings.Replace(this.Matrix.String(), "MatrixGenerator", "MatrixGenerator", 1) + `,`, `Merge:` + strings.Replace(this.Merge.String(), "MergeGenerator", "MergeGenerator", 1) + `,`, `Selector:` + strings.Replace(fmt.Sprintf("%v", this.Selector), "LabelSelector", "v1.LabelSelector", 1) + `,`, - `Plugin:` + strings.Replace(this.Plugin.String(), "PluginGenerator", "PluginGenerator", 1) + `,`, `}`, }, "") return s @@ -17487,7 +16202,6 @@ func (this *ApplicationSetNestedGenerator) String() string { `Matrix:` + strings.Replace(fmt.Sprintf("%v", this.Matrix), "JSON", "v11.JSON", 1) + `,`, `Merge:` + strings.Replace(fmt.Sprintf("%v", this.Merge), "JSON", "v11.JSON", 1) + `,`, `Selector:` + strings.Replace(fmt.Sprintf("%v", this.Selector), "LabelSelector", "v1.LabelSelector", 1) + `,`, - `Plugin:` + strings.Replace(this.Plugin.String(), "PluginGenerator", "PluginGenerator", 1) + `,`, `}`, }, "") return s @@ -17539,8 +16253,6 @@ func (this *ApplicationSetSpec) String() string { `SyncPolicy:` + strings.Replace(this.SyncPolicy.String(), "ApplicationSetSyncPolicy", "ApplicationSetSyncPolicy", 1) + `,`, `Strategy:` + strings.Replace(this.Strategy.String(), "ApplicationSetStrategy", "ApplicationSetStrategy", 1) + `,`, `PreservedFields:` + strings.Replace(this.PreservedFields.String(), "ApplicationPreservedFields", "ApplicationPreservedFields", 1) + `,`, - `GoTemplateOptions:` + fmt.Sprintf("%v", this.GoTemplateOptions) + `,`, - `ApplyNestedSelectors:` + fmt.Sprintf("%v", this.ApplyNestedSelectors) + `,`, `}`, }, "") return s @@ -17583,7 +16295,6 @@ func (this *ApplicationSetSyncPolicy) String() string { } s := strings.Join([]string{`&ApplicationSetSyncPolicy{`, `PreserveResourcesOnDeletion:` + fmt.Sprintf("%v", this.PreserveResourcesOnDeletion) + `,`, - `ApplicationsSync:` + valueToStringGenerated(this.ApplicationsSync) + `,`, `}`, }, "") return s @@ -17644,8 +16355,6 @@ func (this *ApplicationSetTerminalGenerator) String() string { `SCMProvider:` + strings.Replace(this.SCMProvider.String(), "SCMProviderGenerator", "SCMProviderGenerator", 1) + `,`, `ClusterDecisionResource:` + strings.Replace(this.ClusterDecisionResource.String(), "DuckTypeGenerator", "DuckTypeGenerator", 1) + `,`, `PullRequest:` + strings.Replace(this.PullRequest.String(), "PullRequestGenerator", "PullRequestGenerator", 1) + `,`, - `Plugin:` + strings.Replace(this.Plugin.String(), "PluginGenerator", "PluginGenerator", 1) + `,`, - `Selector:` + strings.Replace(fmt.Sprintf("%v", this.Selector), "LabelSelector", "v1.LabelSelector", 1) + `,`, `}`, }, "") return s @@ -17705,7 +16414,6 @@ func (this *ApplicationSourceHelm) String() string { `PassCredentials:` + fmt.Sprintf("%v", this.PassCredentials) + `,`, `IgnoreMissingValueFiles:` + fmt.Sprintf("%v", this.IgnoreMissingValueFiles) + `,`, `SkipCrds:` + fmt.Sprintf("%v", this.SkipCrds) + `,`, - `ValuesObject:` + strings.Replace(fmt.Sprintf("%v", this.ValuesObject), "RawExtension", "runtime.RawExtension", 1) + `,`, `}`, }, "") return s @@ -17876,7 +16584,6 @@ func (this *ApplicationStatus) String() string { `Summary:` + strings.Replace(strings.Replace(this.Summary.String(), "ApplicationSummary", "ApplicationSummary", 1), `&`, ``, 1) + `,`, `ResourceHealthSource:` + fmt.Sprintf("%v", this.ResourceHealthSource) + `,`, `SourceTypes:` + fmt.Sprintf("%v", this.SourceTypes) + `,`, - `ControllerNamespace:` + fmt.Sprintf("%v", this.ControllerNamespace) + `,`, `}`, }, "") return s @@ -17953,28 +16660,6 @@ func (this *BasicAuthBitbucketServer) String() string { }, "") return s } -func (this *BearerTokenBitbucketCloud) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&BearerTokenBitbucketCloud{`, - `TokenRef:` + strings.Replace(this.TokenRef.String(), "SecretRef", "SecretRef", 1) + `,`, - `}`, - }, "") - return s -} -func (this *ChartDetails) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&ChartDetails{`, - `Description:` + fmt.Sprintf("%v", this.Description) + `,`, - `Home:` + fmt.Sprintf("%v", this.Home) + `,`, - `Maintainers:` + fmt.Sprintf("%v", this.Maintainers) + `,`, - `}`, - }, "") - return s -} func (this *Cluster) String() string { if this == nil { return "nil" @@ -18116,16 +16801,10 @@ func (this *ComparedTo) String() string { repeatedStringForSources += strings.Replace(strings.Replace(f.String(), "ApplicationSource", "ApplicationSource", 1), `&`, ``, 1) + "," } repeatedStringForSources += "}" - repeatedStringForIgnoreDifferences := "[]ResourceIgnoreDifferences{" - for _, f := range this.IgnoreDifferences { - repeatedStringForIgnoreDifferences += strings.Replace(strings.Replace(f.String(), "ResourceIgnoreDifferences", "ResourceIgnoreDifferences", 1), `&`, ``, 1) + "," - } - repeatedStringForIgnoreDifferences += "}" s := strings.Join([]string{`&ComparedTo{`, `Source:` + strings.Replace(strings.Replace(this.Source.String(), "ApplicationSource", "ApplicationSource", 1), `&`, ``, 1) + `,`, `Destination:` + strings.Replace(strings.Replace(this.Destination.String(), "ApplicationDestination", "ApplicationDestination", 1), `&`, ``, 1) + `,`, `Sources:` + repeatedStringForSources + `,`, - `IgnoreDifferences:` + repeatedStringForIgnoreDifferences + `,`, `}`, }, "") return s @@ -18262,16 +16941,6 @@ func (this *GitGenerator) String() string { repeatedStringForFiles += strings.Replace(strings.Replace(f.String(), "GitFileGeneratorItem", "GitFileGeneratorItem", 1), `&`, ``, 1) + "," } repeatedStringForFiles += "}" - keysForValues := make([]string, 0, len(this.Values)) - for k := range this.Values { - keysForValues = append(keysForValues, k) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForValues) - mapStringForValues := "map[string]string{" - for _, k := range keysForValues { - mapStringForValues += fmt.Sprintf("%v: %v,", k, this.Values[k]) - } - mapStringForValues += "}" s := strings.Join([]string{`&GitGenerator{`, `RepoURL:` + fmt.Sprintf("%v", this.RepoURL) + `,`, `Directories:` + repeatedStringForDirectories + `,`, @@ -18280,7 +16949,6 @@ func (this *GitGenerator) String() string { `RequeueAfterSeconds:` + valueToStringGenerated(this.RequeueAfterSeconds) + `,`, `Template:` + strings.Replace(strings.Replace(this.Template.String(), "ApplicationSetTemplate", "ApplicationSetTemplate", 1), `&`, ``, 1) + `,`, `PathParamPrefix:` + fmt.Sprintf("%v", this.PathParamPrefix) + `,`, - `Values:` + mapStringForValues + `,`, `}`, }, "") return s @@ -18711,60 +17379,6 @@ func (this *OverrideIgnoreDiff) String() string { }, "") return s } -func (this *PluginConfigMapRef) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&PluginConfigMapRef{`, - `Name:` + fmt.Sprintf("%v", this.Name) + `,`, - `}`, - }, "") - return s -} -func (this *PluginGenerator) String() string { - if this == nil { - return "nil" - } - keysForValues := make([]string, 0, len(this.Values)) - for k := range this.Values { - keysForValues = append(keysForValues, k) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForValues) - mapStringForValues := "map[string]string{" - for _, k := range keysForValues { - mapStringForValues += fmt.Sprintf("%v: %v,", k, this.Values[k]) - } - mapStringForValues += "}" - s := strings.Join([]string{`&PluginGenerator{`, - `ConfigMapRef:` + strings.Replace(strings.Replace(this.ConfigMapRef.String(), "PluginConfigMapRef", "PluginConfigMapRef", 1), `&`, ``, 1) + `,`, - `Input:` + strings.Replace(strings.Replace(this.Input.String(), "PluginInput", "PluginInput", 1), `&`, ``, 1) + `,`, - `RequeueAfterSeconds:` + valueToStringGenerated(this.RequeueAfterSeconds) + `,`, - `Template:` + strings.Replace(strings.Replace(this.Template.String(), "ApplicationSetTemplate", "ApplicationSetTemplate", 1), `&`, ``, 1) + `,`, - `Values:` + mapStringForValues + `,`, - `}`, - }, "") - return s -} -func (this *PluginInput) String() string { - if this == nil { - return "nil" - } - keysForParameters := make([]string, 0, len(this.Parameters)) - for k := range this.Parameters { - keysForParameters = append(keysForParameters, k) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForParameters) - mapStringForParameters := "PluginParameters{" - for _, k := range keysForParameters { - mapStringForParameters += fmt.Sprintf("%v: %v,", k, this.Parameters[k]) - } - mapStringForParameters += "}" - s := strings.Join([]string{`&PluginInput{`, - `Parameters:` + mapStringForParameters + `,`, - `}`, - }, "") - return s -} func (this *ProjectRole) String() string { if this == nil { return "nil" @@ -18801,37 +17415,6 @@ func (this *PullRequestGenerator) String() string { `Filters:` + repeatedStringForFilters + `,`, `RequeueAfterSeconds:` + valueToStringGenerated(this.RequeueAfterSeconds) + `,`, `Template:` + strings.Replace(strings.Replace(this.Template.String(), "ApplicationSetTemplate", "ApplicationSetTemplate", 1), `&`, ``, 1) + `,`, - `Bitbucket:` + strings.Replace(this.Bitbucket.String(), "PullRequestGeneratorBitbucket", "PullRequestGeneratorBitbucket", 1) + `,`, - `AzureDevOps:` + strings.Replace(this.AzureDevOps.String(), "PullRequestGeneratorAzureDevOps", "PullRequestGeneratorAzureDevOps", 1) + `,`, - `}`, - }, "") - return s -} -func (this *PullRequestGeneratorAzureDevOps) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&PullRequestGeneratorAzureDevOps{`, - `Organization:` + fmt.Sprintf("%v", this.Organization) + `,`, - `Project:` + fmt.Sprintf("%v", this.Project) + `,`, - `Repo:` + fmt.Sprintf("%v", this.Repo) + `,`, - `API:` + fmt.Sprintf("%v", this.API) + `,`, - `TokenRef:` + strings.Replace(this.TokenRef.String(), "SecretRef", "SecretRef", 1) + `,`, - `Labels:` + fmt.Sprintf("%v", this.Labels) + `,`, - `}`, - }, "") - return s -} -func (this *PullRequestGeneratorBitbucket) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&PullRequestGeneratorBitbucket{`, - `Owner:` + fmt.Sprintf("%v", this.Owner) + `,`, - `Repo:` + fmt.Sprintf("%v", this.Repo) + `,`, - `API:` + fmt.Sprintf("%v", this.API) + `,`, - `BasicAuth:` + strings.Replace(this.BasicAuth.String(), "BasicAuthBitbucketServer", "BasicAuthBitbucketServer", 1) + `,`, - `BearerToken:` + strings.Replace(this.BearerToken.String(), "BearerTokenBitbucketCloud", "BearerTokenBitbucketCloud", 1) + `,`, `}`, }, "") return s @@ -18855,7 +17438,6 @@ func (this *PullRequestGeneratorFilter) String() string { } s := strings.Join([]string{`&PullRequestGeneratorFilter{`, `BranchMatch:` + valueToStringGenerated(this.BranchMatch) + `,`, - `TargetBranchMatch:` + valueToStringGenerated(this.TargetBranchMatch) + `,`, `}`, }, "") return s @@ -18870,7 +17452,6 @@ func (this *PullRequestGeneratorGitLab) String() string { `TokenRef:` + strings.Replace(this.TokenRef.String(), "SecretRef", "SecretRef", 1) + `,`, `Labels:` + fmt.Sprintf("%v", this.Labels) + `,`, `PullRequestState:` + fmt.Sprintf("%v", this.PullRequestState) + `,`, - `Insecure:` + fmt.Sprintf("%v", this.Insecure) + `,`, `}`, }, "") return s @@ -19046,8 +17627,6 @@ func (this *ResourceAction) String() string { `Name:` + fmt.Sprintf("%v", this.Name) + `,`, `Params:` + repeatedStringForParams + `,`, `Disabled:` + fmt.Sprintf("%v", this.Disabled) + `,`, - `IconClass:` + fmt.Sprintf("%v", this.IconClass) + `,`, - `DisplayName:` + fmt.Sprintf("%v", this.DisplayName) + `,`, `}`, }, "") return s @@ -19215,7 +17794,6 @@ func (this *ResourceOverride) String() string { `Actions:` + fmt.Sprintf("%v", this.Actions) + `,`, `KnownTypeFields:` + repeatedStringForKnownTypeFields + `,`, `UseOpenLibs:` + fmt.Sprintf("%v", this.UseOpenLibs) + `,`, - `IgnoreResourceUpdates:` + strings.Replace(strings.Replace(this.IgnoreResourceUpdates.String(), "OverrideIgnoreDiff", "OverrideIgnoreDiff", 1), `&`, ``, 1) + `,`, `}`, }, "") return s @@ -19328,16 +17906,6 @@ func (this *SCMProviderGenerator) String() string { repeatedStringForFilters += strings.Replace(strings.Replace(f.String(), "SCMProviderGeneratorFilter", "SCMProviderGeneratorFilter", 1), `&`, ``, 1) + "," } repeatedStringForFilters += "}" - keysForValues := make([]string, 0, len(this.Values)) - for k := range this.Values { - keysForValues = append(keysForValues, k) - } - github_com_gogo_protobuf_sortkeys.Strings(keysForValues) - mapStringForValues := "map[string]string{" - for _, k := range keysForValues { - mapStringForValues += fmt.Sprintf("%v: %v,", k, this.Values[k]) - } - mapStringForValues += "}" s := strings.Join([]string{`&SCMProviderGenerator{`, `Github:` + strings.Replace(this.Github.String(), "SCMProviderGeneratorGithub", "SCMProviderGeneratorGithub", 1) + `,`, `Gitlab:` + strings.Replace(this.Gitlab.String(), "SCMProviderGeneratorGitlab", "SCMProviderGeneratorGitlab", 1) + `,`, @@ -19349,26 +17917,6 @@ func (this *SCMProviderGenerator) String() string { `CloneProtocol:` + fmt.Sprintf("%v", this.CloneProtocol) + `,`, `RequeueAfterSeconds:` + valueToStringGenerated(this.RequeueAfterSeconds) + `,`, `Template:` + strings.Replace(strings.Replace(this.Template.String(), "ApplicationSetTemplate", "ApplicationSetTemplate", 1), `&`, ``, 1) + `,`, - `Values:` + mapStringForValues + `,`, - `AWSCodeCommit:` + strings.Replace(this.AWSCodeCommit.String(), "SCMProviderGeneratorAWSCodeCommit", "SCMProviderGeneratorAWSCodeCommit", 1) + `,`, - `}`, - }, "") - return s -} -func (this *SCMProviderGeneratorAWSCodeCommit) String() string { - if this == nil { - return "nil" - } - repeatedStringForTagFilters := "[]*TagFilter{" - for _, f := range this.TagFilters { - repeatedStringForTagFilters += strings.Replace(f.String(), "TagFilter", "TagFilter", 1) + "," - } - repeatedStringForTagFilters += "}" - s := strings.Join([]string{`&SCMProviderGeneratorAWSCodeCommit{`, - `TagFilters:` + repeatedStringForTagFilters + `,`, - `Role:` + fmt.Sprintf("%v", this.Role) + `,`, - `Region:` + fmt.Sprintf("%v", this.Region) + `,`, - `AllBranches:` + fmt.Sprintf("%v", this.AllBranches) + `,`, `}`, }, "") return s @@ -19465,9 +18013,6 @@ func (this *SCMProviderGeneratorGitlab) String() string { `API:` + fmt.Sprintf("%v", this.API) + `,`, `TokenRef:` + strings.Replace(this.TokenRef.String(), "SecretRef", "SecretRef", 1) + `,`, `AllBranches:` + fmt.Sprintf("%v", this.AllBranches) + `,`, - `Insecure:` + fmt.Sprintf("%v", this.Insecure) + `,`, - `IncludeSharedProjects:` + valueToStringGenerated(this.IncludeSharedProjects) + `,`, - `Topic:` + fmt.Sprintf("%v", this.Topic) + `,`, `}`, }, "") return s @@ -19555,7 +18100,6 @@ func (this *SyncOperationResult) String() string { `Source:` + strings.Replace(strings.Replace(this.Source.String(), "ApplicationSource", "ApplicationSource", 1), `&`, ``, 1) + `,`, `Sources:` + repeatedStringForSources + `,`, `Revisions:` + fmt.Sprintf("%v", this.Revisions) + `,`, - `ManagedNamespaceMetadata:` + strings.Replace(this.ManagedNamespaceMetadata.String(), "ManagedNamespaceMetadata", "ManagedNamespaceMetadata", 1) + `,`, `}`, }, "") return s @@ -19660,17 +18204,6 @@ func (this *TLSClientConfig) String() string { }, "") return s } -func (this *TagFilter) String() string { - if this == nil { - return "nil" - } - s := strings.Join([]string{`&TagFilter{`, - `Key:` + fmt.Sprintf("%v", this.Key) + `,`, - `Value:` + fmt.Sprintf("%v", this.Value) + `,`, - `}`, - }, "") - return s -} func valueToStringGenerated(v interface{}) string { rv := reflect.ValueOf(v) if rv.IsNil() { @@ -22468,42 +21001,6 @@ func (m *ApplicationSetGenerator) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Plugin", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Plugin == nil { - m.Plugin = &PluginGenerator{} - } - if err := m.Plugin.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -22995,9 +21492,59 @@ func (m *ApplicationSetNestedGenerator) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex - case 10: + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ApplicationSetRolloutStep) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ApplicationSetRolloutStep: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ApplicationSetRolloutStep: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Plugin", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field MatchExpressions", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -23024,10 +21571,44 @@ func (m *ApplicationSetNestedGenerator) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - if m.Plugin == nil { - m.Plugin = &PluginGenerator{} + m.MatchExpressions = append(m.MatchExpressions, ApplicationMatchExpression{}) + if err := m.MatchExpressions[len(m.MatchExpressions)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err } - if err := m.Plugin.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field MaxUpdate", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.MaxUpdate == nil { + m.MaxUpdate = &intstr.IntOrString{} + } + if err := m.MaxUpdate.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } iNdEx = postIndex @@ -23052,127 +21633,7 @@ func (m *ApplicationSetNestedGenerator) Unmarshal(dAtA []byte) error { } return nil } -func (m *ApplicationSetRolloutStep) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ApplicationSetRolloutStep: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ApplicationSetRolloutStep: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field MatchExpressions", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.MatchExpressions = append(m.MatchExpressions, ApplicationMatchExpression{}) - if err := m.MatchExpressions[len(m.MatchExpressions)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field MaxUpdate", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.MaxUpdate == nil { - m.MaxUpdate = &intstr.IntOrString{} - } - if err := m.MaxUpdate.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ApplicationSetRolloutStrategy) Unmarshal(dAtA []byte) error { +func (m *ApplicationSetRolloutStrategy) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -23480,58 +21941,6 @@ func (m *ApplicationSetSpec) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex - case 7: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field GoTemplateOptions", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.GoTemplateOptions = append(m.GoTemplateOptions, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 8: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field ApplyNestedSelectors", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.ApplyNestedSelectors = bool(v != 0) default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -23838,11 +22247,94 @@ func (m *ApplicationSetSyncPolicy) Unmarshal(dAtA []byte) error { } } m.PreserveResourcesOnDeletion = bool(v != 0) + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ApplicationSetTemplate) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ApplicationSetTemplate: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ApplicationSetTemplate: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ApplicationSetTemplateMeta", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ApplicationSetTemplateMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ApplicationsSync", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType) } - var stringLen uint64 + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGenerated @@ -23852,139 +22344,23 @@ func (m *ApplicationSetSyncPolicy) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - stringLen |= uint64(b&0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } } - intStringLen := int(stringLen) - if intStringLen < 0 { + if msglen < 0 { return ErrInvalidLengthGenerated } - postIndex := iNdEx + intStringLen + postIndex := iNdEx + msglen if postIndex < 0 { return ErrInvalidLengthGenerated } if postIndex > l { return io.ErrUnexpectedEOF - } - s := ApplicationsSyncPolicy(dAtA[iNdEx:postIndex]) - m.ApplicationsSync = &s - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ApplicationSetTemplate) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ApplicationSetTemplate: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ApplicationSetTemplate: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ApplicationSetTemplateMeta", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.ApplicationSetTemplateMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err + } + if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err } iNdEx = postIndex default: @@ -24653,227 +23029,155 @@ func (m *ApplicationSetTerminalGenerator) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ApplicationSource) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ApplicationSource: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ApplicationSource: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field RepoURL", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.RepoURL = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Path", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Path = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field TargetRevision", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.TargetRevision = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex case 7: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Plugin", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Plugin == nil { - m.Plugin = &PluginGenerator{} - } - if err := m.Plugin.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 8: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Selector", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Selector == nil { - m.Selector = &v1.LabelSelector{} - } - if err := m.Selector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ApplicationSource) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ApplicationSource: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ApplicationSource: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field RepoURL", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.RepoURL = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Path", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Path = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TargetRevision", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.TargetRevision = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 7: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Helm", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Helm", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -25552,95 +23856,59 @@ func (m *ApplicationSourceHelm) Unmarshal(dAtA []byte) error { } } m.SkipCrds = bool(v != 0) - case 10: + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ApplicationSourceJsonnet) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ApplicationSourceJsonnet: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ApplicationSourceJsonnet: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ValuesObject", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.ValuesObject == nil { - m.ValuesObject = &runtime.RawExtension{} - } - if err := m.ValuesObject.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ApplicationSourceJsonnet) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ApplicationSourceJsonnet: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ApplicationSourceJsonnet: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ExtVars", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field ExtVars", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -27397,38 +25665,6 @@ func (m *ApplicationStatus) Unmarshal(dAtA []byte) error { } m.SourceTypes = append(m.SourceTypes, ApplicationSourceType(dAtA[iNdEx:postIndex])) iNdEx = postIndex - case 13: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ControllerNamespace", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ControllerNamespace = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -28083,7 +26319,7 @@ func (m *BasicAuthBitbucketServer) Unmarshal(dAtA []byte) error { } return nil } -func (m *BearerTokenBitbucketCloud) Unmarshal(dAtA []byte) error { +func (m *Cluster) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -28106,15 +26342,79 @@ func (m *BearerTokenBitbucketCloud) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: BearerTokenBitbucketCloud: wiretype end group for non-group") + return fmt.Errorf("proto: Cluster: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: BearerTokenBitbucketCloud: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: Cluster: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TokenRef", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Server", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Server = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -28141,342 +26441,46 @@ func (m *BearerTokenBitbucketCloud) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - if m.TokenRef == nil { - m.TokenRef = &SecretRef{} - } - if err := m.TokenRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + if err := m.Config.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ConnectionState", wireType) } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF + if msglen < 0 { + return ErrInvalidLengthGenerated } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ChartDetails) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated } - if iNdEx >= l { + if postIndex > l { return io.ErrUnexpectedEOF } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break + if err := m.ConnectionState.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ChartDetails: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ChartDetails: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: + iNdEx = postIndex + case 5: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Description", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Description = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Home", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Home = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Maintainers", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Maintainers = append(m.Maintainers, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Cluster) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Cluster: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Cluster: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Server", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Server = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Config.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ConnectionState", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.ConnectionState.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ServerVersion", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field ServerVersion", wireType) } var stringLen uint64 for shift := uint(0); ; shift += 7 { @@ -30131,40 +28135,6 @@ func (m *ComparedTo) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field IgnoreDifferences", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.IgnoreDifferences = append(m.IgnoreDifferences, ResourceIgnoreDifferences{}) - if err := m.IgnoreDifferences[len(m.IgnoreDifferences)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -31829,133 +29799,6 @@ func (m *GitGenerator) Unmarshal(dAtA []byte) error { } m.PathParamPrefix = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 8: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Values", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Values == nil { - m.Values = make(map[string]string) - } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthGenerated - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLengthGenerated - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLengthGenerated - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue < 0 { - return ErrInvalidLengthGenerated - } - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Values[mapkey] = mapvalue - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -36111,7 +33954,7 @@ func (m *OverrideIgnoreDiff) Unmarshal(dAtA []byte) error { } return nil } -func (m *PluginConfigMapRef) Unmarshal(dAtA []byte) error { +func (m *ProjectRole) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -36134,10 +33977,10 @@ func (m *PluginConfigMapRef) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: PluginConfigMapRef: wiretype end group for non-group") + return fmt.Errorf("proto: ProjectRole: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: PluginConfigMapRef: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: ProjectRole: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: @@ -36172,630 +34015,73 @@ func (m *PluginConfigMapRef) Unmarshal(dAtA []byte) error { } m.Name = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Description", wireType) } - if (skippy < 0) || (iNdEx+skippy) < 0 { + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { return ErrInvalidLengthGenerated } - if (iNdEx + skippy) > l { + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { return io.ErrUnexpectedEOF } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *PluginGenerator) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated + m.Description = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Policies", wireType) } - if iNdEx >= l { - return io.ErrUnexpectedEOF + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: PluginGenerator: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: PluginGenerator: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Policies = append(m.Policies, string(dAtA[iNdEx:postIndex])) + iNdEx = postIndex + case 4: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ConfigMapRef", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.ConfigMapRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Input", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Input.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 3: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field RequeueAfterSeconds", wireType) - } - var v int64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.RequeueAfterSeconds = &v - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Template", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Template.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Values", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Values == nil { - m.Values = make(map[string]string) - } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthGenerated - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLengthGenerated - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLengthGenerated - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue < 0 { - return ErrInvalidLengthGenerated - } - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Values[mapkey] = mapvalue - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *PluginInput) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: PluginInput: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: PluginInput: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Parameters", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Parameters == nil { - m.Parameters = make(PluginParameters) - } - var mapkey string - mapvalue := &v11.JSON{} - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthGenerated - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLengthGenerated - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var mapmsglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - mapmsglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if mapmsglen < 0 { - return ErrInvalidLengthGenerated - } - postmsgIndex := iNdEx + mapmsglen - if postmsgIndex < 0 { - return ErrInvalidLengthGenerated - } - if postmsgIndex > l { - return io.ErrUnexpectedEOF - } - mapvalue = &v11.JSON{} - if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil { - return err - } - iNdEx = postmsgIndex - } else { - iNdEx = entryPreIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Parameters[mapkey] = *mapvalue - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ProjectRole) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ProjectRole: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ProjectRole: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Description", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Description = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Policies", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Policies = append(m.Policies, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field JWTTokens", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field JWTTokens", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -37046,391 +34332,18 @@ func (m *PullRequestGenerator) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - if m.BitbucketServer == nil { - m.BitbucketServer = &PullRequestGeneratorBitbucketServer{} - } - if err := m.BitbucketServer.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Filters", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Filters = append(m.Filters, PullRequestGeneratorFilter{}) - if err := m.Filters[len(m.Filters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 6: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field RequeueAfterSeconds", wireType) - } - var v int64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.RequeueAfterSeconds = &v - case 7: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Template", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Template.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 8: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Bitbucket", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Bitbucket == nil { - m.Bitbucket = &PullRequestGeneratorBitbucket{} - } - if err := m.Bitbucket.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 9: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AzureDevOps", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.AzureDevOps == nil { - m.AzureDevOps = &PullRequestGeneratorAzureDevOps{} - } - if err := m.AzureDevOps.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *PullRequestGeneratorAzureDevOps) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: PullRequestGeneratorAzureDevOps: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: PullRequestGeneratorAzureDevOps: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Organization", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Organization = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Project", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Project = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Repo", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Repo = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field API", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.API = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TokenRef", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.TokenRef == nil { - m.TokenRef = &SecretRef{} + if m.BitbucketServer == nil { + m.BitbucketServer = &PullRequestGeneratorBitbucketServer{} } - if err := m.TokenRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + if err := m.BitbucketServer.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } iNdEx = postIndex - case 6: + case 5: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Labels", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Filters", wireType) } - var stringLen uint64 + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGenerated @@ -37440,175 +34353,31 @@ func (m *PullRequestGeneratorAzureDevOps) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - stringLen |= uint64(b&0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } } - intStringLen := int(stringLen) - if intStringLen < 0 { + if msglen < 0 { return ErrInvalidLengthGenerated } - postIndex := iNdEx + intStringLen + postIndex := iNdEx + msglen if postIndex < 0 { return ErrInvalidLengthGenerated } if postIndex > l { return io.ErrUnexpectedEOF } - m.Labels = append(m.Labels, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { + m.Filters = append(m.Filters, PullRequestGeneratorFilter{}) + if err := m.Filters[len(m.Filters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *PullRequestGeneratorBitbucket) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: PullRequestGeneratorBitbucket: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: PullRequestGeneratorBitbucket: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Owner", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Owner = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Repo", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Repo = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field API", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.API = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field BasicAuth", wireType) + case 6: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field RequeueAfterSeconds", wireType) } - var msglen int + var v int64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGenerated @@ -37618,31 +34387,15 @@ func (m *PullRequestGeneratorBitbucket) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - msglen |= int(b&0x7F) << shift + v |= int64(b&0x7F) << shift if b < 0x80 { break } } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.BasicAuth == nil { - m.BasicAuth = &BasicAuthBitbucketServer{} - } - if err := m.BasicAuth.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 5: + m.RequeueAfterSeconds = &v + case 7: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field BearerToken", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Template", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -37669,10 +34422,7 @@ func (m *PullRequestGeneratorBitbucket) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - if m.BearerToken == nil { - m.BearerToken = &BearerTokenBitbucketCloud{} - } - if err := m.BearerToken.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + if err := m.Template.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } iNdEx = postIndex @@ -37941,39 +34691,6 @@ func (m *PullRequestGeneratorFilter) Unmarshal(dAtA []byte) error { s := string(dAtA[iNdEx:postIndex]) m.BranchMatch = &s iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TargetBranchMatch", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - s := string(dAtA[iNdEx:postIndex]) - m.TargetBranchMatch = &s - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -38154,45 +34871,13 @@ func (m *PullRequestGeneratorGitLab) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Labels = append(m.Labels, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field PullRequestState", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.PullRequestState = string(dAtA[iNdEx:postIndex]) + m.Labels = append(m.Labels, string(dAtA[iNdEx:postIndex])) iNdEx = postIndex - case 6: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Insecure", wireType) + case 5: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field PullRequestState", wireType) } - var v int + var stringLen uint64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGenerated @@ -38202,12 +34887,24 @@ func (m *PullRequestGeneratorGitLab) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= int(b&0x7F) << shift + stringLen |= uint64(b&0x7F) << shift if b < 0x80 { break } } - m.Insecure = bool(v != 0) + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.PullRequestState = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -40290,241 +36987,7 @@ func (m *RepositoryCertificate) Unmarshal(dAtA []byte) error { } return nil } -func (m *RepositoryCertificateList) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: RepositoryCertificateList: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: RepositoryCertificateList: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Items = append(m.Items, RepositoryCertificate{}) - if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *RepositoryList) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: RepositoryList: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: RepositoryList: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Items = append(m.Items, &Repository{}) - if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ResourceAction) Unmarshal(dAtA []byte) error { +func (m *RepositoryCertificateList) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 for iNdEx < l { @@ -40547,17 +37010,17 @@ func (m *ResourceAction) Unmarshal(dAtA []byte) error { fieldNum := int32(wire >> 3) wireType := int(wire & 0x7) if wireType == 4 { - return fmt.Errorf("proto: ResourceAction: wiretype end group for non-group") + return fmt.Errorf("proto: RepositoryCertificateList: wiretype end group for non-group") } if fieldNum <= 0 { - return fmt.Errorf("proto: ResourceAction: illegal tag %d (wire type %d)", fieldNum, wire) + return fmt.Errorf("proto: RepositoryCertificateList: illegal tag %d (wire type %d)", fieldNum, wire) } switch fieldNum { case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) } - var stringLen uint64 + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGenerated @@ -40567,27 +37030,28 @@ func (m *ResourceAction) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - stringLen |= uint64(b&0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } } - intStringLen := int(stringLen) - if intStringLen < 0 { + if msglen < 0 { return ErrInvalidLengthGenerated } - postIndex := iNdEx + intStringLen + postIndex := iNdEx + msglen if postIndex < 0 { return ErrInvalidLengthGenerated } if postIndex > l { return io.ErrUnexpectedEOF } - m.Name = string(dAtA[iNdEx:postIndex]) + if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } iNdEx = postIndex case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Params", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) } var msglen int for shift := uint(0); ; shift += 7 { @@ -40614,16 +37078,66 @@ func (m *ResourceAction) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.Params = append(m.Params, ResourceActionParam{}) - if err := m.Params[len(m.Params)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + m.Items = append(m.Items, RepositoryCertificate{}) + if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { return err } iNdEx = postIndex - case 3: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Disabled", wireType) + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err } - var v int + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *RepositoryList) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: RepositoryList: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: RepositoryList: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType) + } + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGenerated @@ -40633,17 +37147,30 @@ func (m *ResourceAction) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= int(b&0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } } - m.Disabled = bool(v != 0) - case 4: + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 2: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field IconClass", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType) } - var stringLen uint64 + var msglen int for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGenerated @@ -40653,27 +37180,79 @@ func (m *ResourceAction) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - stringLen |= uint64(b&0x7F) << shift + msglen |= int(b&0x7F) << shift if b < 0x80 { break } } - intStringLen := int(stringLen) - if intStringLen < 0 { + if msglen < 0 { return ErrInvalidLengthGenerated } - postIndex := iNdEx + intStringLen + postIndex := iNdEx + msglen if postIndex < 0 { return ErrInvalidLengthGenerated } if postIndex > l { return io.ErrUnexpectedEOF } - m.IconClass = string(dAtA[iNdEx:postIndex]) + m.Items = append(m.Items, &Repository{}) + if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } iNdEx = postIndex - case 5: + default: + iNdEx = preIndex + skippy, err := skipGenerated(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthGenerated + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *ResourceAction) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: ResourceAction: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: ResourceAction: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field DisplayName", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) } var stringLen uint64 for shift := uint(0); ; shift += 7 { @@ -40701,8 +37280,62 @@ func (m *ResourceAction) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.DisplayName = string(dAtA[iNdEx:postIndex]) + m.Name = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Params", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Params = append(m.Params, ResourceActionParam{}) + if err := m.Params[len(m.Params)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } iNdEx = postIndex + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Disabled", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + m.Disabled = bool(v != 0) default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -42723,39 +39356,6 @@ func (m *ResourceOverride) Unmarshal(dAtA []byte) error { } } m.UseOpenLibs = bool(v != 0) - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field IgnoreResourceUpdates", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.IgnoreResourceUpdates.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -44620,377 +41220,13 @@ func (m *SCMProviderGenerator) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - m.CloneProtocol = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 9: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field RequeueAfterSeconds", wireType) - } - var v int64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.RequeueAfterSeconds = &v - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Template", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if err := m.Template.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 11: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Values", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Values == nil { - m.Values = make(map[string]string) - } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthGenerated - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLengthGenerated - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLengthGenerated - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue < 0 { - return ErrInvalidLengthGenerated - } - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Values[mapkey] = mapvalue - iNdEx = postIndex - case 12: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AWSCodeCommit", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.AWSCodeCommit == nil { - m.AWSCodeCommit = &SCMProviderGeneratorAWSCodeCommit{} - } - if err := m.AWSCodeCommit.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *SCMProviderGeneratorAWSCodeCommit) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: SCMProviderGeneratorAWSCodeCommit: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: SCMProviderGeneratorAWSCodeCommit: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TagFilters", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.TagFilters = append(m.TagFilters, &TagFilter{}) - if err := m.TagFilters[len(m.TagFilters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Role", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Role = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Region", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Region = string(dAtA[iNdEx:postIndex]) + m.CloneProtocol = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex - case 4: + case 9: if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field AllBranches", wireType) + return fmt.Errorf("proto: wrong wireType = %d for field RequeueAfterSeconds", wireType) } - var v int + var v int64 for shift := uint(0); ; shift += 7 { if shift >= 64 { return ErrIntOverflowGenerated @@ -45000,12 +41236,45 @@ func (m *SCMProviderGeneratorAWSCodeCommit) Unmarshal(dAtA []byte) error { } b := dAtA[iNdEx] iNdEx++ - v |= int(b&0x7F) << shift + v |= int64(b&0x7F) << shift if b < 0x80 { break } } - m.AllBranches = bool(v != 0) + m.RequeueAfterSeconds = &v + case 10: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Template", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowGenerated + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthGenerated + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthGenerated + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := m.Template.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -46343,79 +42612,6 @@ func (m *SCMProviderGeneratorGitlab) Unmarshal(dAtA []byte) error { } } m.AllBranches = bool(v != 0) - case 6: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Insecure", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.Insecure = bool(v != 0) - case 7: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field IncludeSharedProjects", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - b := bool(v != 0) - m.IncludeSharedProjects = &b - case 8: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Topic", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Topic = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -47363,42 +43559,6 @@ func (m *SyncOperationResult) Unmarshal(dAtA []byte) error { } m.Revisions = append(m.Revisions, string(dAtA[iNdEx:postIndex])) iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ManagedNamespaceMetadata", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.ManagedNamespaceMetadata == nil { - m.ManagedNamespaceMetadata = &ManagedNamespaceMetadata{} - } - if err := m.ManagedNamespaceMetadata.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipGenerated(dAtA[iNdEx:]) @@ -48672,120 +44832,6 @@ func (m *TLSClientConfig) Unmarshal(dAtA []byte) error { } return nil } -func (m *TagFilter) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: TagFilter: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: TagFilter: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Key = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowGenerated - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthGenerated - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthGenerated - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Value = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipGenerated(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthGenerated - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} func skipGenerated(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 diff --git a/pkg/apis/application/v1alpha1/generated.proto b/pkg/apis/application/v1alpha1/generated.proto index 1d92a5a4d0ef8..8a7d4b8e0dd9e 100644 --- a/pkg/apis/application/v1alpha1/generated.proto +++ b/pkg/apis/application/v1alpha1/generated.proto @@ -116,7 +116,7 @@ message Application { optional Operation operation = 4; } -// ApplicationCondition contains details about an application condition, which is usually an error or warning +// ApplicationCondition contains details about an application condition, which is usally an error or warning message ApplicationCondition { // Type is an application condition type optional string type = 1; @@ -130,14 +130,14 @@ message ApplicationCondition { // ApplicationDestination holds information about the application's destination message ApplicationDestination { - // Server specifies the URL of the target cluster's Kubernetes control plane API. This must be set if Name is not set. + // Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API optional string server = 1; // Namespace specifies the target namespace for the application's resources. // The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace optional string namespace = 2; - // Name is an alternate way of specifying the target cluster by its symbolic name. This must be set if Server is not set. + // Name is an alternate way of specifying the target cluster by its symbolic name optional string name = 3; } @@ -231,8 +231,6 @@ message ApplicationSetGenerator { // Selector allows to post-filter all generator. optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 9; - - optional PluginGenerator plugin = 10; } // ApplicationSetList contains a list of ApplicationSet @@ -267,8 +265,6 @@ message ApplicationSetNestedGenerator { // Selector allows to post-filter all generator. optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 9; - - optional PluginGenerator plugin = 10; } message ApplicationSetRolloutStep { @@ -294,11 +290,6 @@ message ApplicationSetSpec { optional ApplicationSetStrategy strategy = 5; optional ApplicationPreservedFields preservedFields = 6; - - repeated string goTemplateOptions = 7; - - // ApplyNestedSelectors enables selectors defined within the generators of two level-nested matrix or merge generators - optional bool applyNestedSelectors = 8; } // ApplicationSetStatus defines the observed state of ApplicationSet @@ -322,11 +313,6 @@ message ApplicationSetStrategy { message ApplicationSetSyncPolicy { // PreserveResourcesOnDeletion will preserve resources on deletion. If PreserveResourcesOnDeletion is set to true, these Applications will not be deleted. optional bool preserveResourcesOnDeletion = 1; - - // ApplicationsSync represents the policy applied on the generated applications. Possible values are create-only, create-update, create-delete, sync - // +kubebuilder:validation:Optional - // +kubebuilder:validation:Enum=create-only;create-update;create-delete;sync - optional string applicationsSync = 2; } // ApplicationSetTemplate represents argocd ApplicationSpec @@ -366,11 +352,6 @@ message ApplicationSetTerminalGenerator { optional DuckTypeGenerator clusterDecisionResource = 5; optional PullRequestGenerator pullRequest = 6; - - optional PluginGenerator plugin = 7; - - // Selector allows to post-filter all generator. - optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 8; } // ApplicationSource contains all required information about the source of an application @@ -431,8 +412,7 @@ message ApplicationSourceHelm { // ReleaseName is the Helm release name to use. If omitted it will use the application name optional string releaseName = 3; - // Values specifies Helm values to be passed to helm template, typically defined as a block. ValuesObject takes precedence over Values, so use one or the other. - // +patchStrategy=replace + // Values specifies Helm values to be passed to helm template, typically defined as a block optional string values = 4; // FileParameters are file parameters to the helm template @@ -449,10 +429,6 @@ message ApplicationSourceHelm { // SkipCrds skips custom resource definition installation step (Helm's --skip-crds) optional bool skipCrds = 9; - - // ValuesObject specifies Helm values to be passed to helm template, defined as a map. This takes precedence over Values. - // +kubebuilder:pruning:PreserveUnknownFields - optional k8s.io.apimachinery.pkg.runtime.RawExtension valuesObject = 10; } // ApplicationSourceJsonnet holds options specific to applications of type Jsonnet @@ -596,9 +572,6 @@ message ApplicationStatus { // SourceTypes specifies the type of the sources included in the application repeated string sourceTypes = 12; - - // ControllerNamespace indicates the namespace in which the application controller is located - optional string controllerNamespace = 13; } // ApplicationSummary contains information about URLs and container images used by an application @@ -656,23 +629,6 @@ message BasicAuthBitbucketServer { optional SecretRef passwordRef = 2; } -// BearerTokenBitbucketCloud defines the Bearer token for BitBucket AppToken auth. -message BearerTokenBitbucketCloud { - // Password (or personal access token) reference. - optional SecretRef tokenRef = 1; -} - -// ChartDetails contains helm chart metadata for a specific version -message ChartDetails { - optional string description = 1; - - // The URL of this projects home page, e.g. "http://example.com" - optional string home = 2; - - // List of maintainer details, name and email, e.g. ["John Doe "] - repeated string maintainers = 3; -} - // Cluster is the definition of a cluster resource message Cluster { // Server is the API server URL of the Kubernetes cluster @@ -807,9 +763,6 @@ message ComparedTo { // Sources is a reference to the application's multiple sources used for comparison repeated ApplicationSource sources = 3; - - // IgnoreDifferences is a reference to the application's ignored differences used for comparison - repeated ResourceIgnoreDifferences ignoreDifferences = 4; } // ComponentParameter contains information about component parameter value @@ -916,9 +869,6 @@ message GitGenerator { optional ApplicationSetTemplate template = 6; optional string pathParamPrefix = 7; - - // Values contains key/value pairs which are passed directly as parameters to the template - map values = 8; } // GnuPGPublicKey is a representation of a GnuPG public key @@ -1227,33 +1177,6 @@ message OverrideIgnoreDiff { repeated string managedFieldsManagers = 3; } -message PluginConfigMapRef { - // Name of the ConfigMap - optional string name = 1; -} - -// PluginGenerator defines connection info specific to Plugin. -message PluginGenerator { - optional PluginConfigMapRef configMapRef = 1; - - optional PluginInput input = 2; - - // RequeueAfterSeconds determines how long the ApplicationSet controller will wait before reconciling the ApplicationSet again. - optional int64 requeueAfterSeconds = 3; - - optional ApplicationSetTemplate template = 4; - - // Values contains key/value pairs which are passed directly as parameters to the template. These values will not be - // sent as parameters to the plugin. - map values = 5; -} - -message PluginInput { - // Parameters contains the information to pass to the plugin. It is a map. The keys must be strings, and the - // values can be any type. - map parameters = 1; -} - // ProjectRole represents a role that has access to a project message ProjectRole { // Name is a name for this role @@ -1290,53 +1213,9 @@ message PullRequestGenerator { optional int64 requeueAfterSeconds = 6; optional ApplicationSetTemplate template = 7; - - optional PullRequestGeneratorBitbucket bitbucket = 8; - - // Additional provider to use and config for it. - optional PullRequestGeneratorAzureDevOps azuredevops = 9; } -// PullRequestGeneratorAzureDevOps defines connection info specific to AzureDevOps. -message PullRequestGeneratorAzureDevOps { - // Azure DevOps org to scan. Required. - optional string organization = 1; - - // Azure DevOps project name to scan. Required. - optional string project = 2; - - // Azure DevOps repo name to scan. Required. - optional string repo = 3; - - // The Azure DevOps API URL to talk to. If blank, use https://dev.azure.com/. - optional string api = 4; - - // Authentication token reference. - optional SecretRef tokenRef = 5; - - // Labels is used to filter the PRs that you want to target - repeated string labels = 6; -} - -// PullRequestGeneratorBitbucket defines connection info specific to Bitbucket. -message PullRequestGeneratorBitbucket { - // Workspace to scan. Required. - optional string owner = 1; - - // Repo name to scan. Required. - optional string repo = 2; - - // The Bitbucket REST API URL to talk to. If blank, uses https://api.bitbucket.org/2.0. - optional string api = 3; - - // Credentials for Basic auth - optional BasicAuthBitbucketServer basicAuth = 4; - - // Credentials for AppToken (Bearer auth) - optional BearerTokenBitbucketCloud bearerToken = 5; -} - -// PullRequestGeneratorBitbucketServer defines connection info specific to BitbucketServer. +// PullRequestGenerator defines connection info specific to BitbucketServer. message PullRequestGeneratorBitbucketServer { // Project to scan. Required. optional string project = 1; @@ -1356,8 +1235,6 @@ message PullRequestGeneratorBitbucketServer { // pass for a pull request to be included. message PullRequestGeneratorFilter { optional string branchMatch = 1; - - optional string targetBranchMatch = 2; } // PullRequestGeneratorGitLab defines connection info specific to GitLab. @@ -1376,12 +1253,9 @@ message PullRequestGeneratorGitLab { // PullRequestState is an additional MRs filter to get only those with a certain state. Default: "" (all states) optional string pullRequestState = 5; - - // Skips validating the SCM provider's TLS certificate - useful for self-signed certificates.; default: false - optional bool insecure = 6; } -// PullRequestGeneratorGitea defines connection info specific to Gitea. +// PullRequestGenerator defines connection info specific to Gitea. message PullRequestGeneratorGitea { // Gitea org or user to scan. Required. optional string owner = 1; @@ -1594,10 +1468,6 @@ message ResourceAction { repeated ResourceActionParam params = 2; optional bool disabled = 3; - - optional string iconClass = 4; - - optional string displayName = 5; } // TODO: describe this type @@ -1727,8 +1597,6 @@ message ResourceOverride { optional OverrideIgnoreDiff ignoreDifferences = 2; - optional OverrideIgnoreDiff ignoreResourceUpdates = 6; - repeated KnownTypeField knownTypeFields = 4; } @@ -1885,28 +1753,6 @@ message SCMProviderGenerator { optional int64 requeueAfterSeconds = 9; optional ApplicationSetTemplate template = 10; - - // Values contains key/value pairs which are passed directly as parameters to the template - map values = 11; - - optional SCMProviderGeneratorAWSCodeCommit awsCodeCommit = 12; -} - -// SCMProviderGeneratorAWSCodeCommit defines connection info specific to AWS CodeCommit. -message SCMProviderGeneratorAWSCodeCommit { - // TagFilters provides the tag filter(s) for repo discovery - repeated TagFilter tagFilters = 1; - - // Role provides the AWS IAM role to assume, for cross-account repo discovery - // if not provided, AppSet controller will use its pod/node identity to discover. - optional string role = 2; - - // Region provides the AWS region to discover repos. - // if not provided, AppSet controller will infer the current region from environment. - optional string region = 3; - - // Scan all branches instead of just the default branch. - optional bool allBranches = 4; } // SCMProviderGeneratorAzureDevOps defines connection info specific to Azure DevOps. @@ -2029,15 +1875,6 @@ message SCMProviderGeneratorGitlab { // Scan all branches instead of just the default branch. optional bool allBranches = 5; - - // Skips validating the SCM provider's TLS certificate - useful for self-signed certificates.; default: false - optional bool insecure = 6; - - // When recursing through subgroups, also include shared Projects (true) or scan only the subgroups under same path (false). Defaults to "true" - optional bool includeSharedProjects = 7; - - // Filter repos list based on Gitlab Topic. - optional string topic = 8; } // Utility struct for a reference to a secret key. @@ -2117,9 +1954,6 @@ message SyncOperationResult { // Revisions holds the revision this sync operation was performed for respective indexed source in sources field repeated string revisions = 5; - - // ManagedNamespaceMetadata contains the current sync state of managed namespace metadata - optional ManagedNamespaceMetadata managedNamespaceMetadata = 6; } // SyncPolicy controls when a sync will be performed in response to updates in git @@ -2142,7 +1976,7 @@ message SyncPolicyAutomated { // Prune specifies whether to delete resources from the cluster that are not found in the sources anymore as part of automated sync (default: false) optional bool prune = 1; - // SelfHeal specifies whether to revert resources back to their desired state upon modification in the cluster (default: false) + // SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false) optional bool selfHeal = 2; // AllowEmpty allows apps have zero live resources (default: false) @@ -2239,9 +2073,3 @@ message TLSClientConfig { optional bytes caData = 5; } -message TagFilter { - optional string key = 1; - - optional string value = 2; -} - diff --git a/pkg/apis/application/v1alpha1/openapi_generated.go b/pkg/apis/application/v1alpha1/openapi_generated.go index ee5fc33718751..99d3f95a9f453 100644 --- a/pkg/apis/application/v1alpha1/openapi_generated.go +++ b/pkg/apis/application/v1alpha1/openapi_generated.go @@ -54,8 +54,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationWatchEvent": schema_pkg_apis_application_v1alpha1_ApplicationWatchEvent(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.Backoff": schema_pkg_apis_application_v1alpha1_Backoff(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.BasicAuthBitbucketServer": schema_pkg_apis_application_v1alpha1_BasicAuthBitbucketServer(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.BearerTokenBitbucketCloud": schema_pkg_apis_application_v1alpha1_BearerTokenBitbucketCloud(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ChartDetails": schema_pkg_apis_application_v1alpha1_ChartDetails(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.Cluster": schema_pkg_apis_application_v1alpha1_Cluster(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ClusterCacheInfo": schema_pkg_apis_application_v1alpha1_ClusterCacheInfo(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ClusterConfig": schema_pkg_apis_application_v1alpha1_ClusterConfig(ref), @@ -103,13 +101,8 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.OrphanedResourceKey": schema_pkg_apis_application_v1alpha1_OrphanedResourceKey(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.OrphanedResourcesMonitorSettings": schema_pkg_apis_application_v1alpha1_OrphanedResourcesMonitorSettings(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.OverrideIgnoreDiff": schema_pkg_apis_application_v1alpha1_OverrideIgnoreDiff(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginConfigMapRef": schema_pkg_apis_application_v1alpha1_PluginConfigMapRef(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginGenerator": schema_pkg_apis_application_v1alpha1_PluginGenerator(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginInput": schema_pkg_apis_application_v1alpha1_PluginInput(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ProjectRole": schema_pkg_apis_application_v1alpha1_ProjectRole(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGenerator": schema_pkg_apis_application_v1alpha1_PullRequestGenerator(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorAzureDevOps": schema_pkg_apis_application_v1alpha1_PullRequestGeneratorAzureDevOps(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorBitbucket": schema_pkg_apis_application_v1alpha1_PullRequestGeneratorBitbucket(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorBitbucketServer": schema_pkg_apis_application_v1alpha1_PullRequestGeneratorBitbucketServer(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorFilter": schema_pkg_apis_application_v1alpha1_PullRequestGeneratorFilter(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorGitLab": schema_pkg_apis_application_v1alpha1_PullRequestGeneratorGitLab(ref), @@ -138,7 +131,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.RevisionHistory": schema_pkg_apis_application_v1alpha1_RevisionHistory(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.RevisionMetadata": schema_pkg_apis_application_v1alpha1_RevisionMetadata(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGenerator": schema_pkg_apis_application_v1alpha1_SCMProviderGenerator(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorAWSCodeCommit": schema_pkg_apis_application_v1alpha1_SCMProviderGeneratorAWSCodeCommit(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorAzureDevOps": schema_pkg_apis_application_v1alpha1_SCMProviderGeneratorAzureDevOps(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorBitbucket": schema_pkg_apis_application_v1alpha1_SCMProviderGeneratorBitbucket(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorBitbucketServer": schema_pkg_apis_application_v1alpha1_SCMProviderGeneratorBitbucketServer(ref), @@ -159,7 +151,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SyncStrategyHook": schema_pkg_apis_application_v1alpha1_SyncStrategyHook(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SyncWindow": schema_pkg_apis_application_v1alpha1_SyncWindow(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.TLSClientConfig": schema_pkg_apis_application_v1alpha1_TLSClientConfig(ref), - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.TagFilter": schema_pkg_apis_application_v1alpha1_TagFilter(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.objectMeta": schema_pkg_apis_application_v1alpha1_objectMeta(ref), "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.rawResourceOverride": schema_pkg_apis_application_v1alpha1_rawResourceOverride(ref), } @@ -552,7 +543,7 @@ func schema_pkg_apis_application_v1alpha1_ApplicationCondition(ref common.Refere return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "ApplicationCondition contains details about an application condition, which is usually an error or warning", + Description: "ApplicationCondition contains details about an application condition, which is usally an error or warning", Type: []string{"object"}, Properties: map[string]spec.Schema{ "type": { @@ -595,7 +586,7 @@ func schema_pkg_apis_application_v1alpha1_ApplicationDestination(ref common.Refe Properties: map[string]spec.Schema{ "server": { SchemaProps: spec.SchemaProps{ - Description: "Server specifies the URL of the target cluster's Kubernetes control plane API. This must be set if Name is not set.", + Description: "Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API", Type: []string{"string"}, Format: "", }, @@ -609,7 +600,7 @@ func schema_pkg_apis_application_v1alpha1_ApplicationDestination(ref common.Refe }, "name": { SchemaProps: spec.SchemaProps{ - Description: "Name is an alternate way of specifying the target cluster by its symbolic name. This must be set if Server is not set.", + Description: "Name is an alternate way of specifying the target cluster by its symbolic name", Type: []string{"string"}, Format: "", }, @@ -942,16 +933,11 @@ func schema_pkg_apis_application_v1alpha1_ApplicationSetGenerator(ref common.Ref Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), }, }, - "plugin": { - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginGenerator"), - }, - }, }, }, }, Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ClusterGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.DuckTypeGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.GitGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ListGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.MatrixGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.MergeGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGenerator", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ClusterGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.DuckTypeGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.GitGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ListGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.MatrixGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.MergeGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGenerator", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, } } @@ -1059,16 +1045,11 @@ func schema_pkg_apis_application_v1alpha1_ApplicationSetNestedGenerator(ref comm Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), }, }, - "plugin": { - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginGenerator"), - }, - }, }, }, }, Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ClusterGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.DuckTypeGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.GitGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ListGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGenerator", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ClusterGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.DuckTypeGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.GitGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ListGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGenerator", "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, } } @@ -1178,27 +1159,6 @@ func schema_pkg_apis_application_v1alpha1_ApplicationSetSpec(ref common.Referenc Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationPreservedFields"), }, }, - "goTemplateOptions": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "applyNestedSelectors": { - SchemaProps: spec.SchemaProps{ - Description: "ApplyNestedSelectors enables selectors defined within the generators of two level-nested matrix or merge generators", - Type: []string{"boolean"}, - Format: "", - }, - }, }, Required: []string{"generators", "template"}, }, @@ -1290,13 +1250,6 @@ func schema_pkg_apis_application_v1alpha1_ApplicationSetSyncPolicy(ref common.Re Format: "", }, }, - "applicationsSync": { - SchemaProps: spec.SchemaProps{ - Description: "ApplicationsSync represents the policy applied on the generated applications. Possible values are create-only, create-update, create-delete, sync", - Type: []string{"string"}, - Format: "", - }, - }, }, }, }, @@ -1437,22 +1390,11 @@ func schema_pkg_apis_application_v1alpha1_ApplicationSetTerminalGenerator(ref co Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGenerator"), }, }, - "plugin": { - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginGenerator"), - }, - }, - "selector": { - SchemaProps: spec.SchemaProps{ - Description: "Selector allows to post-filter all generator.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), - }, - }, }, }, }, Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ClusterGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.DuckTypeGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.GitGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ListGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGenerator", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ClusterGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.DuckTypeGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.GitGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ListGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGenerator", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGenerator"}, } } @@ -1619,13 +1561,8 @@ func schema_pkg_apis_application_v1alpha1_ApplicationSourceHelm(ref common.Refer }, }, "values": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-patch-strategy": "replace", - }, - }, SchemaProps: spec.SchemaProps{ - Description: "Values specifies Helm values to be passed to helm template, typically defined as a block. ValuesObject takes precedence over Values, so use one or the other.", + Description: "Values specifies Helm values to be passed to helm template, typically defined as a block", Type: []string{"string"}, Format: "", }, @@ -1672,17 +1609,11 @@ func schema_pkg_apis_application_v1alpha1_ApplicationSourceHelm(ref common.Refer Format: "", }, }, - "valuesObject": { - SchemaProps: spec.SchemaProps{ - Description: "ValuesObject specifies Helm values to be passed to helm template, defined as a map. This takes precedence over Values.", - Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"), - }, - }, }, }, }, Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.HelmFileParameter", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.HelmParameter", "k8s.io/apimachinery/pkg/runtime.RawExtension"}, + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.HelmFileParameter", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.HelmParameter"}, } } @@ -2150,13 +2081,6 @@ func schema_pkg_apis_application_v1alpha1_ApplicationStatus(ref common.Reference }, }, }, - "controllerNamespace": { - SchemaProps: spec.SchemaProps{ - Description: "ControllerNamespace indicates the namespace in which the application controller is located", - Type: []string{"string"}, - Format: "", - }, - }, }, }, }, @@ -2359,69 +2283,6 @@ func schema_pkg_apis_application_v1alpha1_BasicAuthBitbucketServer(ref common.Re } } -func schema_pkg_apis_application_v1alpha1_BearerTokenBitbucketCloud(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "BearerTokenBitbucketCloud defines the Bearer token for BitBucket AppToken auth.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "tokenRef": { - SchemaProps: spec.SchemaProps{ - Description: "Password (or personal access token) reference.", - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SecretRef"), - }, - }, - }, - Required: []string{"tokenRef"}, - }, - }, - Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SecretRef"}, - } -} - -func schema_pkg_apis_application_v1alpha1_ChartDetails(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ChartDetails contains helm chart metadata for a specific version", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "description": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "home": { - SchemaProps: spec.SchemaProps{ - Description: "The URL of this projects home page, e.g. \"http://example.com\"", - Type: []string{"string"}, - Format: "", - }, - }, - "maintainers": { - SchemaProps: spec.SchemaProps{ - Description: "List of maintainer details, name and email, e.g. [\"John Doe \"]", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - }, - }, - } -} - func schema_pkg_apis_application_v1alpha1_Cluster(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2861,26 +2722,12 @@ func schema_pkg_apis_application_v1alpha1_ComparedTo(ref common.ReferenceCallbac }, }, }, - "ignoreDifferences": { - SchemaProps: spec.SchemaProps{ - Description: "IgnoreDifferences is a reference to the application's ignored differences used for comparison", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ResourceIgnoreDifferences"), - }, - }, - }, - }, - }, }, Required: []string{"destination"}, }, }, Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationDestination", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSource", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ResourceIgnoreDifferences"}, + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationDestination", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSource"}, } } @@ -3265,22 +3112,6 @@ func schema_pkg_apis_application_v1alpha1_GitGenerator(ref common.ReferenceCallb Format: "", }, }, - "values": { - SchemaProps: spec.SchemaProps{ - Description: "Values contains key/value pairs which are passed directly as parameters to the template", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, }, Required: []string{"repoURL", "revision"}, }, @@ -4367,113 +4198,6 @@ func schema_pkg_apis_application_v1alpha1_OverrideIgnoreDiff(ref common.Referenc } } -func schema_pkg_apis_application_v1alpha1_PluginConfigMapRef(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name of the ConfigMap", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"name"}, - }, - }, - } -} - -func schema_pkg_apis_application_v1alpha1_PluginGenerator(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PluginGenerator defines connection info specific to Plugin.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "configMapRef": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginConfigMapRef"), - }, - }, - "input": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginInput"), - }, - }, - "requeueAfterSeconds": { - SchemaProps: spec.SchemaProps{ - Description: "RequeueAfterSeconds determines how long the ApplicationSet controller will wait before reconciling the ApplicationSet again.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "template": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSetTemplate"), - }, - }, - "values": { - SchemaProps: spec.SchemaProps{ - Description: "Values contains key/value pairs which are passed directly as parameters to the template. These values will not be sent as parameters to the plugin.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - }, - Required: []string{"configMapRef"}, - }, - }, - Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSetTemplate", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginConfigMapRef", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PluginInput"}, - } -} - -func schema_pkg_apis_application_v1alpha1_PluginInput(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "parameters": { - SchemaProps: spec.SchemaProps{ - Description: "Parameters contains the information to pass to the plugin. It is a map. The keys must be strings, and the values can be any type.", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1.JSON"}, - } -} - func schema_pkg_apis_application_v1alpha1_ProjectRole(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4604,141 +4328,11 @@ func schema_pkg_apis_application_v1alpha1_PullRequestGenerator(ref common.Refere Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSetTemplate"), }, }, - "bitbucket": { - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorBitbucket"), - }, - }, - "azuredevops": { - SchemaProps: spec.SchemaProps{ - Description: "Additional provider to use and config for it.", - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorAzureDevOps"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSetTemplate", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorAzureDevOps", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorBitbucket", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorBitbucketServer", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorFilter", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorGitLab", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorGitea", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorGithub"}, - } -} - -func schema_pkg_apis_application_v1alpha1_PullRequestGeneratorAzureDevOps(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PullRequestGeneratorAzureDevOps defines connection info specific to AzureDevOps.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "organization": { - SchemaProps: spec.SchemaProps{ - Description: "Azure DevOps org to scan. Required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "project": { - SchemaProps: spec.SchemaProps{ - Description: "Azure DevOps project name to scan. Required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "repo": { - SchemaProps: spec.SchemaProps{ - Description: "Azure DevOps repo name to scan. Required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "api": { - SchemaProps: spec.SchemaProps{ - Description: "The Azure DevOps API URL to talk to. If blank, use https://dev.azure.com/.", - Type: []string{"string"}, - Format: "", - }, - }, - "tokenRef": { - SchemaProps: spec.SchemaProps{ - Description: "Authentication token reference.", - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SecretRef"), - }, - }, - "labels": { - SchemaProps: spec.SchemaProps{ - Description: "Labels is used to filter the PRs that you want to target", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, }, - Required: []string{"organization", "project", "repo"}, }, }, Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SecretRef"}, - } -} - -func schema_pkg_apis_application_v1alpha1_PullRequestGeneratorBitbucket(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PullRequestGeneratorBitbucket defines connection info specific to Bitbucket.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "owner": { - SchemaProps: spec.SchemaProps{ - Description: "Workspace to scan. Required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "repo": { - SchemaProps: spec.SchemaProps{ - Description: "Repo name to scan. Required.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "api": { - SchemaProps: spec.SchemaProps{ - Description: "The Bitbucket REST API URL to talk to. If blank, uses https://api.bitbucket.org/2.0.", - Type: []string{"string"}, - Format: "", - }, - }, - "basicAuth": { - SchemaProps: spec.SchemaProps{ - Description: "Credentials for Basic auth", - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.BasicAuthBitbucketServer"), - }, - }, - "bearerToken": { - SchemaProps: spec.SchemaProps{ - Description: "Credentials for AppToken (Bearer auth)", - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.BearerTokenBitbucketCloud"), - }, - }, - }, - Required: []string{"owner", "repo"}, - }, - }, - Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.BasicAuthBitbucketServer", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.BearerTokenBitbucketCloud"}, + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSetTemplate", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorBitbucketServer", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorFilter", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorGitLab", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorGitea", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.PullRequestGeneratorGithub"}, } } @@ -4746,7 +4340,7 @@ func schema_pkg_apis_application_v1alpha1_PullRequestGeneratorBitbucketServer(re return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PullRequestGeneratorBitbucketServer defines connection info specific to BitbucketServer.", + Description: "PullRequestGenerator defines connection info specific to BitbucketServer.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "project": { @@ -4801,12 +4395,6 @@ func schema_pkg_apis_application_v1alpha1_PullRequestGeneratorFilter(ref common. Format: "", }, }, - "targetBranchMatch": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, }, }, }, @@ -4863,13 +4451,6 @@ func schema_pkg_apis_application_v1alpha1_PullRequestGeneratorGitLab(ref common. Format: "", }, }, - "insecure": { - SchemaProps: spec.SchemaProps{ - Description: "Skips validating the SCM provider's TLS certificate - useful for self-signed certificates.; default: false", - Type: []string{"boolean"}, - Format: "", - }, - }, }, Required: []string{"project"}, }, @@ -4883,7 +4464,7 @@ func schema_pkg_apis_application_v1alpha1_PullRequestGeneratorGitea(ref common.R return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PullRequestGeneratorGitea defines connection info specific to Gitea.", + Description: "PullRequestGenerator defines connection info specific to Gitea.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "owner": { @@ -5514,18 +5095,6 @@ func schema_pkg_apis_application_v1alpha1_ResourceAction(ref common.ReferenceCal Format: "", }, }, - "iconClass": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "displayName": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, }, }, }, @@ -6034,12 +5603,6 @@ func schema_pkg_apis_application_v1alpha1_ResourceOverride(ref common.ReferenceC Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.OverrideIgnoreDiff"), }, }, - "IgnoreResourceUpdates": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.OverrideIgnoreDiff"), - }, - }, "KnownTypeFields": { SchemaProps: spec.SchemaProps{ Type: []string{"array"}, @@ -6054,7 +5617,7 @@ func schema_pkg_apis_application_v1alpha1_ResourceOverride(ref common.ReferenceC }, }, }, - Required: []string{"HealthLua", "UseOpenLibs", "Actions", "IgnoreDifferences", "IgnoreResourceUpdates", "KnownTypeFields"}, + Required: []string{"HealthLua", "UseOpenLibs", "Actions", "IgnoreDifferences", "KnownTypeFields"}, }, }, Dependencies: []string{ @@ -6513,81 +6076,11 @@ func schema_pkg_apis_application_v1alpha1_SCMProviderGenerator(ref common.Refere Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSetTemplate"), }, }, - "values": { - SchemaProps: spec.SchemaProps{ - Description: "Values contains key/value pairs which are passed directly as parameters to the template", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "awsCodeCommit": { - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorAWSCodeCommit"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSetTemplate", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorAWSCodeCommit", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorAzureDevOps", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorBitbucket", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorBitbucketServer", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorFilter", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorGitea", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorGithub", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorGitlab"}, - } -} - -func schema_pkg_apis_application_v1alpha1_SCMProviderGeneratorAWSCodeCommit(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "SCMProviderGeneratorAWSCodeCommit defines connection info specific to AWS CodeCommit.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "tagFilters": { - SchemaProps: spec.SchemaProps{ - Description: "TagFilters provides the tag filter(s) for repo discovery", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.TagFilter"), - }, - }, - }, - }, - }, - "role": { - SchemaProps: spec.SchemaProps{ - Description: "Role provides the AWS IAM role to assume, for cross-account repo discovery if not provided, AppSet controller will use its pod/node identity to discover.", - Type: []string{"string"}, - Format: "", - }, - }, - "region": { - SchemaProps: spec.SchemaProps{ - Description: "Region provides the AWS region to discover repos. if not provided, AppSet controller will infer the current region from environment.", - Type: []string{"string"}, - Format: "", - }, - }, - "allBranches": { - SchemaProps: spec.SchemaProps{ - Description: "Scan all branches instead of just the default branch.", - Type: []string{"boolean"}, - Format: "", - }, - }, }, }, }, Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.TagFilter"}, + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSetTemplate", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorAzureDevOps", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorBitbucket", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorBitbucketServer", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorFilter", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorGitea", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorGithub", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.SCMProviderGeneratorGitlab"}, } } @@ -6942,27 +6435,6 @@ func schema_pkg_apis_application_v1alpha1_SCMProviderGeneratorGitlab(ref common. Format: "", }, }, - "insecure": { - SchemaProps: spec.SchemaProps{ - Description: "Skips validating the SCM provider's TLS certificate - useful for self-signed certificates.; default: false", - Type: []string{"boolean"}, - Format: "", - }, - }, - "includeSharedProjects": { - SchemaProps: spec.SchemaProps{ - Description: "When recursing through subgroups, also include shared Projects (true) or scan only the subgroups under same path (false). Defaults to \"true\"", - Type: []string{"boolean"}, - Format: "", - }, - }, - "topic": { - SchemaProps: spec.SchemaProps{ - Description: "Filter repos list based on Gitlab Topic.", - Type: []string{"string"}, - Format: "", - }, - }, }, Required: []string{"group"}, }, @@ -7247,18 +6719,12 @@ func schema_pkg_apis_application_v1alpha1_SyncOperationResult(ref common.Referen }, }, }, - "managedNamespaceMetadata": { - SchemaProps: spec.SchemaProps{ - Description: "ManagedNamespaceMetadata contains the current sync state of managed namespace metadata", - Ref: ref("github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ManagedNamespaceMetadata"), - }, - }, }, Required: []string{"revision"}, }, }, Dependencies: []string{ - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSource", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ManagedNamespaceMetadata", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ResourceResult"}, + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ApplicationSource", "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1.ResourceResult"}, } } @@ -7326,7 +6792,7 @@ func schema_pkg_apis_application_v1alpha1_SyncPolicyAutomated(ref common.Referen }, "selfHeal": { SchemaProps: spec.SchemaProps{ - Description: "SelfHeal specifies whether to revert resources back to their desired state upon modification in the cluster (default: false)", + Description: "SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)", Type: []string{"boolean"}, Format: "", }, @@ -7607,32 +7073,6 @@ func schema_pkg_apis_application_v1alpha1_TLSClientConfig(ref common.ReferenceCa } } -func schema_pkg_apis_application_v1alpha1_TagFilter(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "key": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "value": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"key"}, - }, - }, - } -} - func schema_pkg_apis_application_v1alpha1_objectMeta(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -7683,12 +7123,6 @@ func schema_pkg_apis_application_v1alpha1_rawResourceOverride(ref common.Referen Format: "", }, }, - "ignoreResourceUpdates": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, "knownTypeFields": { SchemaProps: spec.SchemaProps{ Type: []string{"array"}, diff --git a/pkg/apis/application/v1alpha1/types.go b/pkg/apis/application/v1alpha1/types.go index 4bf07fc2317da..770a5b3e2873e 100644 --- a/pkg/apis/application/v1alpha1/types.go +++ b/pkg/apis/application/v1alpha1/types.go @@ -18,6 +18,7 @@ import ( "github.com/argoproj/gitops-engine/pkg/health" synccommon "github.com/argoproj/gitops-engine/pkg/sync/common" + "github.com/ghodss/yaml" "github.com/robfig/cron/v3" log "github.com/sirupsen/logrus" "google.golang.org/grpc/codes" @@ -25,7 +26,6 @@ import ( v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/intstr" utilnet "k8s.io/apimachinery/pkg/util/net" @@ -33,9 +33,6 @@ import ( "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/tools/clientcmd/api" - "sigs.k8s.io/yaml" - - "github.com/argoproj/argo-cd/v2/util/env" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/util/collections" @@ -71,7 +68,7 @@ type ApplicationSpec struct { // SyncPolicy controls when and how a sync will be performed SyncPolicy *SyncPolicy `json:"syncPolicy,omitempty" protobuf:"bytes,4,name=syncPolicy"` // IgnoreDifferences is a list of resources and their fields which should be ignored during comparison - IgnoreDifferences IgnoreDifferences `json:"ignoreDifferences,omitempty" protobuf:"bytes,5,name=ignoreDifferences"` + IgnoreDifferences []ResourceIgnoreDifferences `json:"ignoreDifferences,omitempty" protobuf:"bytes,5,name=ignoreDifferences"` // Info contains a list of information (URLs, email addresses, and plain text) that relates to the application Info []Info `json:"info,omitempty" protobuf:"bytes,6,name=info"` // RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. @@ -85,12 +82,6 @@ type ApplicationSpec struct { Sources ApplicationSources `json:"sources,omitempty" protobuf:"bytes,8,opt,name=sources"` } -type IgnoreDifferences []ResourceIgnoreDifferences - -func (id IgnoreDifferences) Equals(other IgnoreDifferences) bool { - return reflect.DeepEqual(id, other) -} - type TrackingMethod string // ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. @@ -307,9 +298,8 @@ type ApplicationSourceHelm struct { Parameters []HelmParameter `json:"parameters,omitempty" protobuf:"bytes,2,opt,name=parameters"` // ReleaseName is the Helm release name to use. If omitted it will use the application name ReleaseName string `json:"releaseName,omitempty" protobuf:"bytes,3,opt,name=releaseName"` - // Values specifies Helm values to be passed to helm template, typically defined as a block. ValuesObject takes precedence over Values, so use one or the other. - // +patchStrategy=replace - Values string `json:"values,omitempty" patchStrategy:"replace" protobuf:"bytes,4,opt,name=values"` + // Values specifies Helm values to be passed to helm template, typically defined as a block + Values string `json:"values,omitempty" protobuf:"bytes,4,opt,name=values"` // FileParameters are file parameters to the helm template FileParameters []HelmFileParameter `json:"fileParameters,omitempty" protobuf:"bytes,5,opt,name=fileParameters"` // Version is the Helm version to use for templating ("3") @@ -320,9 +310,6 @@ type ApplicationSourceHelm struct { IgnoreMissingValueFiles bool `json:"ignoreMissingValueFiles,omitempty" protobuf:"bytes,8,opt,name=ignoreMissingValueFiles"` // SkipCrds skips custom resource definition installation step (Helm's --skip-crds) SkipCrds bool `json:"skipCrds,omitempty" protobuf:"bytes,9,opt,name=skipCrds"` - // ValuesObject specifies Helm values to be passed to helm template, defined as a map. This takes precedence over Values. - // +kubebuilder:pruning:PreserveUnknownFields - ValuesObject *runtime.RawExtension `json:"valuesObject,omitempty" protobuf:"bytes,10,opt,name=valuesObject"` } // HelmParameter is a parameter that's passed to helm template during manifest generation @@ -404,7 +391,7 @@ func (in *ApplicationSourceHelm) AddFileParameter(p HelmFileParameter) { // IsZero Returns true if the Helm options in an application source are considered zero func (h *ApplicationSourceHelm) IsZero() bool { - return h == nil || (h.Version == "") && (h.ReleaseName == "") && len(h.ValueFiles) == 0 && len(h.Parameters) == 0 && len(h.FileParameters) == 0 && h.ValuesIsEmpty() && !h.PassCredentials && !h.IgnoreMissingValueFiles && !h.SkipCrds + return h == nil || (h.Version == "") && (h.ReleaseName == "") && len(h.ValueFiles) == 0 && len(h.Parameters) == 0 && len(h.FileParameters) == 0 && h.Values == "" && !h.PassCredentials && !h.IgnoreMissingValueFiles && !h.SkipCrds } // KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: @@ -860,12 +847,12 @@ func (c *ApplicationSourcePlugin) RemoveEnvEntry(key string) error { // ApplicationDestination holds information about the application's destination type ApplicationDestination struct { - // Server specifies the URL of the target cluster's Kubernetes control plane API. This must be set if Name is not set. + // Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API Server string `json:"server,omitempty" protobuf:"bytes,1,opt,name=server"` // Namespace specifies the target namespace for the application's resources. // The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace Namespace string `json:"namespace,omitempty" protobuf:"bytes,2,opt,name=namespace"` - // Name is an alternate way of specifying the target cluster by its symbolic name. This must be set if Server is not set. + // Name is an alternate way of specifying the target cluster by its symbolic name Name string `json:"name,omitempty" protobuf:"bytes,3,opt,name=name"` // nolint:govet @@ -906,8 +893,6 @@ type ApplicationStatus struct { ResourceHealthSource ResourceHealthLocation `json:"resourceHealthSource,omitempty" protobuf:"bytes,11,opt,name=resourceHealthSource"` // SourceTypes specifies the type of the sources included in the application SourceTypes []ApplicationSourceType `json:"sourceTypes,omitempty" protobuf:"bytes,12,opt,name=sourceTypes"` - // ControllerNamespace indicates the namespace in which the application controller is located - ControllerNamespace string `json:"controllerNamespace,omitempty" protobuf:"bytes,13,opt,name=controllerNamespace"` } // JWTTokens represents a list of JWT tokens @@ -1168,7 +1153,7 @@ type Backoff struct { type SyncPolicyAutomated struct { // Prune specifies whether to delete resources from the cluster that are not found in the sources anymore as part of automated sync (default: false) Prune bool `json:"prune,omitempty" protobuf:"bytes,1,opt,name=prune"` - // SelfHeal specifies whether to revert resources back to their desired state upon modification in the cluster (default: false) + // SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false) SelfHeal bool `json:"selfHeal,omitempty" protobuf:"bytes,2,opt,name=selfHeal"` // AllowEmpty allows apps have zero live resources (default: false) AllowEmpty bool `json:"allowEmpty,omitempty" protobuf:"bytes,3,opt,name=allowEmpty"` @@ -1228,15 +1213,6 @@ type RevisionMetadata struct { SignatureInfo string `json:"signatureInfo,omitempty" protobuf:"bytes,5,opt,name=signatureInfo"` } -// ChartDetails contains helm chart metadata for a specific version -type ChartDetails struct { - Description string `json:"description,omitempty" protobuf:"bytes,1,opt,name=description"` - // The URL of this projects home page, e.g. "http://example.com" - Home string `json:"home,omitempty" protobuf:"bytes,2,opt,name=home"` - // List of maintainer details, name and email, e.g. ["John Doe "] - Maintainers []string `json:"maintainers,omitempty" protobuf:"bytes,3,opt,name=maintainers"` -} - // SyncOperationResult represent result of sync operation type SyncOperationResult struct { // Resources contains a list of sync result items for each individual resource in a sync operation @@ -1249,8 +1225,6 @@ type SyncOperationResult struct { Sources ApplicationSources `json:"sources,omitempty" protobuf:"bytes,4,opt,name=sources"` // Revisions holds the revision this sync operation was performed for respective indexed source in sources field Revisions []string `json:"revisions,omitempty" protobuf:"bytes,5,opt,name=revisions"` - // ManagedNamespaceMetadata contains the current sync state of managed namespace metadata - ManagedNamespaceMetadata *ManagedNamespaceMetadata `json:"managedNamespaceMetadata,omitempty" protobuf:"bytes,6,opt,name=managedNamespaceMetadata"` } // ResourceResult holds the operation result details of a specific resource @@ -1395,7 +1369,7 @@ const ( ApplicationConditionOrphanedResourceWarning = "OrphanedResourceWarning" ) -// ApplicationCondition contains details about an application condition, which is usually an error or warning +// ApplicationCondition contains details about an application condition, which is usally an error or warning type ApplicationCondition struct { // Type is an application condition type Type ApplicationConditionType `json:"type" protobuf:"bytes,1,opt,name=type"` @@ -1413,8 +1387,6 @@ type ComparedTo struct { Destination ApplicationDestination `json:"destination" protobuf:"bytes,2,opt,name=destination"` // Sources is a reference to the application's multiple sources used for comparison Sources ApplicationSources `json:"sources,omitempty" protobuf:"bytes,3,opt,name=sources"` - // IgnoreDifferences is a reference to the application's ignored differences used for comparison - IgnoreDifferences IgnoreDifferences `json:"ignoreDifferences,omitempty" protobuf:"bytes,4,opt,name=ignoreDifferences"` } // SyncStatus contains information about the currently observed live and desired states of an application @@ -1852,9 +1824,9 @@ type KnownTypeField struct { // OverrideIgnoreDiff contains configurations about how fields should be ignored during diffs between // the desired state and live state type OverrideIgnoreDiff struct { - // JSONPointers is a JSON path list following the format defined in RFC4627 (https://datatracker.ietf.org/doc/html/rfc6902#section-3) + //JSONPointers is a JSON path list following the format defined in RFC4627 (https://datatracker.ietf.org/doc/html/rfc6902#section-3) JSONPointers []string `json:"jsonPointers" protobuf:"bytes,1,rep,name=jSONPointers"` - // JQPathExpressions is a JQ path list that will be evaludated during the diff process + //JQPathExpressions is a JQ path list that will be evaludated during the diff process JQPathExpressions []string `json:"jqPathExpressions" protobuf:"bytes,2,opt,name=jqPathExpressions"` // ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the // desired state defined in the SCM and won't be displayed in diffs @@ -1862,23 +1834,21 @@ type OverrideIgnoreDiff struct { } type rawResourceOverride struct { - HealthLua string `json:"health.lua,omitempty"` - UseOpenLibs bool `json:"health.lua.useOpenLibs,omitempty"` - Actions string `json:"actions,omitempty"` - IgnoreDifferences string `json:"ignoreDifferences,omitempty"` - IgnoreResourceUpdates string `json:"ignoreResourceUpdates,omitempty"` - KnownTypeFields []KnownTypeField `json:"knownTypeFields,omitempty"` + HealthLua string `json:"health.lua,omitempty"` + UseOpenLibs bool `json:"health.lua.useOpenLibs,omitempty"` + Actions string `json:"actions,omitempty"` + IgnoreDifferences string `json:"ignoreDifferences,omitempty"` + KnownTypeFields []KnownTypeField `json:"knownTypeFields,omitempty"` } // ResourceOverride holds configuration to customize resource diffing and health assessment // TODO: describe the members of this type type ResourceOverride struct { - HealthLua string `protobuf:"bytes,1,opt,name=healthLua"` - UseOpenLibs bool `protobuf:"bytes,5,opt,name=useOpenLibs"` - Actions string `protobuf:"bytes,3,opt,name=actions"` - IgnoreDifferences OverrideIgnoreDiff `protobuf:"bytes,2,opt,name=ignoreDifferences"` - IgnoreResourceUpdates OverrideIgnoreDiff `protobuf:"bytes,6,opt,name=ignoreResourceUpdates"` - KnownTypeFields []KnownTypeField `protobuf:"bytes,4,opt,name=knownTypeFields"` + HealthLua string `protobuf:"bytes,1,opt,name=healthLua"` + UseOpenLibs bool `protobuf:"bytes,5,opt,name=useOpenLibs"` + Actions string `protobuf:"bytes,3,opt,name=actions"` + IgnoreDifferences OverrideIgnoreDiff `protobuf:"bytes,2,opt,name=ignoreDifferences"` + KnownTypeFields []KnownTypeField `protobuf:"bytes,4,opt,name=knownTypeFields"` } // TODO: describe this method @@ -1891,15 +1861,7 @@ func (s *ResourceOverride) UnmarshalJSON(data []byte) error { s.HealthLua = raw.HealthLua s.UseOpenLibs = raw.UseOpenLibs s.Actions = raw.Actions - err := yaml.Unmarshal([]byte(raw.IgnoreDifferences), &s.IgnoreDifferences) - if err != nil { - return err - } - err = yaml.Unmarshal([]byte(raw.IgnoreResourceUpdates), &s.IgnoreResourceUpdates) - if err != nil { - return err - } - return nil + return yaml.Unmarshal([]byte(raw.IgnoreDifferences), &s.IgnoreDifferences) } // TODO: describe this method @@ -1908,11 +1870,7 @@ func (s ResourceOverride) MarshalJSON() ([]byte, error) { if err != nil { return nil, err } - ignoreResourceUpdatesData, err := yaml.Marshal(s.IgnoreResourceUpdates) - if err != nil { - return nil, err - } - raw := &rawResourceOverride{s.HealthLua, s.UseOpenLibs, s.Actions, string(ignoreDifferencesData), string(ignoreResourceUpdatesData), s.KnownTypeFields} + raw := &rawResourceOverride{s.HealthLua, s.UseOpenLibs, s.Actions, string(ignoreDifferencesData), s.KnownTypeFields} return json.Marshal(raw) } @@ -1943,11 +1901,9 @@ type ResourceActionDefinition struct { // TODO: describe this type // TODO: describe members of this type type ResourceAction struct { - Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` - Params []ResourceActionParam `json:"params,omitempty" protobuf:"bytes,2,rep,name=params"` - Disabled bool `json:"disabled,omitempty" protobuf:"varint,3,opt,name=disabled"` - IconClass string `json:"iconClass,omitempty" protobuf:"bytes,4,opt,name=iconClass"` - DisplayName string `json:"displayName,omitempty" protobuf:"bytes,5,opt,name=displayName"` + Name string `json:"name,omitempty" protobuf:"bytes,1,opt,name=name"` + Params []ResourceActionParam `json:"params,omitempty" protobuf:"bytes,2,rep,name=params"` + Disabled bool `json:"disabled,omitempty" protobuf:"varint,3,opt,name=disabled"` } // TODO: describe this type @@ -2144,7 +2100,7 @@ type SyncWindow struct { Clusters []string `json:"clusters,omitempty" protobuf:"bytes,6,opt,name=clusters"` // ManualSync enables manual syncs when they would otherwise be blocked ManualSync bool `json:"manualSync,omitempty" protobuf:"bytes,7,opt,name=manualSync"` - // TimeZone of the sync that will be applied to the schedule + //TimeZone of the sync that will be applied to the schedule TimeZone string `json:"timeZone,omitempty" protobuf:"bytes,8,opt,name=timeZone"` } @@ -2340,10 +2296,6 @@ func (w *SyncWindows) CanSync(isManual bool) bool { } } - if active.hasAllow() { - return true - } - inactiveAllows := w.InactiveAllows() if inactiveAllows.HasWindows() { if isManual && inactiveAllows.manualEnabled() { @@ -2618,13 +2570,6 @@ func (app *Application) GetPropagationPolicy() string { return "" } -// HasChangedManagedNamespaceMetadata checks whether app.Spec.SyncPolicy.ManagedNamespaceMetadata differs from the -// managed namespace metadata which has been stored app.Status.OperationState.SyncResult. If they differ a refresh should -// be triggered. -func (app *Application) HasChangedManagedNamespaceMetadata() bool { - return app.Spec.SyncPolicy != nil && app.Spec.SyncPolicy.ManagedNamespaceMetadata != nil && app.Status.OperationState != nil && app.Status.OperationState.SyncResult != nil && !reflect.DeepEqual(app.Spec.SyncPolicy.ManagedNamespaceMetadata, app.Status.OperationState.SyncResult.ManagedNamespaceMetadata) -} - // IsFinalizerPresent checks if the app has a given finalizer func (app *Application) IsFinalizerPresent(finalizer string) bool { return getFinalizerIndex(app.ObjectMeta, finalizer) > -1 @@ -2857,17 +2802,12 @@ func SetK8SConfigDefaults(config *rest.Config) error { func (c *Cluster) RawRestConfig() *rest.Config { var config *rest.Config var err error - if c.Server == KubernetesInternalAPIServerAddr && env.ParseBoolFromEnv(EnvVarFakeInClusterConfig, false) { + if c.Server == KubernetesInternalAPIServerAddr && os.Getenv(EnvVarFakeInClusterConfig) == "true" { conf, exists := os.LookupEnv("KUBECONFIG") if exists { config, err = clientcmd.BuildConfigFromFlags("", conf) } else { - var homeDir string - homeDir, err = os.UserHomeDir() - if err != nil { - homeDir = "" - } - config, err = clientcmd.BuildConfigFromFlags("", filepath.Join(homeDir, ".kube", "config")) + config, err = clientcmd.BuildConfigFromFlags("", filepath.Join(os.Getenv("HOME"), ".kube", "config")) } } else if c.Server == KubernetesInternalAPIServerAddr && c.Config.Username == "" && c.Config.Password == "" && c.Config.BearerToken == "" { config, err = rest.InClusterConfig() @@ -3031,5 +2971,5 @@ func (a *Application) QualifiedName() string { // RBACName returns the full qualified RBAC resource name for the application // in a backwards-compatible way. func (a *Application) RBACName(defaultNS string) string { - return security.RBACName(defaultNS, a.Spec.GetProject(), a.Namespace, a.Name) + return security.AppRBACName(defaultNS, a.Spec.GetProject(), a.Namespace, a.Name) } diff --git a/pkg/apis/application/v1alpha1/types_test.go b/pkg/apis/application/v1alpha1/types_test.go index fdabb9b009571..0688dea0069cf 100644 --- a/pkg/apis/application/v1alpha1/types_test.go +++ b/pkg/apis/application/v1alpha1/types_test.go @@ -2226,20 +2226,6 @@ func TestSyncWindows_CanSync(t *testing.T) { // then assert.False(t, canSync) }) - t.Run("will allow auto sync with active-allow and inactive-allow", func(t *testing.T) { - // given - t.Parallel() - proj := newProjectBuilder(). - withActiveAllowWindow(false). - withInactiveAllowWindow(false). - build() - - // when - canSync := proj.Spec.SyncWindows.CanSync(false) - - // then - assert.True(t, canSync) - }) t.Run("will deny manual sync with active-deny", func(t *testing.T) { // given t.Parallel() @@ -3156,7 +3142,7 @@ func TestGetCAPath(t *testing.T) { if err != nil { panic(err) } - t.Setenv(argocdcommon.EnvVarTLSDataPath, temppath) + os.Setenv(argocdcommon.EnvVarTLSDataPath, temppath) validcert := []string{ "https://foo.example.com", "oci://foo.example.com", diff --git a/pkg/apis/application/v1alpha1/values.go b/pkg/apis/application/v1alpha1/values.go deleted file mode 100644 index 942e2a651cf71..0000000000000 --- a/pkg/apis/application/v1alpha1/values.go +++ /dev/null @@ -1,61 +0,0 @@ -package v1alpha1 - -import ( - "encoding/json" - "fmt" - reflect "reflect" - "strings" - - runtime "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/yaml" -) - -// Set the ValuesObject property to the json representation of the yaml contained in value -// Remove Values property if present -func (h *ApplicationSourceHelm) SetValuesString(value string) error { - if value == "" { - h.ValuesObject = nil - h.Values = "" - } else { - data, err := yaml.YAMLToJSON([]byte(value)) - if err != nil { - return fmt.Errorf("failed converting yaml to json: %v", err) - } - var v interface{} - if err := json.Unmarshal(data, &v); err != nil { - return fmt.Errorf("failed to unmarshal json: %v", err) - } - switch v.(type) { - case string: - case map[string]interface{}: - default: - return fmt.Errorf("invalid type %q", reflect.TypeOf(v)) - } - h.ValuesObject = &runtime.RawExtension{Raw: data} - h.Values = "" - } - return nil -} - -func (h *ApplicationSourceHelm) ValuesYAML() []byte { - if h.ValuesObject == nil || h.ValuesObject.Raw == nil { - return []byte(h.Values) - } - b, err := yaml.JSONToYAML(h.ValuesObject.Raw) - if err != nil { - // This should be impossible, because rawValue isn't set directly. - return []byte{} - } - return b -} - -func (h *ApplicationSourceHelm) ValuesIsEmpty() bool { - return len(h.ValuesYAML()) == 0 -} - -func (h *ApplicationSourceHelm) ValuesString() string { - if h.ValuesObject == nil || h.ValuesObject.Raw == nil { - return h.Values - } - return strings.TrimSuffix(string(h.ValuesYAML()), "\n") -} diff --git a/pkg/apis/application/v1alpha1/values_test.go b/pkg/apis/application/v1alpha1/values_test.go deleted file mode 100644 index f21f17168a2e8..0000000000000 --- a/pkg/apis/application/v1alpha1/values_test.go +++ /dev/null @@ -1,81 +0,0 @@ -package v1alpha1 - -import ( - "testing" - - "github.com/stretchr/testify/assert" -) - -func TestValues_SetString(t *testing.T) { - testCases := []struct { - name string - inputValue string - expectError bool - expectValue string - }{ - { - name: "an empty string should not throw an error", - inputValue: `""`, - expectValue: "\"\"", - }, - { - name: "a string with contents should not throw an error", - inputValue: `"hello"`, - expectValue: "hello", - }, - { - name: "an array should throw an error", - inputValue: "[]", - expectError: true, - }, - { - name: "a number should throw an error", - inputValue: "42", - expectError: true, - }, - { - name: "a boolean should throw an error", - inputValue: "false", - expectError: true, - }, - { - name: "null should throw an error", - inputValue: "null", - expectError: true, - }, - { - name: "an empty object should not throw an error", - inputValue: "{}", - expectValue: "{}", - }, - { - name: "an object with contents should not throw an error", - inputValue: `{"some": "inputValue"}`, - expectValue: "some: inputValue", - }, - { - name: "a complex object should not throw an error", - inputValue: `{"a": {"nested": "object"}, "an": ["array"], "bool": true, "number": 1, "some": "string"}`, - expectValue: "a:\n nested: object\nan:\n- array\nbool: true\nnumber: 1\nsome: string", - }, - } - - for _, testCase := range testCases { - var err error - t.Run(testCase.name, func(t *testing.T) { - source := &ApplicationSourceHelm{} - err = source.SetValuesString(testCase.inputValue) - - if !testCase.expectError { - assert.Equal(t, testCase.expectValue, source.ValuesString()) - data, err := source.ValuesObject.MarshalJSON() - assert.NoError(t, err) - err = source.ValuesObject.UnmarshalJSON(data) - assert.NoError(t, err) - assert.Equal(t, testCase.expectValue, source.ValuesString()) - } else { - assert.Error(t, err) - } - }) - } -} diff --git a/pkg/apis/application/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/application/v1alpha1/zz_generated.deepcopy.go index 79b97e330ad09..251620caba272 100644 --- a/pkg/apis/application/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/application/v1alpha1/zz_generated.deepcopy.go @@ -452,11 +452,6 @@ func (in *ApplicationSetGenerator) DeepCopyInto(out *ApplicationSetGenerator) { *out = new(v1.LabelSelector) (*in).DeepCopyInto(*out) } - if in.Plugin != nil { - in, out := &in.Plugin, &out.Plugin - *out = new(PluginGenerator) - (*in).DeepCopyInto(*out) - } return } @@ -551,11 +546,6 @@ func (in *ApplicationSetNestedGenerator) DeepCopyInto(out *ApplicationSetNestedG *out = new(v1.LabelSelector) (*in).DeepCopyInto(*out) } - if in.Plugin != nil { - in, out := &in.Plugin, &out.Plugin - *out = new(PluginGenerator) - (*in).DeepCopyInto(*out) - } return } @@ -656,7 +646,7 @@ func (in *ApplicationSetSpec) DeepCopyInto(out *ApplicationSetSpec) { if in.SyncPolicy != nil { in, out := &in.SyncPolicy, &out.SyncPolicy *out = new(ApplicationSetSyncPolicy) - (*in).DeepCopyInto(*out) + **out = **in } if in.Strategy != nil { in, out := &in.Strategy, &out.Strategy @@ -668,11 +658,6 @@ func (in *ApplicationSetSpec) DeepCopyInto(out *ApplicationSetSpec) { *out = new(ApplicationPreservedFields) (*in).DeepCopyInto(*out) } - if in.GoTemplateOptions != nil { - in, out := &in.GoTemplateOptions, &out.GoTemplateOptions - *out = make([]string, len(*in)) - copy(*out, *in) - } return } @@ -740,11 +725,6 @@ func (in *ApplicationSetStrategy) DeepCopy() *ApplicationSetStrategy { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ApplicationSetSyncPolicy) DeepCopyInto(out *ApplicationSetSyncPolicy) { *out = *in - if in.ApplicationsSync != nil { - in, out := &in.ApplicationsSync, &out.ApplicationsSync - *out = new(ApplicationsSyncPolicy) - **out = **in - } return } @@ -844,16 +824,6 @@ func (in *ApplicationSetTerminalGenerator) DeepCopyInto(out *ApplicationSetTermi *out = new(PullRequestGenerator) (*in).DeepCopyInto(*out) } - if in.Plugin != nil { - in, out := &in.Plugin, &out.Plugin - *out = new(PluginGenerator) - (*in).DeepCopyInto(*out) - } - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } return } @@ -960,11 +930,6 @@ func (in *ApplicationSourceHelm) DeepCopyInto(out *ApplicationSourceHelm) { *out = make([]HelmFileParameter, len(*in)) copy(*out, *in) } - if in.ValuesObject != nil { - in, out := &in.ValuesObject, &out.ValuesObject - *out = new(runtime.RawExtension) - (*in).DeepCopyInto(*out) - } return } @@ -1174,7 +1139,7 @@ func (in *ApplicationSpec) DeepCopyInto(out *ApplicationSpec) { } if in.IgnoreDifferences != nil { in, out := &in.IgnoreDifferences, &out.IgnoreDifferences - *out = make(IgnoreDifferences, len(*in)) + *out = make([]ResourceIgnoreDifferences, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1389,48 +1354,6 @@ func (in *BasicAuthBitbucketServer) DeepCopy() *BasicAuthBitbucketServer { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *BearerTokenBitbucketCloud) DeepCopyInto(out *BearerTokenBitbucketCloud) { - *out = *in - if in.TokenRef != nil { - in, out := &in.TokenRef, &out.TokenRef - *out = new(SecretRef) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BearerTokenBitbucketCloud. -func (in *BearerTokenBitbucketCloud) DeepCopy() *BearerTokenBitbucketCloud { - if in == nil { - return nil - } - out := new(BearerTokenBitbucketCloud) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChartDetails) DeepCopyInto(out *ChartDetails) { - *out = *in - if in.Maintainers != nil { - in, out := &in.Maintainers, &out.Maintainers - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChartDetails. -func (in *ChartDetails) DeepCopy() *ChartDetails { - if in == nil { - return nil - } - out := new(ChartDetails) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Cluster) DeepCopyInto(out *Cluster) { *out = *in @@ -1635,13 +1558,6 @@ func (in *ComparedTo) DeepCopyInto(out *ComparedTo) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.IgnoreDifferences != nil { - in, out := &in.IgnoreDifferences, &out.IgnoreDifferences - *out = make(IgnoreDifferences, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } return } @@ -1864,13 +1780,6 @@ func (in *GitGenerator) DeepCopyInto(out *GitGenerator) { **out = **in } in.Template.DeepCopyInto(&out.Template) - if in.Values != nil { - in, out := &in.Values, &out.Values - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } return } @@ -2029,28 +1938,6 @@ func (in *HostResourceInfo) DeepCopy() *HostResourceInfo { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in IgnoreDifferences) DeepCopyInto(out *IgnoreDifferences) { - { - in := &in - *out = make(IgnoreDifferences, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - return - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IgnoreDifferences. -func (in IgnoreDifferences) DeepCopy() IgnoreDifferences { - if in == nil { - return nil - } - out := new(IgnoreDifferences) - in.DeepCopyInto(out) - return *out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Info) DeepCopyInto(out *Info) { *out = *in @@ -2577,98 +2464,6 @@ func (in *OverrideIgnoreDiff) DeepCopy() *OverrideIgnoreDiff { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PluginConfigMapRef) DeepCopyInto(out *PluginConfigMapRef) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PluginConfigMapRef. -func (in *PluginConfigMapRef) DeepCopy() *PluginConfigMapRef { - if in == nil { - return nil - } - out := new(PluginConfigMapRef) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PluginGenerator) DeepCopyInto(out *PluginGenerator) { - *out = *in - out.ConfigMapRef = in.ConfigMapRef - in.Input.DeepCopyInto(&out.Input) - if in.RequeueAfterSeconds != nil { - in, out := &in.RequeueAfterSeconds, &out.RequeueAfterSeconds - *out = new(int64) - **out = **in - } - in.Template.DeepCopyInto(&out.Template) - if in.Values != nil { - in, out := &in.Values, &out.Values - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PluginGenerator. -func (in *PluginGenerator) DeepCopy() *PluginGenerator { - if in == nil { - return nil - } - out := new(PluginGenerator) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PluginInput) DeepCopyInto(out *PluginInput) { - *out = *in - if in.Parameters != nil { - in, out := &in.Parameters, &out.Parameters - *out = make(PluginParameters, len(*in)) - for key, val := range *in { - (*out)[key] = *val.DeepCopy() - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PluginInput. -func (in *PluginInput) DeepCopy() *PluginInput { - if in == nil { - return nil - } - out := new(PluginInput) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in PluginParameters) DeepCopyInto(out *PluginParameters) { - { - in := &in - *out = make(PluginParameters, len(*in)) - for key, val := range *in { - (*out)[key] = *val.DeepCopy() - } - return - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PluginParameters. -func (in PluginParameters) DeepCopy() PluginParameters { - if in == nil { - return nil - } - out := new(PluginParameters) - in.DeepCopyInto(out) - return *out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProjectRole) DeepCopyInto(out *ProjectRole) { *out = *in @@ -2736,16 +2531,6 @@ func (in *PullRequestGenerator) DeepCopyInto(out *PullRequestGenerator) { **out = **in } in.Template.DeepCopyInto(&out.Template) - if in.Bitbucket != nil { - in, out := &in.Bitbucket, &out.Bitbucket - *out = new(PullRequestGeneratorBitbucket) - (*in).DeepCopyInto(*out) - } - if in.AzureDevOps != nil { - in, out := &in.AzureDevOps, &out.AzureDevOps - *out = new(PullRequestGeneratorAzureDevOps) - (*in).DeepCopyInto(*out) - } return } @@ -2759,58 +2544,6 @@ func (in *PullRequestGenerator) DeepCopy() *PullRequestGenerator { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PullRequestGeneratorAzureDevOps) DeepCopyInto(out *PullRequestGeneratorAzureDevOps) { - *out = *in - if in.TokenRef != nil { - in, out := &in.TokenRef, &out.TokenRef - *out = new(SecretRef) - **out = **in - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PullRequestGeneratorAzureDevOps. -func (in *PullRequestGeneratorAzureDevOps) DeepCopy() *PullRequestGeneratorAzureDevOps { - if in == nil { - return nil - } - out := new(PullRequestGeneratorAzureDevOps) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PullRequestGeneratorBitbucket) DeepCopyInto(out *PullRequestGeneratorBitbucket) { - *out = *in - if in.BasicAuth != nil { - in, out := &in.BasicAuth, &out.BasicAuth - *out = new(BasicAuthBitbucketServer) - (*in).DeepCopyInto(*out) - } - if in.BearerToken != nil { - in, out := &in.BearerToken, &out.BearerToken - *out = new(BearerTokenBitbucketCloud) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PullRequestGeneratorBitbucket. -func (in *PullRequestGeneratorBitbucket) DeepCopy() *PullRequestGeneratorBitbucket { - if in == nil { - return nil - } - out := new(PullRequestGeneratorBitbucket) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PullRequestGeneratorBitbucketServer) DeepCopyInto(out *PullRequestGeneratorBitbucketServer) { *out = *in @@ -2840,11 +2573,6 @@ func (in *PullRequestGeneratorFilter) DeepCopyInto(out *PullRequestGeneratorFilt *out = new(string) **out = **in } - if in.TargetBranchMatch != nil { - in, out := &in.TargetBranchMatch, &out.TargetBranchMatch - *out = new(string) - **out = **in - } return } @@ -3350,7 +3078,6 @@ func (in *ResourceNode) DeepCopy() *ResourceNode { func (in *ResourceOverride) DeepCopyInto(out *ResourceOverride) { *out = *in in.IgnoreDifferences.DeepCopyInto(&out.IgnoreDifferences) - in.IgnoreResourceUpdates.DeepCopyInto(&out.IgnoreResourceUpdates) if in.KnownTypeFields != nil { in, out := &in.KnownTypeFields, &out.KnownTypeFields *out = make([]KnownTypeField, len(*in)) @@ -3593,18 +3320,6 @@ func (in *SCMProviderGenerator) DeepCopyInto(out *SCMProviderGenerator) { **out = **in } in.Template.DeepCopyInto(&out.Template) - if in.Values != nil { - in, out := &in.Values, &out.Values - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.AWSCodeCommit != nil { - in, out := &in.AWSCodeCommit, &out.AWSCodeCommit - *out = new(SCMProviderGeneratorAWSCodeCommit) - (*in).DeepCopyInto(*out) - } return } @@ -3618,33 +3333,6 @@ func (in *SCMProviderGenerator) DeepCopy() *SCMProviderGenerator { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SCMProviderGeneratorAWSCodeCommit) DeepCopyInto(out *SCMProviderGeneratorAWSCodeCommit) { - *out = *in - if in.TagFilters != nil { - in, out := &in.TagFilters, &out.TagFilters - *out = make([]*TagFilter, len(*in)) - for i := range *in { - if (*in)[i] != nil { - in, out := &(*in)[i], &(*out)[i] - *out = new(TagFilter) - **out = **in - } - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SCMProviderGeneratorAWSCodeCommit. -func (in *SCMProviderGeneratorAWSCodeCommit) DeepCopy() *SCMProviderGeneratorAWSCodeCommit { - if in == nil { - return nil - } - out := new(SCMProviderGeneratorAWSCodeCommit) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SCMProviderGeneratorAzureDevOps) DeepCopyInto(out *SCMProviderGeneratorAzureDevOps) { *out = *in @@ -3799,11 +3487,6 @@ func (in *SCMProviderGeneratorGitlab) DeepCopyInto(out *SCMProviderGeneratorGitl *out = new(SecretRef) **out = **in } - if in.IncludeSharedProjects != nil { - in, out := &in.IncludeSharedProjects, &out.IncludeSharedProjects - *out = new(bool) - **out = **in - } return } @@ -3945,11 +3628,6 @@ func (in *SyncOperationResult) DeepCopyInto(out *SyncOperationResult) { *out = make([]string, len(*in)) copy(*out, *in) } - if in.ManagedNamespaceMetadata != nil { - in, out := &in.ManagedNamespaceMetadata, &out.ManagedNamespaceMetadata - *out = new(ManagedNamespaceMetadata) - (*in).DeepCopyInto(*out) - } return } @@ -4203,19 +3881,3 @@ func (in *TLSClientConfig) DeepCopy() *TLSClientConfig { in.DeepCopyInto(out) return out } - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TagFilter) DeepCopyInto(out *TagFilter) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TagFilter. -func (in *TagFilter) DeepCopy() *TagFilter { - if in == nil { - return nil - } - out := new(TagFilter) - in.DeepCopyInto(out) - return out -} diff --git a/reposerver/apiclient/clientset.go b/reposerver/apiclient/clientset.go index 417dc758ef5bd..1ef95466cd739 100644 --- a/reposerver/apiclient/clientset.go +++ b/reposerver/apiclient/clientset.go @@ -3,12 +3,12 @@ package apiclient import ( "crypto/tls" "crypto/x509" - "fmt" "time" grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware" grpc_retry "github.com/grpc-ecosystem/go-grpc-middleware/retry" log "github.com/sirupsen/logrus" + "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" "google.golang.org/grpc" "google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials/insecure" @@ -17,8 +17,6 @@ import ( "github.com/argoproj/argo-cd/v2/util/io" ) -//go:generate go run github.com/vektra/mockery/v2@v2.15.0 --name=RepoServerServiceClient - const ( // MaxGRPCMessageSize contains max grpc message size MaxGRPCMessageSize = 100 * 1024 * 1024 @@ -48,7 +46,7 @@ type clientSet struct { func (c *clientSet) NewRepoServerClient() (io.Closer, RepoServerServiceClient, error) { conn, err := NewConnection(c.address, c.timeoutSeconds, &c.tlsConfig) if err != nil { - return nil, nil, fmt.Errorf("failed to open a new connection to repo server: %w", err) + return nil, nil, err } return conn, NewRepoServerServiceClient(conn), nil } @@ -66,8 +64,8 @@ func NewConnection(address string, timeoutSeconds int, tlsConfig *TLSConfigurati grpc.WithStreamInterceptor(grpc_retry.StreamClientInterceptor(retryOpts...)), grpc.WithUnaryInterceptor(grpc_middleware.ChainUnaryClient(unaryInterceptors...)), grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(MaxGRPCMessageSize), grpc.MaxCallSendMsgSize(MaxGRPCMessageSize)), - grpc.WithUnaryInterceptor(argogrpc.OTELUnaryClientInterceptor()), - grpc.WithStreamInterceptor(argogrpc.OTELStreamClientInterceptor()), + grpc.WithUnaryInterceptor(otelgrpc.UnaryClientInterceptor()), + grpc.WithStreamInterceptor(otelgrpc.StreamClientInterceptor()), } tlsC := &tls.Config{} diff --git a/reposerver/apiclient/mocks/RepoServerServiceClient.go b/reposerver/apiclient/mocks/RepoServerServiceClient.go index 25337c53a6373..8c6dcfaee2b72 100644 --- a/reposerver/apiclient/mocks/RepoServerServiceClient.go +++ b/reposerver/apiclient/mocks/RepoServerServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.21.1. DO NOT EDIT. +// Code generated by mockery v2.14.1. DO NOT EDIT. package mocks @@ -33,10 +33,6 @@ func (_m *RepoServerServiceClient) GenerateManifest(ctx context.Context, in *api ret := _m.Called(_ca...) var r0 *apiclient.ManifestResponse - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.ManifestRequest, ...grpc.CallOption) (*apiclient.ManifestResponse, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *apiclient.ManifestRequest, ...grpc.CallOption) *apiclient.ManifestResponse); ok { r0 = rf(ctx, in, opts...) } else { @@ -45,6 +41,7 @@ func (_m *RepoServerServiceClient) GenerateManifest(ctx context.Context, in *api } } + var r1 error if rf, ok := ret.Get(1).(func(context.Context, *apiclient.ManifestRequest, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { @@ -66,10 +63,6 @@ func (_m *RepoServerServiceClient) GenerateManifestWithFiles(ctx context.Context ret := _m.Called(_ca...) var r0 apiclient.RepoServerService_GenerateManifestWithFilesClient - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, ...grpc.CallOption) (apiclient.RepoServerService_GenerateManifestWithFilesClient, error)); ok { - return rf(ctx, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, ...grpc.CallOption) apiclient.RepoServerService_GenerateManifestWithFilesClient); ok { r0 = rf(ctx, opts...) } else { @@ -78,6 +71,7 @@ func (_m *RepoServerServiceClient) GenerateManifestWithFiles(ctx context.Context } } + var r1 error if rf, ok := ret.Get(1).(func(context.Context, ...grpc.CallOption) error); ok { r1 = rf(ctx, opts...) } else { @@ -99,10 +93,6 @@ func (_m *RepoServerServiceClient) GetAppDetails(ctx context.Context, in *apicli ret := _m.Called(_ca...) var r0 *apiclient.RepoAppDetailsResponse - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.RepoServerAppDetailsQuery, ...grpc.CallOption) (*apiclient.RepoAppDetailsResponse, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *apiclient.RepoServerAppDetailsQuery, ...grpc.CallOption) *apiclient.RepoAppDetailsResponse); ok { r0 = rf(ctx, in, opts...) } else { @@ -111,73 +101,8 @@ func (_m *RepoServerServiceClient) GetAppDetails(ctx context.Context, in *apicli } } - if rf, ok := ret.Get(1).(func(context.Context, *apiclient.RepoServerAppDetailsQuery, ...grpc.CallOption) error); ok { - r1 = rf(ctx, in, opts...) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// GetGitDirectories provides a mock function with given fields: ctx, in, opts -func (_m *RepoServerServiceClient) GetGitDirectories(ctx context.Context, in *apiclient.GitDirectoriesRequest, opts ...grpc.CallOption) (*apiclient.GitDirectoriesResponse, error) { - _va := make([]interface{}, len(opts)) - for _i := range opts { - _va[_i] = opts[_i] - } - var _ca []interface{} - _ca = append(_ca, ctx, in) - _ca = append(_ca, _va...) - ret := _m.Called(_ca...) - - var r0 *apiclient.GitDirectoriesResponse - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.GitDirectoriesRequest, ...grpc.CallOption) (*apiclient.GitDirectoriesResponse, error)); ok { - return rf(ctx, in, opts...) - } - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.GitDirectoriesRequest, ...grpc.CallOption) *apiclient.GitDirectoriesResponse); ok { - r0 = rf(ctx, in, opts...) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*apiclient.GitDirectoriesResponse) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, *apiclient.GitDirectoriesRequest, ...grpc.CallOption) error); ok { - r1 = rf(ctx, in, opts...) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// GetGitFiles provides a mock function with given fields: ctx, in, opts -func (_m *RepoServerServiceClient) GetGitFiles(ctx context.Context, in *apiclient.GitFilesRequest, opts ...grpc.CallOption) (*apiclient.GitFilesResponse, error) { - _va := make([]interface{}, len(opts)) - for _i := range opts { - _va[_i] = opts[_i] - } - var _ca []interface{} - _ca = append(_ca, ctx, in) - _ca = append(_ca, _va...) - ret := _m.Called(_ca...) - - var r0 *apiclient.GitFilesResponse var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.GitFilesRequest, ...grpc.CallOption) (*apiclient.GitFilesResponse, error)); ok { - return rf(ctx, in, opts...) - } - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.GitFilesRequest, ...grpc.CallOption) *apiclient.GitFilesResponse); ok { - r0 = rf(ctx, in, opts...) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*apiclient.GitFilesResponse) - } - } - - if rf, ok := ret.Get(1).(func(context.Context, *apiclient.GitFilesRequest, ...grpc.CallOption) error); ok { + if rf, ok := ret.Get(1).(func(context.Context, *apiclient.RepoServerAppDetailsQuery, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { r1 = ret.Error(1) @@ -198,10 +123,6 @@ func (_m *RepoServerServiceClient) GetHelmCharts(ctx context.Context, in *apicli ret := _m.Called(_ca...) var r0 *apiclient.HelmChartsResponse - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.HelmChartsRequest, ...grpc.CallOption) (*apiclient.HelmChartsResponse, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *apiclient.HelmChartsRequest, ...grpc.CallOption) *apiclient.HelmChartsResponse); ok { r0 = rf(ctx, in, opts...) } else { @@ -210,37 +131,8 @@ func (_m *RepoServerServiceClient) GetHelmCharts(ctx context.Context, in *apicli } } - if rf, ok := ret.Get(1).(func(context.Context, *apiclient.HelmChartsRequest, ...grpc.CallOption) error); ok { - r1 = rf(ctx, in, opts...) - } else { - r1 = ret.Error(1) - } - - return r0, r1 -} - -// GetRevisionChartDetails provides a mock function with given fields: ctx, in, opts -func (_m *RepoServerServiceClient) GetRevisionChartDetails(ctx context.Context, in *apiclient.RepoServerRevisionChartDetailsRequest, opts ...grpc.CallOption) (*v1alpha1.ChartDetails, error) { - _va := make([]interface{}, len(opts)) - for _i := range opts { - _va[_i] = opts[_i] - } - var _ca []interface{} - _ca = append(_ca, ctx, in) - _ca = append(_ca, _va...) - ret := _m.Called(_ca...) - - var r0 *v1alpha1.ChartDetails - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.RepoServerRevisionChartDetailsRequest, ...grpc.CallOption) *v1alpha1.ChartDetails); ok { - r0 = rf(ctx, in, opts...) - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*v1alpha1.ChartDetails) - } - } - var r1 error - if rf, ok := ret.Get(1).(func(context.Context, *apiclient.RepoServerRevisionChartDetailsRequest, ...grpc.CallOption) error); ok { + if rf, ok := ret.Get(1).(func(context.Context, *apiclient.HelmChartsRequest, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { r1 = ret.Error(1) @@ -261,10 +153,6 @@ func (_m *RepoServerServiceClient) GetRevisionMetadata(ctx context.Context, in * ret := _m.Called(_ca...) var r0 *v1alpha1.RevisionMetadata - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.RepoServerRevisionMetadataRequest, ...grpc.CallOption) (*v1alpha1.RevisionMetadata, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *apiclient.RepoServerRevisionMetadataRequest, ...grpc.CallOption) *v1alpha1.RevisionMetadata); ok { r0 = rf(ctx, in, opts...) } else { @@ -273,6 +161,7 @@ func (_m *RepoServerServiceClient) GetRevisionMetadata(ctx context.Context, in * } } + var r1 error if rf, ok := ret.Get(1).(func(context.Context, *apiclient.RepoServerRevisionMetadataRequest, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { @@ -294,10 +183,6 @@ func (_m *RepoServerServiceClient) ListApps(ctx context.Context, in *apiclient.L ret := _m.Called(_ca...) var r0 *apiclient.AppList - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.ListAppsRequest, ...grpc.CallOption) (*apiclient.AppList, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *apiclient.ListAppsRequest, ...grpc.CallOption) *apiclient.AppList); ok { r0 = rf(ctx, in, opts...) } else { @@ -306,6 +191,7 @@ func (_m *RepoServerServiceClient) ListApps(ctx context.Context, in *apiclient.L } } + var r1 error if rf, ok := ret.Get(1).(func(context.Context, *apiclient.ListAppsRequest, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { @@ -327,10 +213,6 @@ func (_m *RepoServerServiceClient) ListPlugins(ctx context.Context, in *emptypb. ret := _m.Called(_ca...) var r0 *apiclient.PluginList - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *emptypb.Empty, ...grpc.CallOption) (*apiclient.PluginList, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *emptypb.Empty, ...grpc.CallOption) *apiclient.PluginList); ok { r0 = rf(ctx, in, opts...) } else { @@ -339,6 +221,7 @@ func (_m *RepoServerServiceClient) ListPlugins(ctx context.Context, in *emptypb. } } + var r1 error if rf, ok := ret.Get(1).(func(context.Context, *emptypb.Empty, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { @@ -360,10 +243,6 @@ func (_m *RepoServerServiceClient) ListRefs(ctx context.Context, in *apiclient.L ret := _m.Called(_ca...) var r0 *apiclient.Refs - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.ListRefsRequest, ...grpc.CallOption) (*apiclient.Refs, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *apiclient.ListRefsRequest, ...grpc.CallOption) *apiclient.Refs); ok { r0 = rf(ctx, in, opts...) } else { @@ -372,6 +251,7 @@ func (_m *RepoServerServiceClient) ListRefs(ctx context.Context, in *apiclient.L } } + var r1 error if rf, ok := ret.Get(1).(func(context.Context, *apiclient.ListRefsRequest, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { @@ -393,10 +273,6 @@ func (_m *RepoServerServiceClient) ResolveRevision(ctx context.Context, in *apic ret := _m.Called(_ca...) var r0 *apiclient.ResolveRevisionResponse - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.ResolveRevisionRequest, ...grpc.CallOption) (*apiclient.ResolveRevisionResponse, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *apiclient.ResolveRevisionRequest, ...grpc.CallOption) *apiclient.ResolveRevisionResponse); ok { r0 = rf(ctx, in, opts...) } else { @@ -405,6 +281,7 @@ func (_m *RepoServerServiceClient) ResolveRevision(ctx context.Context, in *apic } } + var r1 error if rf, ok := ret.Get(1).(func(context.Context, *apiclient.ResolveRevisionRequest, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { @@ -426,10 +303,6 @@ func (_m *RepoServerServiceClient) TestRepository(ctx context.Context, in *apicl ret := _m.Called(_ca...) var r0 *apiclient.TestRepositoryResponse - var r1 error - if rf, ok := ret.Get(0).(func(context.Context, *apiclient.TestRepositoryRequest, ...grpc.CallOption) (*apiclient.TestRepositoryResponse, error)); ok { - return rf(ctx, in, opts...) - } if rf, ok := ret.Get(0).(func(context.Context, *apiclient.TestRepositoryRequest, ...grpc.CallOption) *apiclient.TestRepositoryResponse); ok { r0 = rf(ctx, in, opts...) } else { @@ -438,6 +311,7 @@ func (_m *RepoServerServiceClient) TestRepository(ctx context.Context, in *apicl } } + var r1 error if rf, ok := ret.Get(1).(func(context.Context, *apiclient.TestRepositoryRequest, ...grpc.CallOption) error); ok { r1 = rf(ctx, in, opts...) } else { diff --git a/reposerver/apiclient/repository.pb.go b/reposerver/apiclient/repository.pb.go index 4c05248b87e16..f19807676943c 100644 --- a/reposerver/apiclient/repository.pb.go +++ b/reposerver/apiclient/repository.pb.go @@ -36,31 +36,26 @@ type ManifestRequest struct { NoCache bool `protobuf:"varint,3,opt,name=noCache,proto3" json:"noCache,omitempty"` AppLabelKey string `protobuf:"bytes,4,opt,name=appLabelKey,proto3" json:"appLabelKey,omitempty"` // Name of the application for which the request is triggered - AppName string `protobuf:"bytes,5,opt,name=appName,proto3" json:"appName,omitempty"` - Namespace string `protobuf:"bytes,8,opt,name=namespace,proto3" json:"namespace,omitempty"` - ApplicationSource *v1alpha1.ApplicationSource `protobuf:"bytes,10,opt,name=applicationSource,proto3" json:"applicationSource,omitempty"` - Repos []*v1alpha1.Repository `protobuf:"bytes,11,rep,name=repos,proto3" json:"repos,omitempty"` - // Deprecated: use sidecar plugins instead. - Plugins []*v1alpha1.ConfigManagementPlugin `protobuf:"bytes,12,rep,name=plugins,proto3" json:"plugins,omitempty"` - KustomizeOptions *v1alpha1.KustomizeOptions `protobuf:"bytes,13,opt,name=kustomizeOptions,proto3" json:"kustomizeOptions,omitempty"` - KubeVersion string `protobuf:"bytes,14,opt,name=kubeVersion,proto3" json:"kubeVersion,omitempty"` - ApiVersions []string `protobuf:"bytes,15,rep,name=apiVersions,proto3" json:"apiVersions,omitempty"` + AppName string `protobuf:"bytes,5,opt,name=appName,proto3" json:"appName,omitempty"` + Namespace string `protobuf:"bytes,8,opt,name=namespace,proto3" json:"namespace,omitempty"` + ApplicationSource *v1alpha1.ApplicationSource `protobuf:"bytes,10,opt,name=applicationSource,proto3" json:"applicationSource,omitempty"` + Repos []*v1alpha1.Repository `protobuf:"bytes,11,rep,name=repos,proto3" json:"repos,omitempty"` + Plugins []*v1alpha1.ConfigManagementPlugin `protobuf:"bytes,12,rep,name=plugins,proto3" json:"plugins,omitempty"` + KustomizeOptions *v1alpha1.KustomizeOptions `protobuf:"bytes,13,opt,name=kustomizeOptions,proto3" json:"kustomizeOptions,omitempty"` + KubeVersion string `protobuf:"bytes,14,opt,name=kubeVersion,proto3" json:"kubeVersion,omitempty"` + ApiVersions []string `protobuf:"bytes,15,rep,name=apiVersions,proto3" json:"apiVersions,omitempty"` // Request to verify the signature when generating the manifests (only for Git repositories) - VerifySignature bool `protobuf:"varint,16,opt,name=verifySignature,proto3" json:"verifySignature,omitempty"` - HelmRepoCreds []*v1alpha1.RepoCreds `protobuf:"bytes,17,rep,name=helmRepoCreds,proto3" json:"helmRepoCreds,omitempty"` - NoRevisionCache bool `protobuf:"varint,18,opt,name=noRevisionCache,proto3" json:"noRevisionCache,omitempty"` - TrackingMethod string `protobuf:"bytes,19,opt,name=trackingMethod,proto3" json:"trackingMethod,omitempty"` - EnabledSourceTypes map[string]bool `protobuf:"bytes,20,rep,name=enabledSourceTypes,proto3" json:"enabledSourceTypes,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"varint,2,opt,name=value,proto3"` - HelmOptions *v1alpha1.HelmOptions `protobuf:"bytes,21,opt,name=helmOptions,proto3" json:"helmOptions,omitempty"` - HasMultipleSources bool `protobuf:"varint,22,opt,name=hasMultipleSources,proto3" json:"hasMultipleSources,omitempty"` - RefSources map[string]*v1alpha1.RefTarget `protobuf:"bytes,23,rep,name=refSources,proto3" json:"refSources,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - // This is used to surface "source not permitted" errors for Helm repositories - ProjectSourceRepos []string `protobuf:"bytes,24,rep,name=projectSourceRepos,proto3" json:"projectSourceRepos,omitempty"` - // This is used to surface "source not permitted" errors for Helm repositories - ProjectName string `protobuf:"bytes,25,opt,name=projectName,proto3" json:"projectName,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + VerifySignature bool `protobuf:"varint,16,opt,name=verifySignature,proto3" json:"verifySignature,omitempty"` + HelmRepoCreds []*v1alpha1.RepoCreds `protobuf:"bytes,17,rep,name=helmRepoCreds,proto3" json:"helmRepoCreds,omitempty"` + NoRevisionCache bool `protobuf:"varint,18,opt,name=noRevisionCache,proto3" json:"noRevisionCache,omitempty"` + TrackingMethod string `protobuf:"bytes,19,opt,name=trackingMethod,proto3" json:"trackingMethod,omitempty"` + EnabledSourceTypes map[string]bool `protobuf:"bytes,20,rep,name=enabledSourceTypes,proto3" json:"enabledSourceTypes,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"varint,2,opt,name=value,proto3"` + HelmOptions *v1alpha1.HelmOptions `protobuf:"bytes,21,opt,name=helmOptions,proto3" json:"helmOptions,omitempty"` + HasMultipleSources bool `protobuf:"varint,22,opt,name=hasMultipleSources,proto3" json:"hasMultipleSources,omitempty"` + RefSources map[string]*v1alpha1.RefTarget `protobuf:"bytes,23,rep,name=refSources,proto3" json:"refSources,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *ManifestRequest) Reset() { *m = ManifestRequest{} } @@ -236,20 +231,6 @@ func (m *ManifestRequest) GetRefSources() map[string]*v1alpha1.RefTarget { return nil } -func (m *ManifestRequest) GetProjectSourceRepos() []string { - if m != nil { - return m.ProjectSourceRepos - } - return nil -} - -func (m *ManifestRequest) GetProjectName() string { - if m != nil { - return m.ProjectName - } - return "" -} - type ManifestRequestWithFiles struct { // Types that are valid to be assigned to Part: // *ManifestRequestWithFiles_Request @@ -1346,72 +1327,6 @@ func (m *RepoServerRevisionMetadataRequest) GetCheckSignature() bool { return false } -type RepoServerRevisionChartDetailsRequest struct { - // the repo - Repo *v1alpha1.Repository `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"` - // the chart - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - // the revision within the chart - Revision string `protobuf:"bytes,3,opt,name=revision,proto3" json:"revision,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *RepoServerRevisionChartDetailsRequest) Reset() { *m = RepoServerRevisionChartDetailsRequest{} } -func (m *RepoServerRevisionChartDetailsRequest) String() string { return proto.CompactTextString(m) } -func (*RepoServerRevisionChartDetailsRequest) ProtoMessage() {} -func (*RepoServerRevisionChartDetailsRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{18} -} -func (m *RepoServerRevisionChartDetailsRequest) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *RepoServerRevisionChartDetailsRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_RepoServerRevisionChartDetailsRequest.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *RepoServerRevisionChartDetailsRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_RepoServerRevisionChartDetailsRequest.Merge(m, src) -} -func (m *RepoServerRevisionChartDetailsRequest) XXX_Size() int { - return m.Size() -} -func (m *RepoServerRevisionChartDetailsRequest) XXX_DiscardUnknown() { - xxx_messageInfo_RepoServerRevisionChartDetailsRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_RepoServerRevisionChartDetailsRequest proto.InternalMessageInfo - -func (m *RepoServerRevisionChartDetailsRequest) GetRepo() *v1alpha1.Repository { - if m != nil { - return m.Repo - } - return nil -} - -func (m *RepoServerRevisionChartDetailsRequest) GetName() string { - if m != nil { - return m.Name - } - return "" -} - -func (m *RepoServerRevisionChartDetailsRequest) GetRevision() string { - if m != nil { - return m.Revision - } - return "" -} - // HelmAppSpec contains helm app name in source repo type HelmAppSpec struct { Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` @@ -1431,7 +1346,7 @@ func (m *HelmAppSpec) Reset() { *m = HelmAppSpec{} } func (m *HelmAppSpec) String() string { return proto.CompactTextString(m) } func (*HelmAppSpec) ProtoMessage() {} func (*HelmAppSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{19} + return fileDescriptor_dd8723cfcc820480, []int{18} } func (m *HelmAppSpec) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1508,7 +1423,7 @@ func (m *KustomizeAppSpec) Reset() { *m = KustomizeAppSpec{} } func (m *KustomizeAppSpec) String() string { return proto.CompactTextString(m) } func (*KustomizeAppSpec) ProtoMessage() {} func (*KustomizeAppSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{20} + return fileDescriptor_dd8723cfcc820480, []int{19} } func (m *KustomizeAppSpec) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1555,7 +1470,7 @@ func (m *DirectoryAppSpec) Reset() { *m = DirectoryAppSpec{} } func (m *DirectoryAppSpec) String() string { return proto.CompactTextString(m) } func (*DirectoryAppSpec) ProtoMessage() {} func (*DirectoryAppSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{21} + return fileDescriptor_dd8723cfcc820480, []int{20} } func (m *DirectoryAppSpec) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1615,7 +1530,7 @@ func (m *ParameterAnnouncement) Reset() { *m = ParameterAnnouncement{} } func (m *ParameterAnnouncement) String() string { return proto.CompactTextString(m) } func (*ParameterAnnouncement) ProtoMessage() {} func (*ParameterAnnouncement) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{22} + return fileDescriptor_dd8723cfcc820480, []int{21} } func (m *ParameterAnnouncement) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1719,7 +1634,7 @@ func (m *PluginAppSpec) Reset() { *m = PluginAppSpec{} } func (m *PluginAppSpec) String() string { return proto.CompactTextString(m) } func (*PluginAppSpec) ProtoMessage() {} func (*PluginAppSpec) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{23} + return fileDescriptor_dd8723cfcc820480, []int{22} } func (m *PluginAppSpec) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1766,7 +1681,7 @@ func (m *HelmChartsRequest) Reset() { *m = HelmChartsRequest{} } func (m *HelmChartsRequest) String() string { return proto.CompactTextString(m) } func (*HelmChartsRequest) ProtoMessage() {} func (*HelmChartsRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{24} + return fileDescriptor_dd8723cfcc820480, []int{23} } func (m *HelmChartsRequest) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1814,7 +1729,7 @@ func (m *HelmChart) Reset() { *m = HelmChart{} } func (m *HelmChart) String() string { return proto.CompactTextString(m) } func (*HelmChart) ProtoMessage() {} func (*HelmChart) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{25} + return fileDescriptor_dd8723cfcc820480, []int{24} } func (m *HelmChart) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1868,7 +1783,7 @@ func (m *HelmChartsResponse) Reset() { *m = HelmChartsResponse{} } func (m *HelmChartsResponse) String() string { return proto.CompactTextString(m) } func (*HelmChartsResponse) ProtoMessage() {} func (*HelmChartsResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{26} + return fileDescriptor_dd8723cfcc820480, []int{25} } func (m *HelmChartsResponse) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -1904,244 +1819,6 @@ func (m *HelmChartsResponse) GetItems() []*HelmChart { return nil } -type GitFilesRequest struct { - Repo *v1alpha1.Repository `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"` - SubmoduleEnabled bool `protobuf:"varint,2,opt,name=submoduleEnabled,proto3" json:"submoduleEnabled,omitempty"` - Revision string `protobuf:"bytes,3,opt,name=revision,proto3" json:"revision,omitempty"` - Path string `protobuf:"bytes,4,opt,name=path,proto3" json:"path,omitempty"` - NewGitFileGlobbingEnabled bool `protobuf:"varint,5,opt,name=NewGitFileGlobbingEnabled,proto3" json:"NewGitFileGlobbingEnabled,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *GitFilesRequest) Reset() { *m = GitFilesRequest{} } -func (m *GitFilesRequest) String() string { return proto.CompactTextString(m) } -func (*GitFilesRequest) ProtoMessage() {} -func (*GitFilesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{27} -} -func (m *GitFilesRequest) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *GitFilesRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_GitFilesRequest.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *GitFilesRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_GitFilesRequest.Merge(m, src) -} -func (m *GitFilesRequest) XXX_Size() int { - return m.Size() -} -func (m *GitFilesRequest) XXX_DiscardUnknown() { - xxx_messageInfo_GitFilesRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_GitFilesRequest proto.InternalMessageInfo - -func (m *GitFilesRequest) GetRepo() *v1alpha1.Repository { - if m != nil { - return m.Repo - } - return nil -} - -func (m *GitFilesRequest) GetSubmoduleEnabled() bool { - if m != nil { - return m.SubmoduleEnabled - } - return false -} - -func (m *GitFilesRequest) GetRevision() string { - if m != nil { - return m.Revision - } - return "" -} - -func (m *GitFilesRequest) GetPath() string { - if m != nil { - return m.Path - } - return "" -} - -func (m *GitFilesRequest) GetNewGitFileGlobbingEnabled() bool { - if m != nil { - return m.NewGitFileGlobbingEnabled - } - return false -} - -type GitFilesResponse struct { - // Map consisting of path of the path to its contents in bytes - Map map[string][]byte `protobuf:"bytes,1,rep,name=map,proto3" json:"map,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *GitFilesResponse) Reset() { *m = GitFilesResponse{} } -func (m *GitFilesResponse) String() string { return proto.CompactTextString(m) } -func (*GitFilesResponse) ProtoMessage() {} -func (*GitFilesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{28} -} -func (m *GitFilesResponse) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *GitFilesResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_GitFilesResponse.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *GitFilesResponse) XXX_Merge(src proto.Message) { - xxx_messageInfo_GitFilesResponse.Merge(m, src) -} -func (m *GitFilesResponse) XXX_Size() int { - return m.Size() -} -func (m *GitFilesResponse) XXX_DiscardUnknown() { - xxx_messageInfo_GitFilesResponse.DiscardUnknown(m) -} - -var xxx_messageInfo_GitFilesResponse proto.InternalMessageInfo - -func (m *GitFilesResponse) GetMap() map[string][]byte { - if m != nil { - return m.Map - } - return nil -} - -type GitDirectoriesRequest struct { - Repo *v1alpha1.Repository `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"` - SubmoduleEnabled bool `protobuf:"varint,2,opt,name=submoduleEnabled,proto3" json:"submoduleEnabled,omitempty"` - Revision string `protobuf:"bytes,3,opt,name=revision,proto3" json:"revision,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *GitDirectoriesRequest) Reset() { *m = GitDirectoriesRequest{} } -func (m *GitDirectoriesRequest) String() string { return proto.CompactTextString(m) } -func (*GitDirectoriesRequest) ProtoMessage() {} -func (*GitDirectoriesRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{29} -} -func (m *GitDirectoriesRequest) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *GitDirectoriesRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_GitDirectoriesRequest.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *GitDirectoriesRequest) XXX_Merge(src proto.Message) { - xxx_messageInfo_GitDirectoriesRequest.Merge(m, src) -} -func (m *GitDirectoriesRequest) XXX_Size() int { - return m.Size() -} -func (m *GitDirectoriesRequest) XXX_DiscardUnknown() { - xxx_messageInfo_GitDirectoriesRequest.DiscardUnknown(m) -} - -var xxx_messageInfo_GitDirectoriesRequest proto.InternalMessageInfo - -func (m *GitDirectoriesRequest) GetRepo() *v1alpha1.Repository { - if m != nil { - return m.Repo - } - return nil -} - -func (m *GitDirectoriesRequest) GetSubmoduleEnabled() bool { - if m != nil { - return m.SubmoduleEnabled - } - return false -} - -func (m *GitDirectoriesRequest) GetRevision() string { - if m != nil { - return m.Revision - } - return "" -} - -type GitDirectoriesResponse struct { - // A set of directory paths - Paths []string `protobuf:"bytes,1,rep,name=paths,proto3" json:"paths,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *GitDirectoriesResponse) Reset() { *m = GitDirectoriesResponse{} } -func (m *GitDirectoriesResponse) String() string { return proto.CompactTextString(m) } -func (*GitDirectoriesResponse) ProtoMessage() {} -func (*GitDirectoriesResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_dd8723cfcc820480, []int{30} -} -func (m *GitDirectoriesResponse) XXX_Unmarshal(b []byte) error { - return m.Unmarshal(b) -} -func (m *GitDirectoriesResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - if deterministic { - return xxx_messageInfo_GitDirectoriesResponse.Marshal(b, m, deterministic) - } else { - b = b[:cap(b)] - n, err := m.MarshalToSizedBuffer(b) - if err != nil { - return nil, err - } - return b[:n], nil - } -} -func (m *GitDirectoriesResponse) XXX_Merge(src proto.Message) { - xxx_messageInfo_GitDirectoriesResponse.Merge(m, src) -} -func (m *GitDirectoriesResponse) XXX_Size() int { - return m.Size() -} -func (m *GitDirectoriesResponse) XXX_DiscardUnknown() { - xxx_messageInfo_GitDirectoriesResponse.DiscardUnknown(m) -} - -var xxx_messageInfo_GitDirectoriesResponse proto.InternalMessageInfo - -func (m *GitDirectoriesResponse) GetPaths() []string { - if m != nil { - return m.Paths - } - return nil -} - func init() { proto.RegisterType((*ManifestRequest)(nil), "repository.ManifestRequest") proto.RegisterMapType((map[string]bool)(nil), "repository.ManifestRequest.EnabledSourceTypesEntry") @@ -2167,7 +1844,6 @@ func init() { proto.RegisterMapType((map[string]*v1alpha1.RefTarget)(nil), "repository.RepoServerAppDetailsQuery.RefSourcesEntry") proto.RegisterType((*RepoAppDetailsResponse)(nil), "repository.RepoAppDetailsResponse") proto.RegisterType((*RepoServerRevisionMetadataRequest)(nil), "repository.RepoServerRevisionMetadataRequest") - proto.RegisterType((*RepoServerRevisionChartDetailsRequest)(nil), "repository.RepoServerRevisionChartDetailsRequest") proto.RegisterType((*HelmAppSpec)(nil), "repository.HelmAppSpec") proto.RegisterType((*KustomizeAppSpec)(nil), "repository.KustomizeAppSpec") proto.RegisterType((*DirectoryAppSpec)(nil), "repository.DirectoryAppSpec") @@ -2177,11 +1853,6 @@ func init() { proto.RegisterType((*HelmChartsRequest)(nil), "repository.HelmChartsRequest") proto.RegisterType((*HelmChart)(nil), "repository.HelmChart") proto.RegisterType((*HelmChartsResponse)(nil), "repository.HelmChartsResponse") - proto.RegisterType((*GitFilesRequest)(nil), "repository.GitFilesRequest") - proto.RegisterType((*GitFilesResponse)(nil), "repository.GitFilesResponse") - proto.RegisterMapType((map[string][]byte)(nil), "repository.GitFilesResponse.MapEntry") - proto.RegisterType((*GitDirectoriesRequest)(nil), "repository.GitDirectoriesRequest") - proto.RegisterType((*GitDirectoriesResponse)(nil), "repository.GitDirectoriesResponse") } func init() { @@ -2189,140 +1860,124 @@ func init() { } var fileDescriptor_dd8723cfcc820480 = []byte{ - // 2114 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xdc, 0x5a, 0x5b, 0x6f, 0x1b, 0xc7, - 0x15, 0xe6, 0x92, 0xba, 0x90, 0x47, 0xb2, 0x44, 0x8d, 0x75, 0x59, 0x31, 0x8e, 0xa0, 0x6c, 0x6b, - 0x43, 0xb5, 0x13, 0x12, 0x92, 0x91, 0xb8, 0x70, 0xd2, 0x14, 0x8a, 0x62, 0x4b, 0x8e, 0x2d, 0x5b, - 0x5d, 0xbb, 0x2d, 0xd2, 0xba, 0x2d, 0x86, 0xcb, 0x21, 0xb9, 0xe1, 0x5e, 0xc6, 0xbb, 0xb3, 0x0a, - 0x64, 0xa0, 0x0f, 0x45, 0x8b, 0x02, 0xfd, 0x03, 0x7d, 0xe8, 0xff, 0x28, 0xfa, 0x54, 0xf4, 0xa9, - 0x97, 0xc7, 0xa0, 0x7f, 0xa0, 0x85, 0x1f, 0xfb, 0x2b, 0x8a, 0xb9, 0xec, 0x95, 0x2b, 0xd9, 0x29, - 0x65, 0x19, 0xcd, 0x8b, 0xbd, 0x73, 0xe6, 0xcc, 0x39, 0x67, 0xce, 0x9c, 0xcb, 0x37, 0x43, 0xc1, - 0xb5, 0x80, 0x50, 0x3f, 0x24, 0xc1, 0x31, 0x09, 0x3a, 0xe2, 0xd3, 0x66, 0x7e, 0x70, 0x92, 0xf9, - 0x6c, 0xd3, 0xc0, 0x67, 0x3e, 0x82, 0x94, 0xd2, 0x7a, 0x30, 0xb0, 0xd9, 0x30, 0xea, 0xb6, 0x2d, - 0xdf, 0xed, 0xe0, 0x60, 0xe0, 0xd3, 0xc0, 0xff, 0x42, 0x7c, 0xbc, 0x67, 0xf5, 0x3a, 0xc7, 0x3b, - 0x1d, 0x3a, 0x1a, 0x74, 0x30, 0xb5, 0xc3, 0x0e, 0xa6, 0xd4, 0xb1, 0x2d, 0xcc, 0x6c, 0xdf, 0xeb, - 0x1c, 0x6f, 0x63, 0x87, 0x0e, 0xf1, 0x76, 0x67, 0x40, 0x3c, 0x12, 0x60, 0x46, 0x7a, 0x52, 0x72, - 0xeb, 0xad, 0x81, 0xef, 0x0f, 0x1c, 0xd2, 0x11, 0xa3, 0x6e, 0xd4, 0xef, 0x10, 0x97, 0x32, 0xa5, - 0xd6, 0xf8, 0xcf, 0x3c, 0x2c, 0x1e, 0x62, 0xcf, 0xee, 0x93, 0x90, 0x99, 0xe4, 0x59, 0x44, 0x42, - 0x86, 0x9e, 0xc2, 0x14, 0x37, 0x46, 0xd7, 0x36, 0xb5, 0xad, 0xb9, 0x9d, 0x83, 0x76, 0x6a, 0x4d, - 0x3b, 0xb6, 0x46, 0x7c, 0xfc, 0xc2, 0xea, 0xb5, 0x8f, 0x77, 0xda, 0x74, 0x34, 0x68, 0x73, 0x6b, - 0xda, 0x19, 0x6b, 0xda, 0xb1, 0x35, 0x6d, 0x33, 0xd9, 0x96, 0x29, 0xa4, 0xa2, 0x16, 0xd4, 0x03, - 0x72, 0x6c, 0x87, 0xb6, 0xef, 0xe9, 0xd5, 0x4d, 0x6d, 0xab, 0x61, 0x26, 0x63, 0xa4, 0xc3, 0xac, - 0xe7, 0xef, 0x61, 0x6b, 0x48, 0xf4, 0xda, 0xa6, 0xb6, 0x55, 0x37, 0xe3, 0x21, 0xda, 0x84, 0x39, - 0x4c, 0xe9, 0x03, 0xdc, 0x25, 0xce, 0x7d, 0x72, 0xa2, 0x4f, 0x89, 0x85, 0x59, 0x12, 0x5f, 0x8b, - 0x29, 0x7d, 0x88, 0x5d, 0xa2, 0x4f, 0x8b, 0xd9, 0x78, 0x88, 0xae, 0x40, 0xc3, 0xc3, 0x2e, 0x09, - 0x29, 0xb6, 0x88, 0x5e, 0x17, 0x73, 0x29, 0x01, 0xfd, 0x12, 0x96, 0x32, 0x86, 0x3f, 0xf6, 0xa3, - 0xc0, 0x22, 0x3a, 0x88, 0xad, 0x3f, 0x9a, 0x6c, 0xeb, 0xbb, 0x45, 0xb1, 0xe6, 0xb8, 0x26, 0xf4, - 0x73, 0x98, 0x16, 0x27, 0xaf, 0xcf, 0x6d, 0xd6, 0xce, 0xd5, 0xdb, 0x52, 0x2c, 0xf2, 0x60, 0x96, - 0x3a, 0xd1, 0xc0, 0xf6, 0x42, 0x7d, 0x5e, 0x68, 0x78, 0x32, 0x99, 0x86, 0x3d, 0xdf, 0xeb, 0xdb, - 0x83, 0x43, 0xec, 0xe1, 0x01, 0x71, 0x89, 0xc7, 0x8e, 0x84, 0x70, 0x33, 0x56, 0x82, 0x9e, 0x43, - 0x73, 0x14, 0x85, 0xcc, 0x77, 0xed, 0xe7, 0xe4, 0x11, 0xe5, 0x6b, 0x43, 0xfd, 0x92, 0xf0, 0xe6, - 0xc3, 0xc9, 0x14, 0xdf, 0x2f, 0x48, 0x35, 0xc7, 0xf4, 0xf0, 0x20, 0x19, 0x45, 0x5d, 0xf2, 0x23, - 0x12, 0x88, 0xe8, 0x5a, 0x90, 0x41, 0x92, 0x21, 0xc9, 0x30, 0xb2, 0xd5, 0x28, 0xd4, 0x17, 0x37, - 0x6b, 0x32, 0x8c, 0x12, 0x12, 0xda, 0x82, 0xc5, 0x63, 0x12, 0xd8, 0xfd, 0x93, 0xc7, 0xf6, 0xc0, - 0xc3, 0x2c, 0x0a, 0x88, 0xde, 0x14, 0xa1, 0x58, 0x24, 0x23, 0x17, 0x2e, 0x0d, 0x89, 0xe3, 0x72, - 0x97, 0xef, 0x05, 0xa4, 0x17, 0xea, 0x4b, 0xc2, 0xbf, 0xfb, 0x93, 0x9f, 0xa0, 0x10, 0x67, 0xe6, - 0xa5, 0x73, 0xc3, 0x3c, 0xdf, 0x54, 0x99, 0x22, 0x73, 0x04, 0x49, 0xc3, 0x0a, 0x64, 0x74, 0x0d, - 0x16, 0x58, 0x80, 0xad, 0x91, 0xed, 0x0d, 0x0e, 0x09, 0x1b, 0xfa, 0x3d, 0xfd, 0xb2, 0xf0, 0x44, - 0x81, 0x8a, 0x2c, 0x40, 0xc4, 0xc3, 0x5d, 0x87, 0xf4, 0x64, 0x2c, 0x3e, 0x39, 0xa1, 0x24, 0xd4, - 0x97, 0xc5, 0x2e, 0x6e, 0xb6, 0x33, 0x15, 0xaa, 0x50, 0x20, 0xda, 0x77, 0xc6, 0x56, 0xdd, 0xf1, - 0x58, 0x70, 0x62, 0x96, 0x88, 0x43, 0x23, 0x98, 0xe3, 0xfb, 0x88, 0x43, 0x61, 0x45, 0x84, 0xc2, - 0xbd, 0xc9, 0x7c, 0x74, 0x90, 0x0a, 0x34, 0xb3, 0xd2, 0x51, 0x1b, 0xd0, 0x10, 0x87, 0x87, 0x91, - 0xc3, 0x6c, 0xea, 0x10, 0x69, 0x46, 0xa8, 0xaf, 0x0a, 0x37, 0x95, 0xcc, 0xa0, 0xfb, 0x00, 0x01, - 0xe9, 0xc7, 0x7c, 0x6b, 0x62, 0xe7, 0x37, 0xce, 0xda, 0xb9, 0x99, 0x70, 0xcb, 0x1d, 0x67, 0x96, - 0x73, 0xe5, 0x7c, 0x1b, 0xc4, 0x62, 0x2a, 0xdb, 0x45, 0x5a, 0xeb, 0x22, 0xc4, 0x4a, 0x66, 0x78, - 0x2c, 0x2a, 0xaa, 0x28, 0x5a, 0xeb, 0x32, 0x5a, 0x33, 0xa4, 0xd6, 0x1d, 0x58, 0x3b, 0xc5, 0xd5, - 0xa8, 0x09, 0xb5, 0x11, 0x39, 0x11, 0x25, 0xba, 0x61, 0xf2, 0x4f, 0xb4, 0x0c, 0xd3, 0xc7, 0xd8, - 0x89, 0x88, 0x28, 0xaa, 0x75, 0x53, 0x0e, 0x6e, 0x57, 0xbf, 0xab, 0xb5, 0x7e, 0xab, 0xc1, 0x62, - 0xc1, 0xf0, 0x92, 0xf5, 0x3f, 0xcb, 0xae, 0x3f, 0x87, 0x30, 0xee, 0x3f, 0xc1, 0xc1, 0x80, 0xb0, - 0x8c, 0x21, 0xc6, 0x3f, 0x35, 0xd0, 0x0b, 0x1e, 0xfd, 0xb1, 0xcd, 0x86, 0x77, 0x6d, 0x87, 0x84, - 0xe8, 0x16, 0xcc, 0x06, 0x92, 0xa6, 0x1a, 0xcf, 0x5b, 0x67, 0x1c, 0xc4, 0x41, 0xc5, 0x8c, 0xb9, - 0xd1, 0xc7, 0x50, 0x77, 0x09, 0xc3, 0x3d, 0xcc, 0xb0, 0xb2, 0x7d, 0xb3, 0x6c, 0x25, 0xd7, 0x72, - 0xa8, 0xf8, 0x0e, 0x2a, 0x66, 0xb2, 0x06, 0xbd, 0x0f, 0xd3, 0xd6, 0x30, 0xf2, 0x46, 0xa2, 0xe5, - 0xcc, 0xed, 0xbc, 0x7d, 0xda, 0xe2, 0x3d, 0xce, 0x74, 0x50, 0x31, 0x25, 0xf7, 0x27, 0x33, 0x30, - 0x45, 0x71, 0xc0, 0x8c, 0xbb, 0xb0, 0x5c, 0xa6, 0x82, 0xf7, 0x39, 0x6b, 0x48, 0xac, 0x51, 0x18, - 0xb9, 0xca, 0xcd, 0xc9, 0x18, 0x21, 0x98, 0x0a, 0xed, 0xe7, 0xd2, 0xd5, 0x35, 0x53, 0x7c, 0x1b, - 0xdf, 0x81, 0xa5, 0x31, 0x6d, 0xfc, 0x50, 0xa5, 0x6d, 0x5c, 0xc2, 0xbc, 0x52, 0x6d, 0x44, 0xb0, - 0xf2, 0x44, 0xf8, 0x22, 0x29, 0xf6, 0x17, 0xd1, 0xb9, 0x8d, 0x03, 0x58, 0x2d, 0xaa, 0x0d, 0xa9, - 0xef, 0x85, 0x84, 0x87, 0xbe, 0xa8, 0x8e, 0x36, 0xe9, 0xa5, 0xb3, 0xc2, 0x8a, 0xba, 0x59, 0x32, - 0x63, 0xfc, 0xaa, 0x0a, 0xab, 0x26, 0x09, 0x7d, 0xe7, 0x98, 0xc4, 0xa5, 0xeb, 0x62, 0xc0, 0xc7, - 0x4f, 0xa1, 0x86, 0x29, 0x55, 0x61, 0x72, 0xef, 0xdc, 0xda, 0xbb, 0xc9, 0xa5, 0xa2, 0x77, 0x61, - 0x09, 0xbb, 0x5d, 0x7b, 0x10, 0xf9, 0x51, 0x18, 0x6f, 0x4b, 0x04, 0x55, 0xc3, 0x1c, 0x9f, 0x30, - 0x2c, 0x58, 0x1b, 0x73, 0x81, 0x72, 0x67, 0x16, 0x22, 0x69, 0x05, 0x88, 0x54, 0xaa, 0xa4, 0x7a, - 0x9a, 0x92, 0xbf, 0x69, 0xd0, 0x4c, 0x53, 0x47, 0x89, 0xbf, 0x02, 0x0d, 0x57, 0xd1, 0x42, 0x5d, - 0x13, 0xf5, 0x29, 0x25, 0xe4, 0xd1, 0x52, 0xb5, 0x88, 0x96, 0x56, 0x61, 0x46, 0x82, 0x59, 0xb5, - 0x31, 0x35, 0xca, 0x99, 0x3c, 0x55, 0x30, 0x79, 0x03, 0x20, 0x4c, 0xea, 0x97, 0x3e, 0x23, 0x66, - 0x33, 0x14, 0x64, 0xc0, 0xbc, 0xec, 0xad, 0x26, 0x09, 0x23, 0x87, 0xe9, 0xb3, 0x82, 0x23, 0x47, - 0x33, 0x7c, 0x58, 0x7c, 0x60, 0xf3, 0x3d, 0xf4, 0xc3, 0x8b, 0x09, 0xf6, 0x0f, 0x60, 0x8a, 0x2b, - 0xe3, 0x1b, 0xeb, 0x06, 0xd8, 0xb3, 0x86, 0x24, 0xf6, 0x55, 0x32, 0xe6, 0x69, 0xcc, 0xf0, 0x20, - 0xd4, 0xab, 0x82, 0x2e, 0xbe, 0x8d, 0x3f, 0x55, 0xa5, 0xa5, 0xbb, 0x94, 0x86, 0x6f, 0x1e, 0x50, - 0x97, 0xb7, 0xf8, 0xda, 0x78, 0x8b, 0x2f, 0x98, 0xfc, 0x75, 0x5a, 0xfc, 0x39, 0xb5, 0x29, 0x23, - 0x82, 0xd9, 0x5d, 0x4a, 0xb9, 0x21, 0x68, 0x1b, 0xa6, 0x30, 0xa5, 0xd2, 0xe1, 0x85, 0x8a, 0xac, - 0x58, 0xf8, 0xff, 0xca, 0x24, 0xc1, 0xda, 0xba, 0x05, 0x8d, 0x84, 0xf4, 0x32, 0xb5, 0x8d, 0xac, - 0xda, 0x4d, 0x00, 0x89, 0x61, 0xef, 0x79, 0x7d, 0x9f, 0x1f, 0x29, 0x0f, 0x76, 0xb5, 0x54, 0x7c, - 0x1b, 0xb7, 0x63, 0x0e, 0x61, 0xdb, 0xbb, 0x30, 0x6d, 0x33, 0xe2, 0xc6, 0xc6, 0xad, 0x66, 0x8d, - 0x4b, 0x05, 0x99, 0x92, 0xc9, 0xf8, 0x7b, 0x1d, 0xd6, 0xf9, 0x89, 0x3d, 0x16, 0x69, 0xb2, 0x4b, - 0xe9, 0xa7, 0x84, 0x61, 0xdb, 0x09, 0x7f, 0x10, 0x91, 0xe0, 0xe4, 0x35, 0x07, 0xc6, 0x00, 0x66, - 0x64, 0x96, 0xa9, 0x7a, 0x77, 0xee, 0xd7, 0x19, 0x25, 0x3e, 0xbd, 0xc3, 0xd4, 0x5e, 0xcf, 0x1d, - 0xa6, 0xec, 0x4e, 0x31, 0x75, 0x41, 0x77, 0x8a, 0xd3, 0xaf, 0x95, 0x99, 0xcb, 0xea, 0x4c, 0xfe, - 0xb2, 0x5a, 0x02, 0xd5, 0x67, 0x5f, 0x15, 0xaa, 0xd7, 0x4b, 0xa1, 0xba, 0x5b, 0x9a, 0xc7, 0x0d, - 0xe1, 0xee, 0xef, 0x65, 0x23, 0xf0, 0xd4, 0x58, 0x9b, 0x04, 0xb4, 0xc3, 0x6b, 0x05, 0xed, 0x3f, - 0xcc, 0x81, 0x70, 0x79, 0x0d, 0x7e, 0xff, 0xd5, 0xf6, 0x74, 0x06, 0x1c, 0xff, 0xc6, 0x81, 0xe7, - 0xdf, 0x08, 0xcc, 0x44, 0xfd, 0xd4, 0x07, 0x49, 0x43, 0xe7, 0x7d, 0x88, 0xb7, 0x56, 0x55, 0xb4, - 0xf8, 0x37, 0xba, 0x01, 0x53, 0xdc, 0xc9, 0x0a, 0xd4, 0xae, 0x65, 0xfd, 0xc9, 0x4f, 0x62, 0x97, - 0xd2, 0xc7, 0x94, 0x58, 0xa6, 0x60, 0x42, 0xb7, 0xa1, 0x91, 0x04, 0xbe, 0xca, 0xac, 0x2b, 0xd9, - 0x15, 0x49, 0x9e, 0xc4, 0xcb, 0x52, 0x76, 0xbe, 0xb6, 0x67, 0x07, 0xc4, 0x12, 0x90, 0x6f, 0x7a, - 0x7c, 0xed, 0xa7, 0xf1, 0x64, 0xb2, 0x36, 0x61, 0x47, 0xdb, 0x30, 0x23, 0xdf, 0x0d, 0x44, 0x06, - 0xcd, 0xed, 0xac, 0x8f, 0x17, 0xd3, 0x78, 0x95, 0x62, 0x34, 0xfe, 0xaa, 0xc1, 0x3b, 0x69, 0x40, - 0xc4, 0xd9, 0x14, 0xa3, 0xee, 0x37, 0xdf, 0x71, 0xaf, 0xc1, 0x82, 0x80, 0xf9, 0xe9, 0xf3, 0x81, - 0x7c, 0xc9, 0x2a, 0x50, 0x8d, 0x3f, 0x6a, 0x70, 0x75, 0x7c, 0x1f, 0x7b, 0x43, 0x1c, 0xb0, 0xe4, - 0x78, 0x2f, 0x62, 0x2f, 0x71, 0xc3, 0xab, 0xa6, 0x0d, 0x2f, 0xb7, 0xbf, 0x5a, 0x7e, 0x7f, 0xc6, - 0x5f, 0xaa, 0x30, 0x97, 0x09, 0xa0, 0xb2, 0x86, 0xc9, 0x01, 0x9f, 0x88, 0x5b, 0x71, 0xb1, 0x13, - 0x4d, 0xa1, 0x61, 0x66, 0x28, 0x68, 0x04, 0x40, 0x71, 0x80, 0x5d, 0xc2, 0x48, 0xc0, 0x2b, 0x39, - 0xcf, 0xf8, 0xfb, 0x93, 0x57, 0x97, 0xa3, 0x58, 0xa6, 0x99, 0x11, 0xcf, 0x11, 0xab, 0x50, 0x1d, - 0xaa, 0xfa, 0xad, 0x46, 0xe8, 0x4b, 0x58, 0xe8, 0xdb, 0x0e, 0x39, 0x4a, 0x0d, 0x99, 0x11, 0x86, - 0x3c, 0x9a, 0xdc, 0x90, 0xbb, 0x59, 0xb9, 0x66, 0x41, 0x8d, 0x71, 0x1d, 0x9a, 0xc5, 0x7c, 0xe2, - 0x46, 0xda, 0x2e, 0x1e, 0x24, 0xde, 0x52, 0x23, 0x03, 0x41, 0xb3, 0x98, 0x3f, 0xc6, 0xbf, 0xaa, - 0xb0, 0x92, 0x88, 0xdb, 0xf5, 0x3c, 0x3f, 0xf2, 0x2c, 0xf1, 0x14, 0x57, 0x7a, 0x16, 0xcb, 0x30, - 0xcd, 0x6c, 0xe6, 0x24, 0xc0, 0x47, 0x0c, 0x78, 0xef, 0x62, 0xbe, 0xef, 0x30, 0x9b, 0xaa, 0x03, - 0x8e, 0x87, 0xf2, 0xec, 0x9f, 0x45, 0x76, 0x40, 0x7a, 0xa2, 0x12, 0xd4, 0xcd, 0x64, 0xcc, 0xe7, - 0x38, 0xaa, 0x11, 0x30, 0x5e, 0x3a, 0x33, 0x19, 0x8b, 0xb8, 0xf7, 0x1d, 0x87, 0x58, 0xdc, 0x1d, - 0x19, 0xa0, 0x5f, 0xa0, 0x8a, 0x0b, 0x04, 0x0b, 0x6c, 0x6f, 0xa0, 0x60, 0xbe, 0x1a, 0x71, 0x3b, - 0x71, 0x10, 0xe0, 0x13, 0xbd, 0x2e, 0x1c, 0x20, 0x07, 0xe8, 0x23, 0xa8, 0xb9, 0x98, 0xaa, 0x46, - 0x77, 0x3d, 0x57, 0x1d, 0xca, 0x3c, 0xd0, 0x3e, 0xc4, 0x54, 0x76, 0x02, 0xbe, 0xac, 0xf5, 0x01, - 0xd4, 0x63, 0xc2, 0xd7, 0x82, 0x84, 0x5f, 0xc0, 0xa5, 0x5c, 0xf1, 0x41, 0x9f, 0xc3, 0x6a, 0x1a, - 0x51, 0x59, 0x85, 0x0a, 0x04, 0xbe, 0xf3, 0x52, 0xcb, 0xcc, 0x53, 0x04, 0x18, 0xcf, 0x60, 0x89, - 0x87, 0x8c, 0x48, 0xfc, 0x0b, 0xba, 0xda, 0x7c, 0x08, 0x8d, 0x44, 0x65, 0x69, 0xcc, 0xb4, 0xa0, - 0x7e, 0x1c, 0x3f, 0x91, 0xca, 0xbb, 0x4d, 0x32, 0x36, 0x76, 0x01, 0x65, 0xed, 0x55, 0x1d, 0xe8, - 0x46, 0x1e, 0x14, 0xaf, 0x14, 0xdb, 0x8d, 0x60, 0x8f, 0x31, 0xf1, 0xef, 0xaa, 0xb0, 0xb8, 0x6f, - 0x8b, 0x57, 0x8e, 0x0b, 0x2a, 0x72, 0xd7, 0xa1, 0x19, 0x46, 0x5d, 0xd7, 0xef, 0x45, 0x0e, 0x51, - 0xa0, 0x40, 0x75, 0xfa, 0x31, 0xfa, 0x59, 0xc5, 0x8f, 0x3b, 0x8b, 0x62, 0x36, 0x54, 0x37, 0x5c, - 0xf1, 0x8d, 0x3e, 0x82, 0xf5, 0x87, 0xe4, 0x4b, 0xb5, 0x9f, 0x7d, 0xc7, 0xef, 0x76, 0x6d, 0x6f, - 0x10, 0x2b, 0x99, 0x16, 0x4a, 0x4e, 0x67, 0x30, 0x7e, 0xad, 0x41, 0x33, 0xf5, 0x85, 0xf2, 0xe6, - 0x2d, 0x19, 0xf5, 0xd2, 0x97, 0x57, 0xb3, 0xbe, 0x2c, 0xb2, 0xfe, 0xef, 0x01, 0x3f, 0x9f, 0x0d, - 0xf8, 0x3f, 0x6b, 0xb0, 0xb2, 0x6f, 0xb3, 0xb8, 0xd4, 0xd8, 0xff, 0x67, 0xe7, 0x62, 0xb4, 0x61, - 0xb5, 0x68, 0xbe, 0x72, 0xe5, 0x32, 0x4c, 0xf3, 0x53, 0x8a, 0xef, 0xee, 0x72, 0xb0, 0xf3, 0x55, - 0x03, 0x96, 0xd2, 0xe6, 0xcb, 0xff, 0xb5, 0x2d, 0x82, 0x1e, 0x41, 0x73, 0x5f, 0xfd, 0x76, 0x16, - 0xbf, 0x99, 0xa0, 0xb3, 0x1e, 0x21, 0x5b, 0x57, 0xca, 0x27, 0xa5, 0x6a, 0xa3, 0x82, 0x2c, 0x58, - 0x2f, 0x0a, 0x4c, 0xdf, 0x3b, 0xbf, 0x7d, 0x86, 0xe4, 0x84, 0xeb, 0x65, 0x2a, 0xb6, 0x34, 0xf4, - 0x39, 0x2c, 0xe4, 0x5f, 0xe5, 0x50, 0xae, 0x1a, 0x95, 0x3e, 0x14, 0xb6, 0x8c, 0xb3, 0x58, 0x12, - 0xfb, 0x9f, 0x72, 0xe8, 0x9b, 0x7b, 0xa2, 0x42, 0x46, 0x1e, 0x98, 0x97, 0x3d, 0xe1, 0xb5, 0xbe, - 0x75, 0x26, 0x4f, 0x22, 0xfd, 0x43, 0xa8, 0xc7, 0x4f, 0x3a, 0x79, 0x37, 0x17, 0x1e, 0x7a, 0x5a, - 0xcd, 0xbc, 0xbc, 0x7e, 0x68, 0x54, 0xd0, 0xc7, 0x72, 0x31, 0xbf, 0xf2, 0x8f, 0x2f, 0xce, 0x3c, - 0x64, 0xb4, 0x2e, 0x97, 0x3c, 0x1e, 0x18, 0x15, 0xf4, 0x7d, 0x98, 0xe3, 0x5f, 0x47, 0xea, 0x57, - 0xab, 0xd5, 0xb6, 0xfc, 0x91, 0xb4, 0x1d, 0xff, 0x48, 0xda, 0xbe, 0xe3, 0x52, 0x76, 0xd2, 0x2a, - 0xb9, 0xdd, 0x2b, 0x01, 0x4f, 0xe1, 0xd2, 0x3e, 0x61, 0x29, 0x18, 0x47, 0x57, 0x5f, 0xe9, 0xca, - 0xd2, 0x32, 0x8a, 0x6c, 0xe3, 0x78, 0xde, 0xa8, 0xa0, 0xdf, 0x6b, 0x70, 0x79, 0x9f, 0xb0, 0x22, - 0xbc, 0x45, 0xef, 0x95, 0x2b, 0x39, 0x05, 0x06, 0xb7, 0x1e, 0x4e, 0x9a, 0xaf, 0x79, 0xb1, 0x46, - 0x05, 0xfd, 0x41, 0x83, 0xb5, 0x8c, 0x61, 0x59, 0xbc, 0x8a, 0xb6, 0xcf, 0x36, 0xae, 0x04, 0xdb, - 0xb6, 0x3e, 0x9b, 0xf0, 0xc7, 0xc8, 0x8c, 0x48, 0xa3, 0x82, 0x8e, 0xc4, 0x99, 0xa4, 0xed, 0x09, - 0xbd, 0x5d, 0xda, 0x87, 0x12, 0xed, 0x1b, 0xa7, 0x4d, 0x27, 0xe7, 0xf0, 0x19, 0xcc, 0xed, 0x13, - 0x16, 0x57, 0xdd, 0x7c, 0xa4, 0x15, 0x5a, 0x58, 0x3e, 0x55, 0x8b, 0x85, 0x5a, 0x44, 0xcc, 0x92, - 0x94, 0x95, 0xa9, 0x53, 0xf9, 0x5c, 0x2d, 0x2d, 0xc1, 0xf9, 0x88, 0x29, 0x2f, 0x73, 0x46, 0xe5, - 0x93, 0xdd, 0x7f, 0xbc, 0xd8, 0xd0, 0xbe, 0x7a, 0xb1, 0xa1, 0xfd, 0xfb, 0xc5, 0x86, 0xf6, 0x93, - 0x9b, 0x2f, 0xf9, 0x0b, 0x82, 0xcc, 0x1f, 0x25, 0x60, 0x6a, 0x5b, 0x8e, 0x4d, 0x3c, 0xd6, 0x9d, - 0x11, 0xc1, 0x7f, 0xf3, 0xbf, 0x01, 0x00, 0x00, 0xff, 0xff, 0xf8, 0x86, 0xe4, 0x0d, 0xb3, 0x20, - 0x00, 0x00, + // 1870 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe4, 0x19, 0xdb, 0x6e, 0x1c, 0x49, + 0xd5, 0x73, 0xb1, 0x3d, 0x73, 0x9c, 0xf8, 0x52, 0x49, 0x9c, 0xce, 0x6c, 0xd6, 0xf2, 0x36, 0x10, + 0x99, 0xcd, 0x6e, 0x8f, 0xe2, 0x68, 0x77, 0x51, 0x16, 0x16, 0x79, 0xbd, 0x49, 0x1c, 0x25, 0x4e, + 0x4c, 0x27, 0x80, 0x16, 0x02, 0xa8, 0xdc, 0x53, 0xd3, 0x53, 0x3b, 0x7d, 0xa9, 0x74, 0x57, 0x0f, + 0x9a, 0x48, 0x3c, 0x20, 0x21, 0x24, 0x7e, 0x00, 0xf1, 0x27, 0x3c, 0xf2, 0xc4, 0xe5, 0x11, 0xf1, + 0x03, 0xa0, 0x7c, 0x09, 0xaa, 0x4b, 0x5f, 0xa7, 0xed, 0x64, 0x35, 0x8e, 0xf7, 0x61, 0x5f, 0xec, + 0xae, 0x53, 0xe7, 0x56, 0xa7, 0xce, 0xb5, 0x06, 0x6e, 0x44, 0x84, 0x85, 0x31, 0x89, 0x26, 0x24, + 0xea, 0xcb, 0x4f, 0xca, 0xc3, 0x68, 0x5a, 0xf8, 0xb4, 0x58, 0x14, 0xf2, 0x10, 0x41, 0x0e, 0xe9, + 0x3d, 0x72, 0x29, 0x1f, 0x25, 0xc7, 0x96, 0x13, 0xfa, 0x7d, 0x1c, 0xb9, 0x21, 0x8b, 0xc2, 0xaf, + 0xe4, 0xc7, 0x87, 0xce, 0xa0, 0x3f, 0xd9, 0xed, 0xb3, 0xb1, 0xdb, 0xc7, 0x8c, 0xc6, 0x7d, 0xcc, + 0x98, 0x47, 0x1d, 0xcc, 0x69, 0x18, 0xf4, 0x27, 0xb7, 0xb0, 0xc7, 0x46, 0xf8, 0x56, 0xdf, 0x25, + 0x01, 0x89, 0x30, 0x27, 0x03, 0xc5, 0xb9, 0xf7, 0x8e, 0x1b, 0x86, 0xae, 0x47, 0xfa, 0x72, 0x75, + 0x9c, 0x0c, 0xfb, 0xc4, 0x67, 0x5c, 0x8b, 0x35, 0xff, 0x72, 0x01, 0xd6, 0x0e, 0x71, 0x40, 0x87, + 0x24, 0xe6, 0x36, 0x79, 0x91, 0x90, 0x98, 0xa3, 0xe7, 0xd0, 0x16, 0xca, 0x18, 0x8d, 0xed, 0xc6, + 0xce, 0xca, 0xee, 0x81, 0x95, 0x6b, 0x63, 0xa5, 0xda, 0xc8, 0x8f, 0xdf, 0x38, 0x03, 0x6b, 0xb2, + 0x6b, 0xb1, 0xb1, 0x6b, 0x09, 0x6d, 0xac, 0x82, 0x36, 0x56, 0xaa, 0x8d, 0x65, 0x67, 0xc7, 0xb2, + 0x25, 0x57, 0xd4, 0x83, 0x4e, 0x44, 0x26, 0x34, 0xa6, 0x61, 0x60, 0x34, 0xb7, 0x1b, 0x3b, 0x5d, + 0x3b, 0x5b, 0x23, 0x03, 0x96, 0x83, 0x70, 0x1f, 0x3b, 0x23, 0x62, 0xb4, 0xb6, 0x1b, 0x3b, 0x1d, + 0x3b, 0x5d, 0xa2, 0x6d, 0x58, 0xc1, 0x8c, 0x3d, 0xc2, 0xc7, 0xc4, 0x7b, 0x48, 0xa6, 0x46, 0x5b, + 0x12, 0x16, 0x41, 0x82, 0x16, 0x33, 0xf6, 0x18, 0xfb, 0xc4, 0x58, 0x94, 0xbb, 0xe9, 0x12, 0x5d, + 0x87, 0x6e, 0x80, 0x7d, 0x12, 0x33, 0xec, 0x10, 0xa3, 0x23, 0xf7, 0x72, 0x00, 0xfa, 0x1d, 0x6c, + 0x14, 0x14, 0x7f, 0x1a, 0x26, 0x91, 0x43, 0x0c, 0x90, 0x47, 0x7f, 0x32, 0xdf, 0xd1, 0xf7, 0xaa, + 0x6c, 0xed, 0x59, 0x49, 0xe8, 0xd7, 0xb0, 0x28, 0x6f, 0xde, 0x58, 0xd9, 0x6e, 0x9d, 0xa9, 0xb5, + 0x15, 0x5b, 0x14, 0xc0, 0x32, 0xf3, 0x12, 0x97, 0x06, 0xb1, 0x71, 0x41, 0x4a, 0x78, 0x36, 0x9f, + 0x84, 0xfd, 0x30, 0x18, 0x52, 0xf7, 0x10, 0x07, 0xd8, 0x25, 0x3e, 0x09, 0xf8, 0x91, 0x64, 0x6e, + 0xa7, 0x42, 0xd0, 0x4b, 0x58, 0x1f, 0x27, 0x31, 0x0f, 0x7d, 0xfa, 0x92, 0x3c, 0x61, 0x82, 0x36, + 0x36, 0x2e, 0x4a, 0x6b, 0x3e, 0x9e, 0x4f, 0xf0, 0xc3, 0x0a, 0x57, 0x7b, 0x46, 0x8e, 0x70, 0x92, + 0x71, 0x72, 0x4c, 0x7e, 0x46, 0x22, 0xe9, 0x5d, 0xab, 0xca, 0x49, 0x0a, 0x20, 0xe5, 0x46, 0x54, + 0xaf, 0x62, 0x63, 0x6d, 0xbb, 0xa5, 0xdc, 0x28, 0x03, 0xa1, 0x1d, 0x58, 0x9b, 0x90, 0x88, 0x0e, + 0xa7, 0x4f, 0xa9, 0x1b, 0x60, 0x9e, 0x44, 0xc4, 0x58, 0x97, 0xae, 0x58, 0x05, 0x23, 0x1f, 0x2e, + 0x8e, 0x88, 0xe7, 0x0b, 0x93, 0xef, 0x47, 0x64, 0x10, 0x1b, 0x1b, 0xd2, 0xbe, 0xf7, 0xe7, 0xbf, + 0x41, 0xc9, 0xce, 0x2e, 0x73, 0x17, 0x8a, 0x05, 0xa1, 0xad, 0x23, 0x45, 0xc5, 0x08, 0x52, 0x8a, + 0x55, 0xc0, 0xe8, 0x06, 0xac, 0xf2, 0x08, 0x3b, 0x63, 0x1a, 0xb8, 0x87, 0x84, 0x8f, 0xc2, 0x81, + 0x71, 0x49, 0x5a, 0xa2, 0x02, 0x45, 0x0e, 0x20, 0x12, 0xe0, 0x63, 0x8f, 0x0c, 0x94, 0x2f, 0x3e, + 0x9b, 0x32, 0x12, 0x1b, 0x97, 0xe5, 0x29, 0x6e, 0x5b, 0x85, 0x0c, 0x55, 0x49, 0x10, 0xd6, 0xdd, + 0x19, 0xaa, 0xbb, 0x01, 0x8f, 0xa6, 0x76, 0x0d, 0x3b, 0x34, 0x86, 0x15, 0x71, 0x8e, 0xd4, 0x15, + 0xae, 0x48, 0x57, 0x78, 0x30, 0x9f, 0x8d, 0x0e, 0x72, 0x86, 0x76, 0x91, 0x3b, 0xb2, 0x00, 0x8d, + 0x70, 0x7c, 0x98, 0x78, 0x9c, 0x32, 0x8f, 0x28, 0x35, 0x62, 0x63, 0x53, 0x9a, 0xa9, 0x66, 0x07, + 0x3d, 0x04, 0x88, 0xc8, 0x30, 0xc5, 0xbb, 0x2a, 0x4f, 0x7e, 0xf3, 0xb4, 0x93, 0xdb, 0x19, 0xb6, + 0x3a, 0x71, 0x81, 0xbc, 0x77, 0x17, 0xae, 0x9e, 0x60, 0x18, 0xb4, 0x0e, 0xad, 0x31, 0x99, 0xca, + 0x84, 0xda, 0xb5, 0xc5, 0x27, 0xba, 0x0c, 0x8b, 0x13, 0xec, 0x25, 0x44, 0xa6, 0xc0, 0x8e, 0xad, + 0x16, 0x77, 0x9a, 0x3f, 0x68, 0xf4, 0xfe, 0xd8, 0x80, 0xb5, 0x8a, 0x98, 0x1a, 0xfa, 0x5f, 0x15, + 0xe9, 0xcf, 0xc0, 0xe9, 0x86, 0xcf, 0x70, 0xe4, 0x12, 0x5e, 0x50, 0xc4, 0xfc, 0x4f, 0x03, 0x8c, + 0xca, 0xf9, 0x7f, 0x4e, 0xf9, 0xe8, 0x1e, 0xf5, 0x48, 0x8c, 0x3e, 0x81, 0xe5, 0x48, 0xc1, 0x74, + 0x99, 0x78, 0xe7, 0x14, 0xb3, 0x1d, 0x2c, 0xd8, 0x29, 0x36, 0xfa, 0x0c, 0x3a, 0x3e, 0xe1, 0x78, + 0x80, 0x39, 0xd6, 0xba, 0x6f, 0xd7, 0x51, 0x0a, 0x29, 0x87, 0x1a, 0xef, 0x60, 0xc1, 0xce, 0x68, + 0xd0, 0x47, 0xb0, 0xe8, 0x8c, 0x92, 0x60, 0x2c, 0x0b, 0xc4, 0xca, 0xee, 0xbb, 0x27, 0x11, 0xef, + 0x0b, 0xa4, 0x83, 0x05, 0x5b, 0x61, 0x7f, 0xbe, 0x04, 0x6d, 0x86, 0x23, 0x6e, 0xde, 0x83, 0xcb, + 0x75, 0x22, 0x44, 0x55, 0x72, 0x46, 0xc4, 0x19, 0xc7, 0x89, 0xaf, 0xcd, 0x9c, 0xad, 0x11, 0x82, + 0x76, 0x4c, 0x5f, 0x2a, 0x53, 0xb7, 0x6c, 0xf9, 0x6d, 0x7e, 0x1f, 0x36, 0x66, 0xa4, 0x89, 0x4b, + 0x55, 0xba, 0x09, 0x0e, 0x17, 0xb4, 0x68, 0x33, 0x81, 0x2b, 0xcf, 0xa4, 0x2d, 0xb2, 0xd4, 0x7c, + 0x1e, 0x75, 0xd6, 0x3c, 0x80, 0xcd, 0xaa, 0xd8, 0x98, 0x85, 0x41, 0x4c, 0x44, 0x94, 0xc8, 0x5c, + 0x46, 0xc9, 0x20, 0xdf, 0x95, 0x5a, 0x74, 0xec, 0x9a, 0x1d, 0xf3, 0xf7, 0x4d, 0xd8, 0xb4, 0x49, + 0x1c, 0x7a, 0x13, 0x92, 0x26, 0x9a, 0xf3, 0x69, 0x15, 0x7e, 0x09, 0x2d, 0xcc, 0x98, 0x76, 0x93, + 0x07, 0x67, 0x56, 0x8c, 0x6d, 0xc1, 0x15, 0x7d, 0x00, 0x1b, 0xd8, 0x3f, 0xa6, 0x6e, 0x12, 0x26, + 0x71, 0x7a, 0x2c, 0xe9, 0x54, 0x5d, 0x7b, 0x76, 0xc3, 0x74, 0xe0, 0xea, 0x8c, 0x09, 0xb4, 0x39, + 0x8b, 0x0d, 0x4d, 0xa3, 0xd2, 0xd0, 0xd4, 0x0a, 0x69, 0x9e, 0x24, 0xe4, 0x1f, 0x0d, 0x58, 0xcf, + 0x43, 0x47, 0xb3, 0xbf, 0x0e, 0x5d, 0x5f, 0xc3, 0x62, 0xa3, 0x21, 0x0b, 0x56, 0x0e, 0x28, 0xf7, + 0x36, 0xcd, 0x6a, 0x6f, 0xb3, 0x09, 0x4b, 0xaa, 0xf5, 0xd4, 0x07, 0xd3, 0xab, 0x92, 0xca, 0xed, + 0x8a, 0xca, 0x5b, 0x00, 0x71, 0x96, 0xbf, 0x8c, 0x25, 0xb9, 0x5b, 0x80, 0x20, 0x13, 0x2e, 0xa8, + 0x4a, 0x68, 0x93, 0x38, 0xf1, 0xb8, 0xb1, 0x2c, 0x31, 0x4a, 0x30, 0x33, 0x84, 0xb5, 0x47, 0x54, + 0x9c, 0x61, 0x18, 0x9f, 0x8f, 0xb3, 0x7f, 0x0c, 0x6d, 0x21, 0x4c, 0x1c, 0xec, 0x38, 0xc2, 0x81, + 0x33, 0x22, 0xa9, 0xad, 0xb2, 0xb5, 0x08, 0x63, 0x8e, 0xdd, 0xd8, 0x68, 0x4a, 0xb8, 0xfc, 0x36, + 0xff, 0xda, 0x54, 0x9a, 0xee, 0x31, 0x16, 0x7f, 0xf3, 0xed, 0x6f, 0x7d, 0x41, 0x6e, 0xcd, 0x16, + 0xe4, 0x8a, 0xca, 0x5f, 0xa7, 0x20, 0x9f, 0x51, 0x99, 0x32, 0x13, 0x58, 0xde, 0x63, 0x4c, 0x28, + 0x82, 0x6e, 0x41, 0x1b, 0x33, 0xa6, 0x0c, 0x5e, 0xc9, 0xc8, 0x1a, 0x45, 0xfc, 0xd7, 0x2a, 0x49, + 0xd4, 0xde, 0x27, 0xd0, 0xcd, 0x40, 0xaf, 0x13, 0xdb, 0x2d, 0x8a, 0xdd, 0x06, 0x50, 0x1d, 0xe7, + 0x83, 0x60, 0x18, 0x8a, 0x2b, 0x15, 0xce, 0xae, 0x49, 0xe5, 0xb7, 0x79, 0x27, 0xc5, 0x90, 0xba, + 0x7d, 0x00, 0x8b, 0x94, 0x13, 0x3f, 0x55, 0x6e, 0xb3, 0xa8, 0x5c, 0xce, 0xc8, 0x56, 0x48, 0xe6, + 0x3f, 0x3b, 0x70, 0x4d, 0xdc, 0xd8, 0x53, 0x19, 0x26, 0x7b, 0x8c, 0x7d, 0x41, 0x38, 0xa6, 0x5e, + 0xfc, 0x93, 0x84, 0x44, 0xd3, 0xb7, 0xec, 0x18, 0x2e, 0x2c, 0xa9, 0x28, 0xd3, 0xf9, 0xee, 0xcc, + 0x87, 0x0f, 0xcd, 0x3e, 0x9f, 0x38, 0x5a, 0x6f, 0x67, 0xe2, 0xa8, 0x9b, 0x00, 0xda, 0xe7, 0x34, + 0x01, 0x9c, 0x3c, 0x04, 0x16, 0x46, 0xcb, 0xa5, 0xf2, 0x68, 0x59, 0xd3, 0x58, 0x2f, 0xbf, 0x69, + 0x63, 0xdd, 0xa9, 0x6d, 0xac, 0xfd, 0xda, 0x38, 0xee, 0x4a, 0x73, 0xff, 0xa8, 0xe8, 0x81, 0x27, + 0xfa, 0xda, 0x3c, 0x2d, 0x36, 0xbc, 0xd5, 0x16, 0xfb, 0xa7, 0xa5, 0x96, 0x59, 0x0d, 0xad, 0x1f, + 0xbd, 0xd9, 0x99, 0xbe, 0x4d, 0xcd, 0xf3, 0x1f, 0x64, 0xcf, 0xc4, 0xc2, 0xdc, 0x06, 0x59, 0x41, + 0x17, 0x75, 0x48, 0x94, 0x56, 0x9d, 0xb4, 0xc4, 0x37, 0xba, 0x09, 0x6d, 0x61, 0x64, 0xdd, 0xd4, + 0x5e, 0x2d, 0xda, 0x53, 0xdc, 0xc4, 0x1e, 0x63, 0x4f, 0x19, 0x71, 0x6c, 0x89, 0x84, 0xee, 0x40, + 0x37, 0x73, 0x7c, 0x1d, 0x59, 0xd7, 0x8b, 0x14, 0x59, 0x9c, 0xa4, 0x64, 0x39, 0xba, 0xa0, 0x1d, + 0xd0, 0x88, 0x38, 0xb2, 0xe5, 0x5b, 0x9c, 0xa5, 0xfd, 0x22, 0xdd, 0xcc, 0x68, 0x33, 0x74, 0x74, + 0x0b, 0x96, 0xd4, 0x94, 0x2f, 0x23, 0x68, 0x65, 0xf7, 0xda, 0x6c, 0x32, 0x4d, 0xa9, 0x34, 0xa2, + 0xf9, 0xf7, 0x06, 0xbc, 0x97, 0x3b, 0x44, 0x1a, 0x4d, 0x69, 0xd7, 0xfd, 0xcd, 0x57, 0xdc, 0x1b, + 0xb0, 0x2a, 0xdb, 0xfc, 0x7c, 0xd8, 0x57, 0xef, 0x4e, 0x15, 0xa8, 0xf9, 0xb7, 0x26, 0xac, 0x14, + 0x2e, 0xa2, 0xae, 0xf0, 0x88, 0xc6, 0x49, 0xde, 0xbf, 0x1c, 0x90, 0x64, 0x72, 0xed, 0xda, 0x05, + 0x08, 0x1a, 0x03, 0x30, 0x1c, 0x61, 0x9f, 0x70, 0x12, 0x89, 0x8c, 0x28, 0x22, 0xe7, 0xe1, 0xfc, + 0x51, 0x7a, 0x94, 0xf2, 0xb4, 0x0b, 0xec, 0x45, 0xe7, 0x27, 0x45, 0xc7, 0x3a, 0x0f, 0xea, 0x15, + 0xfa, 0x2d, 0xac, 0x0e, 0xa9, 0x47, 0x8e, 0x72, 0x45, 0x96, 0xa4, 0x22, 0x4f, 0xe6, 0x57, 0xe4, + 0x5e, 0x91, 0xaf, 0x5d, 0x11, 0x63, 0xbe, 0x0f, 0xeb, 0x55, 0xbf, 0x14, 0x4a, 0x52, 0x1f, 0xbb, + 0x99, 0xb5, 0xf4, 0xca, 0x44, 0xb0, 0x5e, 0xf5, 0x43, 0xf3, 0xbf, 0x4d, 0xb8, 0x92, 0xb1, 0xdb, + 0x0b, 0x82, 0x30, 0x09, 0x1c, 0xf9, 0x00, 0x55, 0x7b, 0x17, 0x97, 0x61, 0x91, 0x53, 0xee, 0x65, + 0x0d, 0x84, 0x5c, 0x88, 0x1a, 0xc0, 0xc3, 0xd0, 0xe3, 0x94, 0xe9, 0x7e, 0x38, 0x5d, 0x2a, 0x1f, + 0x79, 0x91, 0xd0, 0x88, 0x0c, 0x64, 0x44, 0x75, 0xec, 0x6c, 0x2d, 0xf6, 0x44, 0x77, 0x20, 0xdb, + 0x61, 0x65, 0xcc, 0x6c, 0x2d, 0xfd, 0x27, 0xf4, 0x3c, 0xe2, 0x08, 0x73, 0x14, 0x1a, 0xe6, 0x0a, + 0x54, 0x36, 0xe2, 0x3c, 0xa2, 0x81, 0xab, 0xdb, 0x65, 0xbd, 0x12, 0x7a, 0xe2, 0x28, 0xc2, 0x53, + 0xa3, 0x23, 0x0d, 0xa0, 0x16, 0xe8, 0x87, 0xd0, 0xf2, 0x31, 0xd3, 0x05, 0xe3, 0xfd, 0x52, 0x94, + 0xd5, 0x59, 0xc0, 0x3a, 0xc4, 0x4c, 0x65, 0x54, 0x41, 0xd6, 0xfb, 0x18, 0x3a, 0x29, 0xe0, 0x6b, + 0xb5, 0x56, 0x5f, 0xc1, 0xc5, 0x52, 0x10, 0xa3, 0x2f, 0x61, 0x33, 0xf7, 0xa8, 0xa2, 0x40, 0xdd, + 0x4c, 0xbd, 0xf7, 0x5a, 0xcd, 0xec, 0x13, 0x18, 0x98, 0x2f, 0x60, 0x43, 0xb8, 0xcc, 0xfe, 0x08, + 0x47, 0xfc, 0x9c, 0x46, 0x84, 0x4f, 0xa1, 0x9b, 0x89, 0xac, 0xf5, 0x99, 0x1e, 0x74, 0x26, 0xe9, + 0xc3, 0xa0, 0x9a, 0x11, 0xb2, 0xb5, 0xb9, 0x07, 0xa8, 0xa8, 0xaf, 0xce, 0xe4, 0x37, 0xcb, 0xcd, + 0xe5, 0x95, 0x6a, 0xda, 0x96, 0xe8, 0xba, 0xb7, 0xdc, 0xfd, 0xd3, 0x32, 0x6c, 0xe4, 0xa9, 0x50, + 0xfc, 0xa5, 0x0e, 0x41, 0x4f, 0x60, 0xfd, 0xbe, 0x7e, 0xaf, 0x4f, 0x27, 0x3f, 0x74, 0xda, 0x53, + 0x4a, 0xef, 0x7a, 0xfd, 0xa6, 0xd2, 0xc8, 0x5c, 0x40, 0x0e, 0x5c, 0xab, 0x32, 0xcc, 0x5f, 0x6d, + 0xbe, 0x7b, 0x0a, 0xe7, 0x0c, 0xeb, 0x75, 0x22, 0x76, 0x1a, 0xe8, 0x4b, 0x58, 0x2d, 0xbf, 0x2d, + 0xa0, 0x92, 0x2f, 0xd4, 0x3e, 0x77, 0xf4, 0xcc, 0xd3, 0x50, 0x32, 0xfd, 0x9f, 0x8b, 0x02, 0x5e, + 0x1a, 0xb4, 0x91, 0x59, 0x6e, 0x2f, 0xea, 0x1e, 0x22, 0x7a, 0xdf, 0x39, 0x15, 0x27, 0xe3, 0xfe, + 0x29, 0x74, 0xd2, 0xc1, 0xb4, 0x6c, 0xe6, 0xca, 0xb8, 0xda, 0x5b, 0x2f, 0xf3, 0x1b, 0xc6, 0xe6, + 0x02, 0xfa, 0x4c, 0x11, 0x8b, 0xc1, 0x65, 0x96, 0xb8, 0x30, 0x8e, 0xf5, 0x2e, 0xd5, 0x8c, 0x40, + 0xe6, 0x02, 0xfa, 0x31, 0xac, 0x88, 0xaf, 0x23, 0xfd, 0x52, 0xbe, 0x69, 0xa9, 0x1f, 0x66, 0xac, + 0xf4, 0x87, 0x19, 0xeb, 0xae, 0xcf, 0xf8, 0xb4, 0x57, 0x33, 0xa3, 0x68, 0x06, 0xcf, 0xe1, 0xe2, + 0x7d, 0xc2, 0xf3, 0x96, 0x02, 0x7d, 0xef, 0x8d, 0x1a, 0xaf, 0x9e, 0x59, 0x45, 0x9b, 0xed, 0x4a, + 0xcc, 0x05, 0xf4, 0xe7, 0x06, 0x5c, 0xba, 0x4f, 0x78, 0xb5, 0x48, 0xa3, 0x0f, 0xeb, 0x85, 0x9c, + 0x50, 0xcc, 0x7b, 0x8f, 0xe7, 0x8d, 0xdb, 0x32, 0x5b, 0x73, 0x01, 0x1d, 0xc9, 0x63, 0xe7, 0xf1, + 0x87, 0xde, 0xad, 0x0d, 0xb4, 0xcc, 0xfc, 0x5b, 0x27, 0x6d, 0xa7, 0x47, 0xfd, 0x7c, 0xef, 0x5f, + 0xaf, 0xb6, 0x1a, 0xff, 0x7e, 0xb5, 0xd5, 0xf8, 0xdf, 0xab, 0xad, 0xc6, 0x2f, 0x6e, 0xbf, 0xe6, + 0xe7, 0xb6, 0xc2, 0x2f, 0x78, 0x98, 0x51, 0xc7, 0xa3, 0x24, 0xe0, 0xc7, 0x4b, 0xf2, 0xd6, 0x6e, + 0xff, 0x3f, 0x00, 0x00, 0xff, 0xff, 0x46, 0x3e, 0x2d, 0xff, 0xe0, 0x1b, 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -2355,14 +2010,8 @@ type RepoServerServiceClient interface { GetAppDetails(ctx context.Context, in *RepoServerAppDetailsQuery, opts ...grpc.CallOption) (*RepoAppDetailsResponse, error) // Get the meta-data (author, date, tags, message) for a specific revision of the repo GetRevisionMetadata(ctx context.Context, in *RepoServerRevisionMetadataRequest, opts ...grpc.CallOption) (*v1alpha1.RevisionMetadata, error) - // Get the chart details (author, date, tags, message) for a specific revision of the repo - GetRevisionChartDetails(ctx context.Context, in *RepoServerRevisionChartDetailsRequest, opts ...grpc.CallOption) (*v1alpha1.ChartDetails, error) // GetHelmCharts returns list of helm charts in the specified repository GetHelmCharts(ctx context.Context, in *HelmChartsRequest, opts ...grpc.CallOption) (*HelmChartsResponse, error) - // GetGitFiles returns a set of file paths and their contents for the given repo - GetGitFiles(ctx context.Context, in *GitFilesRequest, opts ...grpc.CallOption) (*GitFilesResponse, error) - // GetGitDirectories returns a set of directory paths for the given repo - GetGitDirectories(ctx context.Context, in *GitDirectoriesRequest, opts ...grpc.CallOption) (*GitDirectoriesResponse, error) } type repoServerServiceClient struct { @@ -2479,15 +2128,6 @@ func (c *repoServerServiceClient) GetRevisionMetadata(ctx context.Context, in *R return out, nil } -func (c *repoServerServiceClient) GetRevisionChartDetails(ctx context.Context, in *RepoServerRevisionChartDetailsRequest, opts ...grpc.CallOption) (*v1alpha1.ChartDetails, error) { - out := new(v1alpha1.ChartDetails) - err := c.cc.Invoke(ctx, "/repository.RepoServerService/GetRevisionChartDetails", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - func (c *repoServerServiceClient) GetHelmCharts(ctx context.Context, in *HelmChartsRequest, opts ...grpc.CallOption) (*HelmChartsResponse, error) { out := new(HelmChartsResponse) err := c.cc.Invoke(ctx, "/repository.RepoServerService/GetHelmCharts", in, out, opts...) @@ -2497,24 +2137,6 @@ func (c *repoServerServiceClient) GetHelmCharts(ctx context.Context, in *HelmCha return out, nil } -func (c *repoServerServiceClient) GetGitFiles(ctx context.Context, in *GitFilesRequest, opts ...grpc.CallOption) (*GitFilesResponse, error) { - out := new(GitFilesResponse) - err := c.cc.Invoke(ctx, "/repository.RepoServerService/GetGitFiles", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -func (c *repoServerServiceClient) GetGitDirectories(ctx context.Context, in *GitDirectoriesRequest, opts ...grpc.CallOption) (*GitDirectoriesResponse, error) { - out := new(GitDirectoriesResponse) - err := c.cc.Invoke(ctx, "/repository.RepoServerService/GetGitDirectories", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - // RepoServerServiceServer is the server API for RepoServerService service. type RepoServerServiceServer interface { // GenerateManifest generates manifest for application in specified repo name and revision @@ -2535,14 +2157,8 @@ type RepoServerServiceServer interface { GetAppDetails(context.Context, *RepoServerAppDetailsQuery) (*RepoAppDetailsResponse, error) // Get the meta-data (author, date, tags, message) for a specific revision of the repo GetRevisionMetadata(context.Context, *RepoServerRevisionMetadataRequest) (*v1alpha1.RevisionMetadata, error) - // Get the chart details (author, date, tags, message) for a specific revision of the repo - GetRevisionChartDetails(context.Context, *RepoServerRevisionChartDetailsRequest) (*v1alpha1.ChartDetails, error) // GetHelmCharts returns list of helm charts in the specified repository GetHelmCharts(context.Context, *HelmChartsRequest) (*HelmChartsResponse, error) - // GetGitFiles returns a set of file paths and their contents for the given repo - GetGitFiles(context.Context, *GitFilesRequest) (*GitFilesResponse, error) - // GetGitDirectories returns a set of directory paths for the given repo - GetGitDirectories(context.Context, *GitDirectoriesRequest) (*GitDirectoriesResponse, error) } // UnimplementedRepoServerServiceServer can be embedded to have forward compatible implementations. @@ -2576,18 +2192,9 @@ func (*UnimplementedRepoServerServiceServer) GetAppDetails(ctx context.Context, func (*UnimplementedRepoServerServiceServer) GetRevisionMetadata(ctx context.Context, req *RepoServerRevisionMetadataRequest) (*v1alpha1.RevisionMetadata, error) { return nil, status.Errorf(codes.Unimplemented, "method GetRevisionMetadata not implemented") } -func (*UnimplementedRepoServerServiceServer) GetRevisionChartDetails(ctx context.Context, req *RepoServerRevisionChartDetailsRequest) (*v1alpha1.ChartDetails, error) { - return nil, status.Errorf(codes.Unimplemented, "method GetRevisionChartDetails not implemented") -} func (*UnimplementedRepoServerServiceServer) GetHelmCharts(ctx context.Context, req *HelmChartsRequest) (*HelmChartsResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method GetHelmCharts not implemented") } -func (*UnimplementedRepoServerServiceServer) GetGitFiles(ctx context.Context, req *GitFilesRequest) (*GitFilesResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method GetGitFiles not implemented") -} -func (*UnimplementedRepoServerServiceServer) GetGitDirectories(ctx context.Context, req *GitDirectoriesRequest) (*GitDirectoriesResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method GetGitDirectories not implemented") -} func RegisterRepoServerServiceServer(s *grpc.Server, srv RepoServerServiceServer) { s.RegisterService(&_RepoServerService_serviceDesc, srv) @@ -2763,74 +2370,20 @@ func _RepoServerService_GetRevisionMetadata_Handler(srv interface{}, ctx context return interceptor(ctx, in, info, handler) } -func _RepoServerService_GetRevisionChartDetails_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(RepoServerRevisionChartDetailsRequest) +func _RepoServerService_GetHelmCharts_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(HelmChartsRequest) if err := dec(in); err != nil { return nil, err } if interceptor == nil { - return srv.(RepoServerServiceServer).GetRevisionChartDetails(ctx, in) + return srv.(RepoServerServiceServer).GetHelmCharts(ctx, in) } info := &grpc.UnaryServerInfo{ Server: srv, - FullMethod: "/repository.RepoServerService/GetRevisionChartDetails", + FullMethod: "/repository.RepoServerService/GetHelmCharts", } handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(RepoServerServiceServer).GetRevisionChartDetails(ctx, req.(*RepoServerRevisionChartDetailsRequest)) - } - return interceptor(ctx, in, info, handler) -} - -func _RepoServerService_GetHelmCharts_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(HelmChartsRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(RepoServerServiceServer).GetHelmCharts(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/repository.RepoServerService/GetHelmCharts", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(RepoServerServiceServer).GetHelmCharts(ctx, req.(*HelmChartsRequest)) - } - return interceptor(ctx, in, info, handler) -} - -func _RepoServerService_GetGitFiles_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(GitFilesRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(RepoServerServiceServer).GetGitFiles(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/repository.RepoServerService/GetGitFiles", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(RepoServerServiceServer).GetGitFiles(ctx, req.(*GitFilesRequest)) - } - return interceptor(ctx, in, info, handler) -} - -func _RepoServerService_GetGitDirectories_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(GitDirectoriesRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(RepoServerServiceServer).GetGitDirectories(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/repository.RepoServerService/GetGitDirectories", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(RepoServerServiceServer).GetGitDirectories(ctx, req.(*GitDirectoriesRequest)) + return srv.(RepoServerServiceServer).GetHelmCharts(ctx, req.(*HelmChartsRequest)) } return interceptor(ctx, in, info, handler) } @@ -2871,22 +2424,10 @@ var _RepoServerService_serviceDesc = grpc.ServiceDesc{ MethodName: "GetRevisionMetadata", Handler: _RepoServerService_GetRevisionMetadata_Handler, }, - { - MethodName: "GetRevisionChartDetails", - Handler: _RepoServerService_GetRevisionChartDetails_Handler, - }, { MethodName: "GetHelmCharts", Handler: _RepoServerService_GetHelmCharts_Handler, }, - { - MethodName: "GetGitFiles", - Handler: _RepoServerService_GetGitFiles_Handler, - }, - { - MethodName: "GetGitDirectories", - Handler: _RepoServerService_GetGitDirectories_Handler, - }, }, Streams: []grpc.StreamDesc{ { @@ -2922,26 +2463,6 @@ func (m *ManifestRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - if len(m.ProjectName) > 0 { - i -= len(m.ProjectName) - copy(dAtA[i:], m.ProjectName) - i = encodeVarintRepository(dAtA, i, uint64(len(m.ProjectName))) - i-- - dAtA[i] = 0x1 - i-- - dAtA[i] = 0xca - } - if len(m.ProjectSourceRepos) > 0 { - for iNdEx := len(m.ProjectSourceRepos) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.ProjectSourceRepos[iNdEx]) - copy(dAtA[i:], m.ProjectSourceRepos[iNdEx]) - i = encodeVarintRepository(dAtA, i, uint64(len(m.ProjectSourceRepos[iNdEx]))) - i-- - dAtA[i] = 0x1 - i-- - dAtA[i] = 0xc2 - } - } if len(m.RefSources) > 0 { for k := range m.RefSources { v := m.RefSources[k] @@ -4190,59 +3711,6 @@ func (m *RepoServerRevisionMetadataRequest) MarshalToSizedBuffer(dAtA []byte) (i return len(dAtA) - i, nil } -func (m *RepoServerRevisionChartDetailsRequest) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *RepoServerRevisionChartDetailsRequest) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *RepoServerRevisionChartDetailsRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Revision) > 0 { - i -= len(m.Revision) - copy(dAtA[i:], m.Revision) - i = encodeVarintRepository(dAtA, i, uint64(len(m.Revision))) - i-- - dAtA[i] = 0x1a - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarintRepository(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0x12 - } - if m.Repo != nil { - { - size, err := m.Repo.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintRepository(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - func (m *HelmAppSpec) Marshal() (dAtA []byte, err error) { size := m.Size() dAtA = make([]byte, size) @@ -4655,291 +4123,78 @@ func (m *HelmChartsResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } -func (m *GitFilesRequest) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err +func encodeVarintRepository(dAtA []byte, offset int, v uint64) int { + offset -= sovRepository(v) + base := offset + for v >= 1<<7 { + dAtA[offset] = uint8(v&0x7f | 0x80) + v >>= 7 + offset++ } - return dAtA[:n], nil -} - -func (m *GitFilesRequest) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) + dAtA[offset] = uint8(v) + return base } - -func (m *GitFilesRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i +func (m *ManifestRequest) Size() (n int) { + if m == nil { + return 0 + } var l int _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) + if m.Repo != nil { + l = m.Repo.Size() + n += 1 + l + sovRepository(uint64(l)) } - if m.NewGitFileGlobbingEnabled { - i-- - if m.NewGitFileGlobbingEnabled { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x28 + l = len(m.Revision) + if l > 0 { + n += 1 + l + sovRepository(uint64(l)) } - if len(m.Path) > 0 { - i -= len(m.Path) - copy(dAtA[i:], m.Path) - i = encodeVarintRepository(dAtA, i, uint64(len(m.Path))) - i-- - dAtA[i] = 0x22 + if m.NoCache { + n += 2 } - if len(m.Revision) > 0 { - i -= len(m.Revision) - copy(dAtA[i:], m.Revision) - i = encodeVarintRepository(dAtA, i, uint64(len(m.Revision))) - i-- - dAtA[i] = 0x1a + l = len(m.AppLabelKey) + if l > 0 { + n += 1 + l + sovRepository(uint64(l)) } - if m.SubmoduleEnabled { - i-- - if m.SubmoduleEnabled { - dAtA[i] = 1 - } else { - dAtA[i] = 0 + l = len(m.AppName) + if l > 0 { + n += 1 + l + sovRepository(uint64(l)) + } + l = len(m.Namespace) + if l > 0 { + n += 1 + l + sovRepository(uint64(l)) + } + if m.ApplicationSource != nil { + l = m.ApplicationSource.Size() + n += 1 + l + sovRepository(uint64(l)) + } + if len(m.Repos) > 0 { + for _, e := range m.Repos { + l = e.Size() + n += 1 + l + sovRepository(uint64(l)) } - i-- - dAtA[i] = 0x10 } - if m.Repo != nil { - { - size, err := m.Repo.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintRepository(dAtA, i, uint64(size)) + if len(m.Plugins) > 0 { + for _, e := range m.Plugins { + l = e.Size() + n += 1 + l + sovRepository(uint64(l)) } - i-- - dAtA[i] = 0xa } - return len(dAtA) - i, nil -} - -func (m *GitFilesResponse) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err + if m.KustomizeOptions != nil { + l = m.KustomizeOptions.Size() + n += 1 + l + sovRepository(uint64(l)) } - return dAtA[:n], nil -} - -func (m *GitFilesResponse) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *GitFilesResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) + l = len(m.KubeVersion) + if l > 0 { + n += 1 + l + sovRepository(uint64(l)) } - if len(m.Map) > 0 { - for k := range m.Map { - v := m.Map[k] - baseI := i - if len(v) > 0 { - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarintRepository(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - } - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarintRepository(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarintRepository(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0xa + if len(m.ApiVersions) > 0 { + for _, s := range m.ApiVersions { + l = len(s) + n += 1 + l + sovRepository(uint64(l)) } } - return len(dAtA) - i, nil -} - -func (m *GitDirectoriesRequest) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *GitDirectoriesRequest) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *GitDirectoriesRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Revision) > 0 { - i -= len(m.Revision) - copy(dAtA[i:], m.Revision) - i = encodeVarintRepository(dAtA, i, uint64(len(m.Revision))) - i-- - dAtA[i] = 0x1a - } - if m.SubmoduleEnabled { - i-- - if m.SubmoduleEnabled { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x10 - } - if m.Repo != nil { - { - size, err := m.Repo.MarshalToSizedBuffer(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarintRepository(dAtA, i, uint64(size)) - } - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *GitDirectoriesResponse) Marshal() (dAtA []byte, err error) { - size := m.Size() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBuffer(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *GitDirectoriesResponse) MarshalTo(dAtA []byte) (int, error) { - size := m.Size() - return m.MarshalToSizedBuffer(dAtA[:size]) -} - -func (m *GitDirectoriesResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) { - i := len(dAtA) - _ = i - var l int - _ = l - if m.XXX_unrecognized != nil { - i -= len(m.XXX_unrecognized) - copy(dAtA[i:], m.XXX_unrecognized) - } - if len(m.Paths) > 0 { - for iNdEx := len(m.Paths) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.Paths[iNdEx]) - copy(dAtA[i:], m.Paths[iNdEx]) - i = encodeVarintRepository(dAtA, i, uint64(len(m.Paths[iNdEx]))) - i-- - dAtA[i] = 0xa - } - } - return len(dAtA) - i, nil -} - -func encodeVarintRepository(dAtA []byte, offset int, v uint64) int { - offset -= sovRepository(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func (m *ManifestRequest) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Repo != nil { - l = m.Repo.Size() - n += 1 + l + sovRepository(uint64(l)) - } - l = len(m.Revision) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - if m.NoCache { - n += 2 - } - l = len(m.AppLabelKey) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - l = len(m.AppName) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - l = len(m.Namespace) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - if m.ApplicationSource != nil { - l = m.ApplicationSource.Size() - n += 1 + l + sovRepository(uint64(l)) - } - if len(m.Repos) > 0 { - for _, e := range m.Repos { - l = e.Size() - n += 1 + l + sovRepository(uint64(l)) - } - } - if len(m.Plugins) > 0 { - for _, e := range m.Plugins { - l = e.Size() - n += 1 + l + sovRepository(uint64(l)) - } - } - if m.KustomizeOptions != nil { - l = m.KustomizeOptions.Size() - n += 1 + l + sovRepository(uint64(l)) - } - l = len(m.KubeVersion) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - if len(m.ApiVersions) > 0 { - for _, s := range m.ApiVersions { - l = len(s) - n += 1 + l + sovRepository(uint64(l)) - } - } - if m.VerifySignature { - n += 3 + if m.VerifySignature { + n += 3 } if len(m.HelmRepoCreds) > 0 { for _, e := range m.HelmRepoCreds { @@ -4982,16 +4237,6 @@ func (m *ManifestRequest) Size() (n int) { n += mapEntrySize + 2 + sovRepository(uint64(mapEntrySize)) } } - if len(m.ProjectSourceRepos) > 0 { - for _, s := range m.ProjectSourceRepos { - l = len(s) - n += 2 + l + sovRepository(uint64(l)) - } - } - l = len(m.ProjectName) - if l > 0 { - n += 2 + l + sovRepository(uint64(l)) - } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -5443,30 +4688,6 @@ func (m *RepoServerRevisionMetadataRequest) Size() (n int) { return n } -func (m *RepoServerRevisionChartDetailsRequest) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Repo != nil { - l = m.Repo.Size() - n += 1 + l + sovRepository(uint64(l)) - } - l = len(m.Name) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - l = len(m.Revision) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - func (m *HelmAppSpec) Size() (n int) { if m == nil { return 0 @@ -5662,101 +4883,6 @@ func (m *HelmChartsResponse) Size() (n int) { return n } -func (m *GitFilesRequest) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Repo != nil { - l = m.Repo.Size() - n += 1 + l + sovRepository(uint64(l)) - } - if m.SubmoduleEnabled { - n += 2 - } - l = len(m.Revision) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - l = len(m.Path) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - if m.NewGitFileGlobbingEnabled { - n += 2 - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *GitFilesResponse) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.Map) > 0 { - for k, v := range m.Map { - _ = k - _ = v - l = 0 - if len(v) > 0 { - l = 1 + len(v) + sovRepository(uint64(len(v))) - } - mapEntrySize := 1 + len(k) + sovRepository(uint64(len(k))) + l - n += mapEntrySize + 1 + sovRepository(uint64(mapEntrySize)) - } - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *GitDirectoriesRequest) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Repo != nil { - l = m.Repo.Size() - n += 1 + l + sovRepository(uint64(l)) - } - if m.SubmoduleEnabled { - n += 2 - } - l = len(m.Revision) - if l > 0 { - n += 1 + l + sovRepository(uint64(l)) - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - -func (m *GitDirectoriesResponse) Size() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if len(m.Paths) > 0 { - for _, s := range m.Paths { - l = len(s) - n += 1 + l + sovRepository(uint64(l)) - } - } - if m.XXX_unrecognized != nil { - n += len(m.XXX_unrecognized) - } - return n -} - func sovRepository(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -6586,70 +5712,6 @@ func (m *ManifestRequest) Unmarshal(dAtA []byte) error { } m.RefSources[mapkey] = mapvalue iNdEx = postIndex - case 24: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ProjectSourceRepos", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ProjectSourceRepos = append(m.ProjectSourceRepos, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 25: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ProjectName", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ProjectName = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipRepository(dAtA[iNdEx:]) @@ -9411,157 +8473,6 @@ func (m *RepoServerRevisionMetadataRequest) Unmarshal(dAtA []byte) error { } return nil } -func (m *RepoServerRevisionChartDetailsRequest) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: RepoServerRevisionChartDetailsRequest: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: RepoServerRevisionChartDetailsRequest: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Repo", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Repo == nil { - m.Repo = &v1alpha1.Repository{} - } - if err := m.Repo.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Revision", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Revision = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipRepository(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthRepository - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} func (m *HelmAppSpec) Unmarshal(dAtA []byte) error { l := len(dAtA) iNdEx := 0 @@ -10705,598 +9616,6 @@ func (m *HelmChartsResponse) Unmarshal(dAtA []byte) error { } return nil } -func (m *GitFilesRequest) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: GitFilesRequest: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: GitFilesRequest: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Repo", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Repo == nil { - m.Repo = &v1alpha1.Repository{} - } - if err := m.Repo.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field SubmoduleEnabled", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.SubmoduleEnabled = bool(v != 0) - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Revision", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Revision = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Path", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Path = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 5: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field NewGitFileGlobbingEnabled", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.NewGitFileGlobbingEnabled = bool(v != 0) - default: - iNdEx = preIndex - skippy, err := skipRepository(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthRepository - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *GitFilesResponse) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: GitFilesResponse: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: GitFilesResponse: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Map", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Map == nil { - m.Map = make(map[string][]byte) - } - var mapkey string - mapvalue := []byte{} - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLengthRepository - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLengthRepository - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var mapbyteLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - mapbyteLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intMapbyteLen := int(mapbyteLen) - if intMapbyteLen < 0 { - return ErrInvalidLengthRepository - } - postbytesIndex := iNdEx + intMapbyteLen - if postbytesIndex < 0 { - return ErrInvalidLengthRepository - } - if postbytesIndex > l { - return io.ErrUnexpectedEOF - } - mapvalue = make([]byte, mapbyteLen) - copy(mapvalue, dAtA[iNdEx:postbytesIndex]) - iNdEx = postbytesIndex - } else { - iNdEx = entryPreIndex - skippy, err := skipRepository(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthRepository - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Map[mapkey] = mapvalue - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipRepository(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthRepository - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *GitDirectoriesRequest) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: GitDirectoriesRequest: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: GitDirectoriesRequest: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Repo", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Repo == nil { - m.Repo = &v1alpha1.Repository{} - } - if err := m.Repo.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field SubmoduleEnabled", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.SubmoduleEnabled = bool(v != 0) - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Revision", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Revision = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipRepository(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthRepository - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *GitDirectoriesResponse) Unmarshal(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: GitDirectoriesResponse: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: GitDirectoriesResponse: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Paths", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflowRepository - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLengthRepository - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLengthRepository - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Paths = append(m.Paths, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skipRepository(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLengthRepository - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} func skipRepository(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 diff --git a/reposerver/cache/cache.go b/reposerver/cache/cache.go index 79d3a02b62750..1cc9abbf73cc3 100644 --- a/reposerver/cache/cache.go +++ b/reposerver/cache/cache.go @@ -56,7 +56,7 @@ func AddCacheFlagsToCmd(cmd *cobra.Command, opts ...func(client *redis.Client)) return func() (*Cache, error) { cache, err := repoFactory() if err != nil { - return nil, fmt.Errorf("error adding cache flags to cmd: %w", err) + return nil, err } return NewCache(cache, repoCacheExpiration, revisionCacheExpiration), nil } @@ -304,45 +304,6 @@ func (c *Cache) SetRevisionMetadata(repoURL, revision string, item *appv1.Revisi return c.cache.SetItem(revisionMetadataKey(repoURL, revision), item, c.repoCacheExpiration, false) } -func revisionChartDetailsKey(repoURL, chart, revision string) string { - return fmt.Sprintf("chartdetails|%s|%s|%s", repoURL, chart, revision) -} - -func (c *Cache) GetRevisionChartDetails(repoURL, chart, revision string) (*appv1.ChartDetails, error) { - item := &appv1.ChartDetails{} - return item, c.cache.GetItem(revisionChartDetailsKey(repoURL, chart, revision), item) -} - -func (c *Cache) SetRevisionChartDetails(repoURL, chart, revision string, item *appv1.ChartDetails) error { - return c.cache.SetItem(revisionChartDetailsKey(repoURL, chart, revision), item, c.repoCacheExpiration, false) -} - -func gitFilesKey(repoURL, revision, pattern string) string { - return fmt.Sprintf("gitfiles|%s|%s|%s", repoURL, revision, pattern) -} - -func (c *Cache) SetGitFiles(repoURL, revision, pattern string, files map[string][]byte) error { - return c.cache.SetItem(gitFilesKey(repoURL, revision, pattern), &files, c.repoCacheExpiration, false) -} - -func (c *Cache) GetGitFiles(repoURL, revision, pattern string) (map[string][]byte, error) { - var item map[string][]byte - return item, c.cache.GetItem(gitFilesKey(repoURL, revision, pattern), &item) -} - -func gitDirectoriesKey(repoURL, revision string) string { - return fmt.Sprintf("gitdirs|%s|%s", repoURL, revision) -} - -func (c *Cache) SetGitDirectories(repoURL, revision string, directories []string) error { - return c.cache.SetItem(gitDirectoriesKey(repoURL, revision), &directories, c.repoCacheExpiration, false) -} - -func (c *Cache) GetGitDirectories(repoURL, revision string) ([]string, error) { - var item []string - return item, c.cache.GetItem(gitDirectoriesKey(repoURL, revision), &item) -} - func (cmr *CachedManifestResponse) shallowCopy() *CachedManifestResponse { if cmr == nil { return nil diff --git a/reposerver/gpgwatcher.go b/reposerver/gpgwatcher.go index 9c2c9be790813..bf2387a7e38b2 100644 --- a/reposerver/gpgwatcher.go +++ b/reposerver/gpgwatcher.go @@ -21,11 +21,7 @@ func StartGPGWatcher(sourcePath string) error { if err != nil { return err } - defer func(watcher *fsnotify.Watcher) { - if err = watcher.Close(); err != nil { - log.Errorf("Error closing watcher: %v", err) - } - }(watcher) + defer watcher.Close() done := make(chan bool) go func() { diff --git a/reposerver/repository/chart.go b/reposerver/repository/chart.go deleted file mode 100644 index f4bcf48fba569..0000000000000 --- a/reposerver/repository/chart.go +++ /dev/null @@ -1,30 +0,0 @@ -package repository - -import ( - "fmt" - "strings" - - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - "sigs.k8s.io/yaml" -) - -func getChartDetails(chartYAML string) (*v1alpha1.ChartDetails, error) { - var chart Chart - err := yaml.Unmarshal([]byte(chartYAML), &chart) - if err != nil { - return nil, fmt.Errorf("failed to unmarshal chart: %w", err) - } - var maintainers []string - for _, maintainer := range chart.Maintainers { - if maintainer.Email != "" { - maintainers = append(maintainers, strings.Trim(fmt.Sprintf("%v <%v>", maintainer.Name, maintainer.Email), " ")) - } else { - maintainers = append(maintainers, fmt.Sprintf("%v", maintainer.Name)) - } - } - return &v1alpha1.ChartDetails{ - Description: chart.Description, - Maintainers: maintainers, - Home: chart.Home, - }, nil -} diff --git a/reposerver/repository/chart_test.go b/reposerver/repository/chart_test.go deleted file mode 100644 index b22e7c21bede5..0000000000000 --- a/reposerver/repository/chart_test.go +++ /dev/null @@ -1,63 +0,0 @@ -package repository - -import ( - "testing" - - "github.com/stretchr/testify/assert" -) - -func Test_getChartDetailsNotSet(t *testing.T) { - chart1 := `apiVersion: v3 -name: mychart -version: 0.0.0` - - cd, err := getChartDetails(chart1) - assert.NoError(t, err) - assert.Equal(t, cd.Description, "") - assert.Equal(t, cd.Maintainers, []string(nil)) - assert.Equal(t, cd.Home, "") -} - -func Test_getChartDetailsSet(t *testing.T) { - chart1 := `apiVersion: v3 -name: mychart -version: 0.0.0 -description: a good chart -home: https://example.com -maintainers: -- name: alex - email: example@example.com -` - - cd, err := getChartDetails(chart1) - assert.NoError(t, err) - assert.Equal(t, cd.Description, "a good chart") - assert.Equal(t, cd.Maintainers, []string{"alex "}) - assert.Equal(t, cd.Home, "https://example.com") - - chart1 = `apiVersion: v3 -name: mychart -version: 0.0.0 -description: a good chart -home: https://example.com -maintainers: -- name: alex -` - cd, err = getChartDetails(chart1) - assert.NoError(t, err) - assert.Equal(t, cd.Maintainers, []string{"alex"}) -} - -func Test_getChartDetailsBad(t *testing.T) { - chart1 := `apiVersion: v3 -name: mychart -version: 0.0.0 -description: a good chart -home: https://example.com -maintainers: alex -` - - cd, err := getChartDetails(chart1) - assert.Error(t, err) - assert.Nil(t, cd) -} diff --git a/reposerver/repository/lock.go b/reposerver/repository/lock.go index fa8da9c3e5089..05eddf667d82a 100644 --- a/reposerver/repository/lock.go +++ b/reposerver/repository/lock.go @@ -55,7 +55,7 @@ func (r *repositoryLock) Lock(path string, revision string, allowConcurrent bool initCloser, err := init() if err != nil { state.cond.L.Unlock() - return nil, fmt.Errorf("failed to initialize repository resources: %w", err) + return nil, err } state.initCloser = initCloser state.revision = revision diff --git a/reposerver/repository/repository.go b/reposerver/repository/repository.go index 09509645eac69..3520250b2f47f 100644 --- a/reposerver/repository/repository.go +++ b/reposerver/repository/repository.go @@ -10,6 +10,7 @@ import ( "io/fs" "net/url" "os" + "os/exec" "path" "path/filepath" "regexp" @@ -32,6 +33,7 @@ import ( textutils "github.com/argoproj/gitops-engine/pkg/utils/text" "github.com/argoproj/pkg/sync" jsonpatch "github.com/evanphx/json-patch" + "github.com/ghodss/yaml" gogit "github.com/go-git/go-git/v5" "github.com/google/go-jsonnet" "github.com/google/uuid" @@ -43,17 +45,18 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/yaml" pluginclient "github.com/argoproj/argo-cd/v2/cmpserver/apiclient" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/reposerver/apiclient" "github.com/argoproj/argo-cd/v2/reposerver/cache" + reposervercache "github.com/argoproj/argo-cd/v2/reposerver/cache" "github.com/argoproj/argo-cd/v2/reposerver/metrics" "github.com/argoproj/argo-cd/v2/util/app/discovery" argopath "github.com/argoproj/argo-cd/v2/util/app/path" "github.com/argoproj/argo-cd/v2/util/argo" "github.com/argoproj/argo-cd/v2/util/cmp" + executil "github.com/argoproj/argo-cd/v2/util/exec" "github.com/argoproj/argo-cd/v2/util/git" "github.com/argoproj/argo-cd/v2/util/glob" "github.com/argoproj/argo-cd/v2/util/gpg" @@ -84,7 +87,7 @@ type Service struct { chartPaths io.TempPaths gitRepoInitializer func(rootPath string) goio.Closer repoLock *repositoryLock - cache *cache.Cache + cache *reposervercache.Cache parallelismLimitSemaphore *semaphore.Weighted metricsServer *metrics.MetricsServer resourceTracking argo.ResourceTracking @@ -109,7 +112,7 @@ type RepoServerInitConstants struct { } // NewService returns a new instance of the Manifest service -func NewService(metricsServer *metrics.MetricsServer, cache *cache.Cache, initConstants RepoServerInitConstants, resourceTracking argo.ResourceTracking, gitCredsStore git.CredsStore, rootDir string) *Service { +func NewService(metricsServer *metrics.MetricsServer, cache *reposervercache.Cache, initConstants RepoServerInitConstants, resourceTracking argo.ResourceTracking, gitCredsStore git.CredsStore, rootDir string) *Service { var parallelismLimitSemaphore *semaphore.Weighted if initConstants.ParallelismLimit > 0 { parallelismLimitSemaphore = semaphore.NewWeighted(initConstants.ParallelismLimit) @@ -146,16 +149,16 @@ func (s *Service) Init() error { // give itself read permissions to list previously written directories err = os.Chmod(s.rootDir, 0700) } - var dirEntries []fs.DirEntry + var files []fs.DirEntry if err == nil { - dirEntries, err = os.ReadDir(s.rootDir) + files, err = os.ReadDir(s.rootDir) } if err != nil { log.Warnf("Failed to restore cloned repositories paths: %v", err) return nil } - for _, file := range dirEntries { + for _, file := range files { if !file.IsDir() { continue } @@ -172,11 +175,11 @@ func (s *Service) Init() error { return os.Chmod(s.rootDir, 0300) } -// ListRefs List a subset of the refs (currently, branches and tags) of a git repo +// List a subset of the refs (currently, branches and tags) of a git repo func (s *Service) ListRefs(ctx context.Context, q *apiclient.ListRefsRequest) (*apiclient.Refs, error) { gitClient, err := s.newClient(q.Repo) if err != nil { - return nil, fmt.Errorf("error creating git client: %w", err) + return nil, err } s.metricsServer.IncPendingRepoRequest(q.Repo.Repo) @@ -199,7 +202,7 @@ func (s *Service) ListRefs(ctx context.Context, q *apiclient.ListRefsRequest) (* func (s *Service) ListApps(ctx context.Context, q *apiclient.ListAppsRequest) (*apiclient.AppList, error) { gitClient, commitSHA, err := s.newClientResolveRevision(q.Repo, q.Revision) if err != nil { - return nil, fmt.Errorf("error setting up git client and resolving given revision: %w", err) + return nil, err } if apps, err := s.cache.ListApps(q.Repo.Repo, commitSHA); err == nil { log.Infof("cache hit: %s/%s", q.Repo.Repo, q.Revision) @@ -214,13 +217,13 @@ func (s *Service) ListApps(ctx context.Context, q *apiclient.ListAppsRequest) (* }) if err != nil { - return nil, fmt.Errorf("error acquiring repository lock: %w", err) + return nil, err } defer io.Close(closer) apps, err := discovery.Discover(ctx, gitClient.Root(), gitClient.Root(), q.EnabledSourceTypes, s.initConstants.CMPTarExcludedGlobs) if err != nil { - return nil, fmt.Errorf("error discovering applications: %w", err) + return nil, err } err = s.cache.SetApps(q.Repo.Repo, commitSHA, apps) if err != nil { @@ -239,7 +242,7 @@ func (s *Service) ListPlugins(ctx context.Context, _ *empty.Empty) (*apiclient.P return nil, fmt.Errorf("failed to get plugins from dir %v, error=%w", pluginSockFilePath, err) } - var plugins []*apiclient.PluginInfo + plugins := []*apiclient.PluginInfo{} for _, file := range sockFiles { if file.Type() == os.ModeSocket { plugins = append(plugins, &apiclient.PluginInfo{Name: strings.TrimSuffix(file.Name(), ".sock")}) @@ -291,8 +294,8 @@ func (s *Service) runRepoOperation( refSources map[string]*v1alpha1.RefTarget) error { if sanitizer, ok := grpc.SanitizerFromContext(ctx); ok { - // make sure a randomized path replaced with '.' in the error message - sanitizer.AddRegexReplacement(getRepoSanitizerRegex(s.rootDir), "") + // make sure randomized path replaced with '.' in the error message + sanitizer.AddRegexReplacement(regexp.MustCompile(`(`+regexp.QuoteMeta(s.rootDir)+`/.*?)/`), ".") } var gitClient git.Client @@ -439,15 +442,6 @@ func (s *Service) runRepoOperation( } } -func getRepoSanitizerRegex(rootDir string) *regexp.Regexp { - // This regex assumes that the sensitive part of the path (the component immediately after "rootDir") contains no - // spaces. This assumption allows us to avoid sanitizing "more info" in "/tmp/_argocd-repo/SENSITIVE more info". - // - // The no-spaces assumption holds for our actual use case, which is "/tmp/_argocd-repo/{random UUID}". The UUID will - // only ever contain digits and hyphens. - return regexp.MustCompile(regexp.QuoteMeta(rootDir) + `/[^ /]*`) -} - type gitClientGetter func(repo *v1alpha1.Repository, revision string, opts ...git.ClientOpts) (git.Client, string, error) // resolveReferencedSources resolves the revisions for the given referenced sources. This lets us invalidate the cached @@ -457,38 +451,38 @@ type gitClientGetter func(repo *v1alpha1.Repository, revision string, opts ...gi // should be updated. func resolveReferencedSources(hasMultipleSources bool, source *v1alpha1.ApplicationSourceHelm, refSources map[string]*v1alpha1.RefTarget, newClientResolveRevision gitClientGetter) (map[string]string, error) { repoRefs := make(map[string]string) - if !hasMultipleSources || source == nil { - return repoRefs, nil - } - - for _, valueFile := range source.ValueFiles { - if strings.HasPrefix(valueFile, "$") { - refVar := strings.Split(valueFile, "/")[0] + if hasMultipleSources { + if source != nil { + for _, valueFile := range source.ValueFiles { + if strings.HasPrefix(valueFile, "$") { + refVar := strings.Split(valueFile, "/")[0] + + refSourceMapping, ok := refSources[refVar] + if !ok { + if len(refSources) == 0 { + return nil, fmt.Errorf("source referenced %q, but no source has a 'ref' field defined", refVar) + } + refKeys := make([]string, 0) + for refKey := range refSources { + refKeys = append(refKeys, refKey) + } + return nil, fmt.Errorf("source referenced %q, which is not one of the available sources (%s)", refVar, strings.Join(refKeys, ", ")) + } + if refSourceMapping.Chart != "" { + return nil, fmt.Errorf("source has a 'chart' field defined, but Helm charts are not yet not supported for 'ref' sources") + } + normalizedRepoURL := git.NormalizeGitURL(refSourceMapping.Repo.Repo) + _, ok = repoRefs[normalizedRepoURL] + if !ok { + _, referencedCommitSHA, err := newClientResolveRevision(&refSourceMapping.Repo, refSourceMapping.TargetRevision) + if err != nil { + log.Errorf("Failed to get git client for repo %s: %v", refSourceMapping.Repo.Repo, err) + return nil, fmt.Errorf("failed to get git client for repo %s", refSourceMapping.Repo.Repo) + } - refSourceMapping, ok := refSources[refVar] - if !ok { - if len(refSources) == 0 { - return nil, fmt.Errorf("source referenced %q, but no source has a 'ref' field defined", refVar) - } - refKeys := make([]string, 0) - for refKey := range refSources { - refKeys = append(refKeys, refKey) - } - return nil, fmt.Errorf("source referenced %q, which is not one of the available sources (%s)", refVar, strings.Join(refKeys, ", ")) - } - if refSourceMapping.Chart != "" { - return nil, fmt.Errorf("source has a 'chart' field defined, but Helm charts are not yet not supported for 'ref' sources") - } - normalizedRepoURL := git.NormalizeGitURL(refSourceMapping.Repo.Repo) - _, ok = repoRefs[normalizedRepoURL] - if !ok { - _, referencedCommitSHA, err := newClientResolveRevision(&refSourceMapping.Repo, refSourceMapping.TargetRevision) - if err != nil { - log.Errorf("Failed to get git client for repo %s: %v", refSourceMapping.Repo.Repo, err) - return nil, fmt.Errorf("failed to get git client for repo %s", refSourceMapping.Repo.Repo) + repoRefs[normalizedRepoURL] = referencedCommitSHA + } } - - repoRefs[normalizedRepoURL] = referencedCommitSHA } } } @@ -783,11 +777,6 @@ func (s *Service) runManifestGenAsync(ctx context.Context, repoRoot, commitSHA, } } if err != nil { - logCtx := log.WithFields(log.Fields{ - "application": q.AppName, - "appNamespace": q.Namespace, - }) - // If manifest generation error caching is enabled if s.initConstants.PauseGenerationAfterFailedGenerationAttempts > 0 { cache.LogDebugManifestCacheKeyFields("getting manifests cache", "GenerateManifests error", cacheKey, q.ApplicationSource, q.RefSources, q, q.Namespace, q.TrackingMethod, q.AppLabelKey, q.AppName, refSourceCommitSHAs) @@ -796,8 +785,8 @@ func (s *Service) runManifestGenAsync(ctx context.Context, repoRoot, commitSHA, // rather than a copy of the cache that occurred before (a potentially lengthy) manifest generation. innerRes := &cache.CachedManifestResponse{} cacheErr := s.cache.GetManifests(cacheKey, appSourceCopy, q.RefSources, q, q.Namespace, q.TrackingMethod, q.AppLabelKey, q.AppName, innerRes, refSourceCommitSHAs) - if cacheErr != nil && cacheErr != cache.ErrCacheMiss { - logCtx.Warnf("manifest cache get error %s: %v", appSourceCopy.String(), cacheErr) + if cacheErr != nil && cacheErr != reposervercache.ErrCacheMiss { + log.Warnf("manifest cache set error %s: %v", appSourceCopy.String(), cacheErr) ch.errCh <- cacheErr return } @@ -815,7 +804,7 @@ func (s *Service) runManifestGenAsync(ctx context.Context, repoRoot, commitSHA, innerRes.MostRecentError = err.Error() cacheErr = s.cache.SetManifests(cacheKey, appSourceCopy, q.RefSources, q, q.Namespace, q.TrackingMethod, q.AppLabelKey, q.AppName, innerRes, refSourceCommitSHAs) if cacheErr != nil { - logCtx.Warnf("manifest cache set error %s: %v", appSourceCopy.String(), cacheErr) + log.Warnf("manifest cache set error %s: %v", appSourceCopy.String(), cacheErr) ch.errCh <- cacheErr return } @@ -931,7 +920,7 @@ func (s *Service) getManifestCacheEntry(cacheKey string, q *apiclient.ManifestRe return true, res.ManifestResponse, nil } - if err != cache.ErrCacheMiss { + if err != reposervercache.ErrCacheMiss { log.Warnf("manifest cache error %s: %v", q.ApplicationSource.String(), err) } else { log.Infof("manifest cache miss: %s/%s", q.ApplicationSource.String(), cacheKey) @@ -943,7 +932,7 @@ func (s *Service) getManifestCacheEntry(cacheKey string, q *apiclient.ManifestRe func getHelmRepos(appPath string, repositories []*v1alpha1.Repository, helmRepoCreds []*v1alpha1.RepoCreds) ([]helm.HelmRepository, error) { dependencies, err := getHelmDependencyRepos(appPath) if err != nil { - return nil, fmt.Errorf("error retrieving helm dependency repos: %w", err) + return nil, err } reposByName := make(map[string]*v1alpha1.Repository) reposByUrl := make(map[string]*v1alpha1.Repository) @@ -1000,12 +989,12 @@ func getHelmDependencyRepos(appPath string) ([]*v1alpha1.Repository, error) { repos := make([]*v1alpha1.Repository, 0) f, err := os.ReadFile(filepath.Join(appPath, "Chart.yaml")) if err != nil { - return nil, fmt.Errorf("error reading helm chart from %s: %w", filepath.Join(appPath, "Chart.yaml"), err) + return nil, err } d := &dependencies{} if err = yaml.Unmarshal(f, d); err != nil { - return nil, fmt.Errorf("error unmarshalling the helm chart while getting helm dependency repos: %w", err) + return nil, err } for _, r := range d.Dependencies { @@ -1048,9 +1037,9 @@ func runHelmBuild(appPath string, h helm.Helm) error { manifestGenerateLock.Lock(appPath) defer manifestGenerateLock.Unlock(appPath) - // the `helm dependency build` is potentially a time-consuming 1~2 seconds, - // a marker file is used to check if command already run to avoid running it again unnecessarily - // the file is removed when repository is re-initialized (e.g. when another commit is processed) + // the `helm dependency build` is potentially time consuming 1~2 seconds + // marker file is used to check if command already run to avoid running it again unnecessary + // file is removed when repository re-initialized (e.g. when another commit is processed) markerFile := path.Join(appPath, helmDepUpMarkerFile) _, err := os.Stat(markerFile) if err == nil { @@ -1061,16 +1050,11 @@ func runHelmBuild(appPath string, h helm.Helm) error { err = h.DependencyBuild() if err != nil { - return fmt.Errorf("error building helm chart dependencies: %w", err) + return err } return os.WriteFile(markerFile, []byte("marker"), 0644) } -func isSourcePermitted(url string, repos []string) bool { - p := v1alpha1.AppProject{Spec: v1alpha1.AppProjectSpec{SourceRepos: repos}} - return p.IsSourcePermitted(v1alpha1.ApplicationSource{RepoURL: url}) -} - func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclient.ManifestRequest, isLocal bool, gitRepoPaths io.TempPaths) ([]*unstructured.Unstructured, error) { concurrencyAllowed := isConcurrencyAllowed(appPath) if !concurrencyAllowed { @@ -1082,7 +1066,7 @@ func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclie // contain any underscore characters and must not exceed 53 characters. // We are not interested in the fully qualified application name while // templating, thus, we just use the name part of the identifier. - appName, _ := argo.ParseInstanceName(q.AppName, "") + appName, _ := argo.ParseAppInstanceName(q.AppName, "") templateOpts := &helm.TemplateOpts{ Name: appName, @@ -1107,15 +1091,15 @@ func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclie resolvedValueFiles, err := getResolvedValueFiles(appPath, repoRoot, env, q.GetValuesFileSchemes(), appHelm.ValueFiles, q.RefSources, gitRepoPaths, appHelm.IgnoreMissingValueFiles) if err != nil { - return nil, fmt.Errorf("error resolving helm value files: %w", err) + return nil, err } templateOpts.Values = resolvedValueFiles - if !appHelm.ValuesIsEmpty() { + if appHelm.Values != "" { rand, err := uuid.NewRandom() if err != nil { - return nil, fmt.Errorf("error generating random filename for Helm values file: %w", err) + return nil, err } p := path.Join(os.TempDir(), rand.String()) defer func() { @@ -1124,9 +1108,9 @@ func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclie _ = os.RemoveAll(p) } }() - err = os.WriteFile(p, appHelm.ValuesYAML(), 0644) + err = os.WriteFile(p, []byte(appHelm.Values), 0644) if err != nil { - return nil, fmt.Errorf("error writing helm values file: %w", err) + return nil, err } templateOpts.Values = append(templateOpts.Values, pathutil.ResolvedFilePath(p)) } @@ -1141,7 +1125,7 @@ func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclie for _, p := range appHelm.FileParameters { resolvedPath, _, err := pathutil.ResolveValueFilePathOrUrl(appPath, repoRoot, env.Envsubst(p.Path), q.GetValuesFileSchemes()) if err != nil { - return nil, fmt.Errorf("error resolving helm value file path: %w", err) + return nil, err } templateOpts.SetFile[p.Name] = resolvedPath } @@ -1165,18 +1149,17 @@ func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclie helmRepos, err := getHelmRepos(appPath, q.Repos, q.HelmRepoCreds) if err != nil { - return nil, fmt.Errorf("error getting helm repos: %w", err) + return nil, err } - h, err := helm.NewHelmApp(appPath, helmRepos, isLocal, version, proxy, passCredentials) if err != nil { - return nil, fmt.Errorf("error initializing helm app object: %w", err) + return nil, err } defer h.Dispose() err = h.Init() if err != nil { - return nil, fmt.Errorf("error initializing helm app: %w", err) + return nil, err } out, err := h.Template(templateOpts) @@ -1192,24 +1175,6 @@ func helmTemplate(appPath string, repoRoot string, env *v1alpha1.Env, q *apiclie } if err != nil { - var reposNotPermitted []string - // We do a sanity check here to give a nicer error message in case any of the Helm repositories are not permitted by - // the AppProject which the application is a part of - for _, repo := range helmRepos { - msg := err.Error() - - chartCannotBeReached := strings.Contains(msg, "is not a valid chart repository or cannot be reached") - couldNotDownloadChart := strings.Contains(msg, "could not download") - - if (chartCannotBeReached || couldNotDownloadChart) && !isSourcePermitted(repo.Repo, q.ProjectSourceRepos) { - reposNotPermitted = append(reposNotPermitted, repo.Repo) - } - } - - if len(reposNotPermitted) > 0 { - return nil, status.Errorf(codes.PermissionDenied, "helm repos %s are not permitted in project '%s'", strings.Join(reposNotPermitted, ", "), q.ProjectName) - } - return nil, err } @@ -1242,13 +1207,13 @@ func getResolvedValueFiles( // If the $-prefixed path appears to reference another source, do env substitution _after_ resolving that source. resolvedPath, err = getResolvedRefValueFile(rawValueFile, env, allowedValueFilesSchemas, referencedSource.Repo.Repo, gitRepoPaths) if err != nil { - return nil, fmt.Errorf("error resolving value file path: %w", err) + return nil, err } } else { // This will resolve val to an absolute path (or an URL) resolvedPath, isRemote, err = pathutil.ResolveValueFilePathOrUrl(appPath, repoRoot, env.Envsubst(rawValueFile), allowedValueFilesSchemas) if err != nil { - return nil, fmt.Errorf("error resolving value file path: %w", err) + return nil, err } } @@ -1285,7 +1250,7 @@ func getResolvedRefValueFile( // Resolve the path relative to the referenced repo and block any attempt at traversal. resolvedPath, _, err := pathutil.ResolveValueFilePathOrUrl(repoPath, repoPath, env.Envsubst(substitutedPath), allowedValueFilesSchemas) if err != nil { - return "", fmt.Errorf("error resolving value file path: %w", err) + return "", err } return resolvedPath, nil } @@ -1344,12 +1309,13 @@ func WithCMPTarExcludedGlobs(excludedGlobs []string) GenerateManifestOpt { func GenerateManifests(ctx context.Context, appPath, repoRoot, revision string, q *apiclient.ManifestRequest, isLocal bool, gitCredsStore git.CredsStore, maxCombinedManifestQuantity resource.Quantity, gitRepoPaths io.TempPaths, opts ...GenerateManifestOpt) (*apiclient.ManifestResponse, error) { opt := newGenerateManifestOpt(opts...) var targetObjs []*unstructured.Unstructured + var dest *v1alpha1.ApplicationDestination resourceTracking := argo.NewResourceTracking() appSourceType, err := GetAppSourceType(ctx, q.ApplicationSource, appPath, repoRoot, q.AppName, q.EnabledSourceTypes, opt.cmpTarExcludedGlobs) if err != nil { - return nil, fmt.Errorf("error getting app source type: %w", err) + return nil, err } repoURL := "" if q.Repo != nil { @@ -1368,14 +1334,28 @@ func GenerateManifests(ctx context.Context, appPath, repoRoot, revision string, k := kustomize.NewKustomizeApp(appPath, q.Repo.GetGitCreds(gitCredsStore), repoURL, kustomizeBinary) targetObjs, _, err = k.Build(q.ApplicationSource.Kustomize, q.KustomizeOptions, env) case v1alpha1.ApplicationSourceTypePlugin: - pluginName := "" - if q.ApplicationSource.Plugin != nil { - pluginName = q.ApplicationSource.Plugin.Name + var plugin *v1alpha1.ConfigManagementPlugin + if q.ApplicationSource.Plugin != nil && q.ApplicationSource.Plugin.Name != "" { + plugin = findPlugin(q.Plugins, q.ApplicationSource.Plugin.Name) } - // if pluginName is provided it has to be `-` or just `` if plugin version is empty - targetObjs, err = runConfigManagementPluginSidecars(ctx, appPath, repoRoot, pluginName, env, q, q.Repo.GetGitCreds(gitCredsStore), opt.cmpTarDoneCh, opt.cmpTarExcludedGlobs) - if err != nil { - err = fmt.Errorf("plugin sidecar failed. %s", err.Error()) + if plugin != nil { + // argocd-cm deprecated plugin is being used + targetObjs, err = runConfigManagementPlugin(appPath, repoRoot, env, q, q.Repo.GetGitCreds(gitCredsStore), plugin) + log.WithFields(map[string]interface{}{ + "application": q.AppName, + "plugin": q.ApplicationSource.Plugin.Name, + }).Warnf(common.ConfigMapPluginDeprecationWarning) + } else { + // if the named plugin was not found in argocd-cm try sidecar plugin + pluginName := "" + if q.ApplicationSource.Plugin != nil { + pluginName = q.ApplicationSource.Plugin.Name + } + // if pluginName is provided it has to be `-` or just `` if plugin version is empty + targetObjs, err = runConfigManagementPluginSidecars(ctx, appPath, repoRoot, pluginName, env, q, q.Repo.GetGitCreds(gitCredsStore), opt.cmpTarDoneCh, opt.cmpTarExcludedGlobs) + if err != nil { + err = fmt.Errorf("plugin sidecar failed. %s", err.Error()) + } } case v1alpha1.ApplicationSourceTypeDirectory: var directory *v1alpha1.ApplicationSourceDirectory @@ -1418,7 +1398,7 @@ func GenerateManifests(ctx context.Context, appPath, repoRoot, revision string, if q.AppLabelKey != "" && q.AppName != "" && !kube.IsCRD(target) { err = resourceTracking.SetAppInstance(target, q.AppLabelKey, q.AppName, q.Namespace, v1alpha1.TrackingMethod(q.TrackingMethod)) if err != nil { - return nil, fmt.Errorf("failed to set app instance tracking info on manifest: %w", err) + return nil, err } } manifestStr, err := json.Marshal(target.Object) @@ -1429,22 +1409,22 @@ func GenerateManifests(ctx context.Context, appPath, repoRoot, revision string, } } - return &apiclient.ManifestResponse{ + res := apiclient.ManifestResponse{ Manifests: manifests, SourceType: string(appSourceType), - }, nil + } + if dest != nil { + res.Namespace = dest.Namespace + res.Server = dest.Server + } + return &res, nil } func newEnv(q *apiclient.ManifestRequest, revision string) *v1alpha1.Env { - shortRevision := revision - if len(shortRevision) > 7 { - shortRevision = shortRevision[:7] - } return &v1alpha1.Env{ &v1alpha1.EnvEntry{Name: "ARGOCD_APP_NAME", Value: q.AppName}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_NAMESPACE", Value: q.Namespace}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_REVISION", Value: revision}, - &v1alpha1.EnvEntry{Name: "ARGOCD_APP_REVISION_SHORT", Value: shortRevision}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_SOURCE_REPO_URL", Value: q.Repo.Repo}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_SOURCE_PATH", Value: q.ApplicationSource.Path}, &v1alpha1.EnvEntry{Name: "ARGOCD_APP_SOURCE_TARGET_REVISION", Value: q.ApplicationSource.TargetRevision}, @@ -1529,7 +1509,7 @@ func GetAppSourceType(ctx context.Context, source *v1alpha1.ApplicationSource, a } appType, err := discovery.AppType(ctx, appPath, repoPath, enableGenerateManifests, tarExcludedGlobs) if err != nil { - return "", fmt.Errorf("error getting app source type: %v", err) + return "", err } return v1alpha1.ApplicationSourceType(appType), nil } @@ -1837,17 +1817,74 @@ func makeJsonnetVm(appPath string, repoRoot string, sourceJsonnet v1alpha1.Appli return vm, nil } -func getPluginEnvs(env *v1alpha1.Env, q *apiclient.ManifestRequest, creds git.Creds) ([]string, error) { +func runCommand(command v1alpha1.Command, path string, env []string) (string, error) { + if len(command.Command) == 0 { + return "", fmt.Errorf("Command is empty") + } + cmd := exec.Command(command.Command[0], append(command.Command[1:], command.Args...)...) + cmd.Env = env + cmd.Dir = path + return executil.Run(cmd) +} + +func findPlugin(plugins []*v1alpha1.ConfigManagementPlugin, name string) *v1alpha1.ConfigManagementPlugin { + for _, plugin := range plugins { + if plugin.Name == name { + return plugin + } + } + return nil +} + +func runConfigManagementPlugin(appPath, repoRoot string, envVars *v1alpha1.Env, q *apiclient.ManifestRequest, creds git.Creds, plugin *v1alpha1.ConfigManagementPlugin) ([]*unstructured.Unstructured, error) { + // Plugins can request to lock the complete repository when they need to + // use git client operations. + if plugin.LockRepo { + manifestGenerateLock.Lock(repoRoot) + defer manifestGenerateLock.Unlock(repoRoot) + } else { + concurrencyAllowed := isConcurrencyAllowed(appPath) + if !concurrencyAllowed { + manifestGenerateLock.Lock(appPath) + defer manifestGenerateLock.Unlock(appPath) + } + } + + env, err := getPluginEnvs(envVars, q, creds, false) + if err != nil { + return nil, err + } + + if plugin.Init != nil { + _, err := runCommand(*plugin.Init, appPath, env) + if err != nil { + return nil, err + } + } + out, err := runCommand(plugin.Generate, appPath, env) + if err != nil { + return nil, err + } + return kube.SplitYAML([]byte(out)) +} + +func getPluginEnvs(env *v1alpha1.Env, q *apiclient.ManifestRequest, creds git.Creds, remote bool) ([]string, error) { envVars := env.Environ() envVars = append(envVars, "KUBE_VERSION="+text.SemVer(q.KubeVersion)) envVars = append(envVars, "KUBE_API_VERSIONS="+strings.Join(q.ApiVersions, ",")) - return getPluginParamEnvs(envVars, q.ApplicationSource.Plugin, creds) + return getPluginParamEnvs(envVars, q.ApplicationSource.Plugin, creds, remote) } // getPluginParamEnvs gets environment variables for plugin parameter announcement generation. -func getPluginParamEnvs(envVars []string, plugin *v1alpha1.ApplicationSourcePlugin, creds git.Creds) ([]string, error) { +func getPluginParamEnvs(envVars []string, plugin *v1alpha1.ApplicationSourcePlugin, creds git.Creds, remote bool) ([]string, error) { env := envVars + // Local plugins need also to have access to the local environment variables. + // Remote sidecar plugins will use the environment in the sidecar + // container. + if !remote { + env = append(os.Environ(), envVars...) + } if creds != nil { closer, environ, err := creds.Environ() if err != nil { @@ -1884,12 +1921,12 @@ func getPluginParamEnvs(envVars []string, plugin *v1alpha1.ApplicationSourcePlug func runConfigManagementPluginSidecars(ctx context.Context, appPath, repoPath, pluginName string, envVars *v1alpha1.Env, q *apiclient.ManifestRequest, creds git.Creds, tarDoneCh chan<- bool, tarExcludedGlobs []string) ([]*unstructured.Unstructured, error) { // compute variables. - env, err := getPluginEnvs(envVars, q, creds) + env, err := getPluginEnvs(envVars, q, creds, true) if err != nil { return nil, err } - // detect config management plugin server + // detect config management plugin server (sidecar) conn, cmpClient, err := discovery.DetectConfigManagementPlugin(ctx, appPath, repoPath, pluginName, env, tarExcludedGlobs) if err != nil { return nil, err @@ -1965,7 +2002,7 @@ func (s *Service) GetAppDetails(ctx context.Context, q *apiclient.RepoServerAppD } case v1alpha1.ApplicationSourceTypePlugin: if err := populatePluginAppDetails(ctx, res, opContext.appPath, repoRoot, q, s.gitCredsStore, s.initConstants.CMPTarExcludedGlobs); err != nil { - return fmt.Errorf("failed to populate plugin app details: %w", err) + log.Warnf("failed to populate plugin app details - this is expected if the app is meant to use an argocd-cm plugin: %v", err) } } _ = s.cache.SetAppDetails(revision, q.Source, q.RefSources, res, v1alpha1.TrackingMethod(q.TrackingMethod), nil) @@ -1986,7 +2023,7 @@ func (s *Service) createGetAppDetailsCacheHandler(res *apiclient.RepoAppDetailsR return true, nil } - if err != cache.ErrCacheMiss { + if err != reposervercache.ErrCacheMiss { log.Warnf("app details cache error %s: %v", revision, q.Source) } else { log.Infof("app details cache miss: %s/%s", revision, q.Source) @@ -2058,7 +2095,7 @@ func populateHelmAppDetails(res *apiclient.RepoAppDetailsResponse, appPath strin for _, v := range fileParameters(q) { res.Helm.FileParameters = append(res.Helm.FileParameters, &v1alpha1.HelmFileParameter{ Name: v.Name, - Path: v.Path, // filepath.Join(appPath, v.Path), + Path: v.Path, //filepath.Join(appPath, v.Path), }) } return nil @@ -2071,7 +2108,7 @@ func loadFileIntoIfExists(path pathutil.ResolvedFilePath, destination *string) e if err == nil && !info.IsDir() { bytes, err := os.ReadFile(stringPath) if err != nil { - return fmt.Errorf("error reading file from %s: %w", stringPath, err) + return err } *destination = string(bytes) } @@ -2084,7 +2121,7 @@ func findHelmValueFilesInPath(path string) ([]string, error) { files, err := os.ReadDir(path) if err != nil { - return result, fmt.Errorf("error reading helm values file from %s: %w", path, err) + return result, err } for _, f := range files { @@ -2135,7 +2172,7 @@ func populatePluginAppDetails(ctx context.Context, res *apiclient.RepoAppDetails fmt.Sprintf("ARGOCD_APP_SOURCE_TARGET_REVISION=%s", q.Source.TargetRevision), } - env, err := getPluginParamEnvs(envVars, q.Source.Plugin, creds) + env, err := getPluginParamEnvs(envVars, q.Source.Plugin, creds, true) if err != nil { return fmt.Errorf("failed to get env vars for plugin: %w", err) } @@ -2151,17 +2188,17 @@ func populatePluginAppDetails(ctx context.Context, res *apiclient.RepoAppDetails } defer io.Close(conn) - parametersAnnouncementStream, err := cmpClient.GetParametersAnnouncement(ctx, grpc_retry.Disable()) + generateManifestStream, err := cmpClient.GetParametersAnnouncement(ctx, grpc_retry.Disable()) if err != nil { - return fmt.Errorf("error getting parametersAnnouncementStream: %w", err) + return fmt.Errorf("error getting generateManifestStream: %w", err) } - err = cmp.SendRepoStream(parametersAnnouncementStream.Context(), appPath, repoPath, parametersAnnouncementStream, env, tarExcludedGlobs) + err = cmp.SendRepoStream(generateManifestStream.Context(), appPath, repoPath, generateManifestStream, env, tarExcludedGlobs) if err != nil { return fmt.Errorf("error sending file to cmp-server: %s", err) } - announcement, err := parametersAnnouncementStream.CloseAndRecv() + announcement, err := generateManifestStream.CloseAndRecv() if err != nil { return fmt.Errorf("failed to get parameter anouncement: %w", err) } @@ -2193,7 +2230,7 @@ func (s *Service) GetRevisionMetadata(ctx context.Context, q *apiclient.RepoServ return metadata, nil } } else { - if err != cache.ErrCacheMiss { + if err != reposervercache.ErrCacheMiss { log.Warnf("revision metadata cache error %s/%s: %v", q.Repo.Repo, q.Revision, err) } else { log.Infof("revision metadata cache miss: %s/%s", q.Repo.Repo, q.Revision) @@ -2213,7 +2250,7 @@ func (s *Service) GetRevisionMetadata(ctx context.Context, q *apiclient.RepoServ }) if err != nil { - return nil, fmt.Errorf("error acquiring repo lock: %w", err) + return nil, err } defer io.Close(closer) @@ -2249,45 +2286,6 @@ func (s *Service) GetRevisionMetadata(ctx context.Context, q *apiclient.RepoServ return metadata, nil } -// GetRevisionChartDetails returns the helm chart details of a given version -func (s *Service) GetRevisionChartDetails(ctx context.Context, q *apiclient.RepoServerRevisionChartDetailsRequest) (*v1alpha1.ChartDetails, error) { - details, err := s.cache.GetRevisionChartDetails(q.Repo.Repo, q.Name, q.Revision) - if err == nil { - log.Infof("revision chart details cache hit: %s/%s/%s", q.Repo.Repo, q.Name, q.Revision) - return details, nil - } else { - if err == cache.ErrCacheMiss { - log.Infof("revision metadata cache miss: %s/%s/%s", q.Repo.Repo, q.Name, q.Revision) - } else { - log.Warnf("revision metadata cache error %s/%s/%s: %v", q.Repo.Repo, q.Name, q.Revision, err) - } - } - helmClient, revision, err := s.newHelmClientResolveRevision(q.Repo, q.Revision, q.Name, true) - if err != nil { - return nil, fmt.Errorf("helm client error: %v", err) - } - chartPath, closer, err := helmClient.ExtractChart(q.Name, revision, false) - if err != nil { - return nil, fmt.Errorf("error extracting chart: %v", err) - } - defer io.Close(closer) - helmCmd, err := helm.NewCmdWithVersion(chartPath, helm.HelmV3, q.Repo.EnableOCI, q.Repo.Proxy) - if err != nil { - return nil, fmt.Errorf("error creating helm cmd: %v", err) - } - defer helmCmd.Close() - helmDetails, err := helmCmd.InspectChart() - if err != nil { - return nil, fmt.Errorf("error inspecting chart: %v", err) - } - details, err = getChartDetails(helmDetails) - if err != nil { - return nil, fmt.Errorf("error getting chart details: %v", err) - } - _ = s.cache.SetRevisionChartDetails(q.Repo.Repo, q.Name, q.Revision, details) - return details, nil -} - func fileParameters(q *apiclient.RepoServerAppDetailsQuery) []v1alpha1.HelmFileParameter { if q.Source.Helm == nil { return nil @@ -2502,141 +2500,3 @@ func (s *Service) ResolveRevision(ctx context.Context, q *apiclient.ResolveRevis }, nil } } - -func (s *Service) GetGitFiles(_ context.Context, request *apiclient.GitFilesRequest) (*apiclient.GitFilesResponse, error) { - repo := request.GetRepo() - revision := request.GetRevision() - gitPath := request.GetPath() - enableNewGitFileGlobbing := request.GetNewGitFileGlobbingEnabled() - if gitPath == "" { - gitPath = "." - } - - if repo == nil { - return nil, status.Error(codes.InvalidArgument, "must pass a valid repo") - } - - gitClient, revision, err := s.newClientResolveRevision(repo, revision, git.WithCache(s.cache, true)) - if err != nil { - return nil, status.Errorf(codes.Internal, "unable to resolve git revision %s: %v", revision, err) - } - - // check the cache and return the results if present - if cachedFiles, err := s.cache.GetGitFiles(repo.Repo, revision, gitPath); err == nil { - log.Debugf("cache hit for repo: %s revision: %s pattern: %s", repo.Repo, revision, gitPath) - return &apiclient.GitFilesResponse{ - Map: cachedFiles, - }, nil - } - - s.metricsServer.IncPendingRepoRequest(repo.Repo) - defer s.metricsServer.DecPendingRepoRequest(repo.Repo) - - // cache miss, generate the results - closer, err := s.repoLock.Lock(gitClient.Root(), revision, true, func() (goio.Closer, error) { - return s.checkoutRevision(gitClient, revision, request.GetSubmoduleEnabled()) - }) - if err != nil { - return nil, status.Errorf(codes.Internal, "unable to checkout git repo %s with revision %s pattern %s: %v", repo.Repo, revision, gitPath, err) - } - defer io.Close(closer) - - gitFiles, err := gitClient.LsFiles(gitPath, enableNewGitFileGlobbing) - if err != nil { - return nil, status.Errorf(codes.Internal, "unable to list files. repo %s with revision %s pattern %s: %v", repo.Repo, revision, gitPath, err) - } - log.Debugf("listed %d git files from %s under %s", len(gitFiles), repo.Repo, gitPath) - - res := make(map[string][]byte) - for _, filePath := range gitFiles { - fileContents, err := os.ReadFile(filepath.Join(gitClient.Root(), filePath)) - if err != nil { - return nil, status.Errorf(codes.Internal, "unable to read files. repo %s with revision %s pattern %s: %v", repo.Repo, revision, gitPath, err) - } - res[filePath] = fileContents - } - - err = s.cache.SetGitFiles(repo.Repo, revision, gitPath, res) - if err != nil { - log.Warnf("error caching git files for repo %s with revision %s pattern %s: %v", repo.Repo, revision, gitPath, err) - } - - return &apiclient.GitFilesResponse{ - Map: res, - }, nil -} - -func (s *Service) GetGitDirectories(_ context.Context, request *apiclient.GitDirectoriesRequest) (*apiclient.GitDirectoriesResponse, error) { - repo := request.GetRepo() - revision := request.GetRevision() - - if repo == nil { - return nil, status.Error(codes.InvalidArgument, "must pass a valid repo") - } - - gitClient, revision, err := s.newClientResolveRevision(repo, revision, git.WithCache(s.cache, true)) - if err != nil { - return nil, status.Errorf(codes.Internal, "unable to resolve git revision %s: %v", revision, err) - } - - // check the cache and return the results if present - if cachedPaths, err := s.cache.GetGitDirectories(repo.Repo, revision); err == nil { - log.Debugf("cache hit for repo: %s revision: %s", repo.Repo, revision) - return &apiclient.GitDirectoriesResponse{ - Paths: cachedPaths, - }, nil - } - - s.metricsServer.IncPendingRepoRequest(repo.Repo) - defer s.metricsServer.DecPendingRepoRequest(repo.Repo) - - // cache miss, generate the results - closer, err := s.repoLock.Lock(gitClient.Root(), revision, true, func() (goio.Closer, error) { - return s.checkoutRevision(gitClient, revision, request.GetSubmoduleEnabled()) - }) - if err != nil { - return nil, status.Errorf(codes.Internal, "unable to checkout git repo %s with revision %s: %v", repo.Repo, revision, err) - } - defer io.Close(closer) - - repoRoot := gitClient.Root() - var paths []string - if err := filepath.WalkDir(repoRoot, func(path string, entry fs.DirEntry, fnErr error) error { - if fnErr != nil { - return fmt.Errorf("error walking the file tree: %w", fnErr) - } - if !entry.IsDir() { // Skip files: directories only - return nil - } - - fname := entry.Name() - if strings.HasPrefix(fname, ".") { // Skip all folders starts with "." - return filepath.SkipDir - } - - relativePath, err := filepath.Rel(repoRoot, path) - if err != nil { - return fmt.Errorf("error constructing relative repo path: %w", err) - } - - if relativePath == "." { // Exclude '.' from results - return nil - } - - paths = append(paths, relativePath) - - return nil - }); err != nil { - return nil, err - } - - log.Debugf("found %d git paths from %s", len(paths), repo.Repo) - err = s.cache.SetGitDirectories(repo.Repo, revision, paths) - if err != nil { - log.Warnf("error caching git directories for repo %s with revision %s: %v", repo.Repo, revision, err) - } - - return &apiclient.GitDirectoriesResponse{ - Paths: paths, - }, nil -} diff --git a/reposerver/repository/repository.proto b/reposerver/repository/repository.proto index 8e4b69000f7e1..c5212265d33b7 100644 --- a/reposerver/repository/repository.proto +++ b/reposerver/repository/repository.proto @@ -18,7 +18,6 @@ message ManifestRequest { string namespace = 8; github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ApplicationSource applicationSource = 10; repeated github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Repository repos = 11; - // Deprecated: use sidecar plugins instead. repeated github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ConfigManagementPlugin plugins = 12; github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.KustomizeOptions kustomizeOptions = 13; string kubeVersion = 14; @@ -32,10 +31,6 @@ message ManifestRequest { github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.HelmOptions helmOptions = 21; bool hasMultipleSources = 22; map refSources = 23; - // This is used to surface "source not permitted" errors for Helm repositories - repeated string projectSourceRepos = 24; - // This is used to surface "source not permitted" errors for Helm repositories - string projectName = 25; } message ManifestRequestWithFiles { @@ -94,13 +89,13 @@ message ManifestResponse { } message ListRefsRequest { - github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Repository repo = 1; + github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Repository repo = 1; } // A subset of the repository's named refs message Refs { - repeated string branches = 1; - repeated string tags = 2; + repeated string branches = 1; + repeated string tags = 2; } // ListAppsRequest requests a repository directory structure @@ -141,11 +136,11 @@ message RepoServerAppDetailsQuery { // RepoAppDetailsResponse application details message RepoAppDetailsResponse { - string type = 1; - HelmAppSpec helm = 3; - KustomizeAppSpec kustomize = 4; - DirectoryAppSpec directory = 5; - PluginAppSpec plugin = 6; + string type = 1; + HelmAppSpec helm = 3; + KustomizeAppSpec kustomize = 4; + DirectoryAppSpec directory = 5; + PluginAppSpec plugin = 6; } message RepoServerRevisionMetadataRequest { @@ -157,31 +152,22 @@ message RepoServerRevisionMetadataRequest { bool checkSignature = 3; } -message RepoServerRevisionChartDetailsRequest { - // the repo - github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Repository repo = 1; - // the chart - string name = 2; - // the revision within the chart - string revision = 3; -} - // HelmAppSpec contains helm app name in source repo message HelmAppSpec { - string name = 1; - repeated string valueFiles = 3; - // the output of `helm inspect values` - repeated github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.HelmParameter parameters = 4; - // the contents of values.yaml - string values = 5; + string name = 1; + repeated string valueFiles = 3; + // the output of `helm inspect values` + repeated github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.HelmParameter parameters = 4; + // the contents of values.yaml + string values = 5; // helm file parameters repeated github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.HelmFileParameter fileParameters = 6; } // KustomizeAppSpec contains kustomize images message KustomizeAppSpec { - // images is a list of available images. - repeated string images = 3; + // images is a list of available images. + repeated string images = 3; } // DirectoryAppSpec contains directory @@ -230,30 +216,6 @@ message HelmChartsResponse { repeated HelmChart items = 1; } -message GitFilesRequest { - github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Repository repo = 1; - bool submoduleEnabled = 2; - string revision = 3; - string path = 4; - bool NewGitFileGlobbingEnabled = 5; -} - -message GitFilesResponse { - // Map consisting of path of the path to its contents in bytes - map map = 1; -} - -message GitDirectoriesRequest { - github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Repository repo = 1; - bool submoduleEnabled = 2; - string revision = 3; -} - -message GitDirectoriesResponse { - // A set of directory paths - repeated string paths = 1; -} - // ManifestService service RepoServerService { @@ -272,7 +234,7 @@ service RepoServerService { // Returns a valid revision rpc ResolveRevision(ResolveRevisionRequest) returns (ResolveRevisionResponse) { } - + // Returns a list of refs (e.g. branches and tags) in the repo rpc ListRefs(ListRefsRequest) returns (Refs) { } @@ -292,20 +254,8 @@ service RepoServerService { // Get the meta-data (author, date, tags, message) for a specific revision of the repo rpc GetRevisionMetadata(RepoServerRevisionMetadataRequest) returns (github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.RevisionMetadata) { } - - // Get the chart details (author, date, tags, message) for a specific revision of the repo - rpc GetRevisionChartDetails(RepoServerRevisionChartDetailsRequest) returns (github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ChartDetails) { - } // GetHelmCharts returns list of helm charts in the specified repository rpc GetHelmCharts(HelmChartsRequest) returns (HelmChartsResponse) { } - - // GetGitFiles returns a set of file paths and their contents for the given repo - rpc GetGitFiles(GitFilesRequest) returns (GitFilesResponse) { - } - - // GetGitDirectories returns a set of directory paths for the given repo - rpc GetGitDirectories(GitDirectoriesRequest) returns (GitDirectoriesResponse) { - } } diff --git a/reposerver/repository/repository_test.go b/reposerver/repository/repository_test.go index 0ae2c4ba20404..bcdbd75b56b21 100644 --- a/reposerver/repository/repository_test.go +++ b/reposerver/repository/repository_test.go @@ -20,13 +20,13 @@ import ( log "github.com/sirupsen/logrus" "k8s.io/apimachinery/pkg/api/resource" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" v1 "k8s.io/api/apps/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/yaml" argoappv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/reposerver/apiclient" @@ -153,15 +153,10 @@ func TestGenerateYamlManifestInDir(t *testing.T) { service := newService("../../manifests/base") src := argoappv1.ApplicationSource{Path: "."} - q := apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: &src, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, - } + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src} // update this value if we add/remove manifests - const countOfManifests = 48 + const countOfManifests = 49 res1, err := service.GenerateManifest(context.Background(), &q) @@ -224,8 +219,7 @@ func Test_GenerateManifests_NoOutOfBoundsAccess(t *testing.T) { mustNotContain = testCaseCopy.mustNotContain } - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &argoappv1.ApplicationSource{}, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &argoappv1.ApplicationSource{}} res, err := GenerateManifests(context.Background(), repoDir, "", "", &q, false, &git.NoopCredsStore{}, resource.MustParse("0"), nil) require.Error(t, err) assert.NotContains(t, err.Error(), mustNotContain) @@ -240,8 +234,7 @@ func TestGenerateManifests_MissingSymlinkDestination(t *testing.T) { err := os.Symlink("/obviously/does/not/exist", path.Join(repoDir, "test.yaml")) require.NoError(t, err) - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &argoappv1.ApplicationSource{}, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &argoappv1.ApplicationSource{}} _, err = GenerateManifests(context.Background(), repoDir, "", "", &q, false, &git.NoopCredsStore{}, resource.MustParse("0"), nil) require.NoError(t, err) } @@ -251,11 +244,8 @@ func TestGenerateManifests_K8SAPIResetCache(t *testing.T) { src := argoappv1.ApplicationSource{Path: "."} q := apiclient.ManifestRequest{ - KubeVersion: "v1.16.0", - Repo: &argoappv1.Repository{}, - ApplicationSource: &src, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + KubeVersion: "v1.16.0", + Repo: &argoappv1.Repository{}, ApplicationSource: &src, } cachedFakeResponse := &apiclient.ManifestResponse{Manifests: []string{"Fake"}} @@ -279,10 +269,7 @@ func TestGenerateManifests_EmptyCache(t *testing.T) { src := argoappv1.ApplicationSource{Path: "."} q := apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: &src, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + Repo: &argoappv1.Repository{}, ApplicationSource: &src, } err := service.cache.SetManifests(mock.Anything, &src, q.RefSources, &q, "", "", "", "", &cache.CachedManifestResponse{ManifestResponse: nil}, nil) @@ -297,8 +284,7 @@ func TestGenerateManifests_EmptyCache(t *testing.T) { func TestHelmManifestFromChartRepo(t *testing.T) { service := newService(".") source := &argoappv1.ApplicationSource{Chart: "my-chart", TargetRevision: ">= 1.0.0"} - request := &apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: source, NoCache: true, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + request := &apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: source, NoCache: true} response, err := service.GenerateManifest(context.Background(), request) assert.NoError(t, err) assert.NotNil(t, response) @@ -327,8 +313,7 @@ func TestHelmChartReferencingExternalValues(t *testing.T) { }, nil) refSources, err := argo.GetRefSources(context.Background(), spec, repoDB) require.NoError(t, err) - request := &apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &spec.Sources[0], NoCache: true, RefSources: refSources, HasMultipleSources: true, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + request := &apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &spec.Sources[0], NoCache: true, RefSources: refSources, HasMultipleSources: true} response, err := service.GenerateManifest(context.Background(), request) assert.NoError(t, err) assert.NotNil(t, response) @@ -380,8 +365,7 @@ func TestGenerateManifestsUseExactRevision(t *testing.T) { src := argoappv1.ApplicationSource{Path: "./testdata/recurse", Directory: &argoappv1.ApplicationSourceDirectory{Recurse: true}} - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, Revision: "abc", ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, Revision: "abc"} res1, err := service.GenerateManifest(context.Background(), &q) assert.Nil(t, err) @@ -394,8 +378,7 @@ func TestRecurseManifestsInDir(t *testing.T) { src := argoappv1.ApplicationSource{Path: "./testdata/recurse", Directory: &argoappv1.ApplicationSourceDirectory{Recurse: true}} - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src} res1, err := service.GenerateManifest(context.Background(), &q) assert.Nil(t, err) @@ -413,28 +396,6 @@ func TestInvalidManifestsInDir(t *testing.T) { assert.NotNil(t, err) } -func TestInvalidMetadata(t *testing.T) { - service := newService(".") - - src := argoappv1.ApplicationSource{Path: "./testdata/invalid-metadata", Directory: &argoappv1.ApplicationSourceDirectory{Recurse: true}} - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, AppLabelKey: "test", AppName: "invalid-metadata", TrackingMethod: "annotation+label"} - _, err := service.GenerateManifest(context.Background(), &q) - assert.Error(t, err) - assert.Contains(t, err.Error(), "contains non-string key in the map") -} - -func TestNilMetadataAccessors(t *testing.T) { - service := newService(".") - expected := "{\"apiVersion\":\"v1\",\"kind\":\"ConfigMap\",\"metadata\":{\"annotations\":{\"argocd.argoproj.io/tracking-id\":\"nil-metadata-accessors:/ConfigMap:/my-map\"},\"labels\":{\"test\":\"nil-metadata-accessors\"},\"name\":\"my-map\"},\"stringData\":{\"foo\":\"bar\"}}" - - src := argoappv1.ApplicationSource{Path: "./testdata/nil-metadata-accessors", Directory: &argoappv1.ApplicationSourceDirectory{Recurse: true}} - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, AppLabelKey: "test", AppName: "nil-metadata-accessors", TrackingMethod: "annotation+label"} - res, err := service.GenerateManifest(context.Background(), &q) - assert.NoError(t, err) - assert.Equal(t, len(res.Manifests), 1) - assert.Equal(t, expected, res.Manifests[0]) -} - func TestGenerateJsonnetManifestInDir(t *testing.T) { service := newService(".") @@ -450,8 +411,6 @@ func TestGenerateJsonnetManifestInDir(t *testing.T) { }, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, } res1, err := service.GenerateManifest(context.Background(), &q) assert.Nil(t, err) @@ -473,8 +432,6 @@ func TestGenerateJsonnetManifestInRootDir(t *testing.T) { }, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, } res1, err := service.GenerateManifest(context.Background(), &q) assert.Nil(t, err) @@ -494,8 +451,6 @@ func TestGenerateJsonnetLibOutside(t *testing.T) { }, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, } _, err := service.GenerateManifest(context.Background(), &q) require.Error(t, err) @@ -670,8 +625,6 @@ func TestManifestGenErrorCacheFileContentsChange(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: ".", }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) fmt.Println("-", step, "-", res != nil, err != nil, errorExpected) @@ -836,12 +789,10 @@ func TestGenerateHelmWithValues(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: ".", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"values-production.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"values-production.yaml"}, + Values: `cluster: {slaveCount: 2}`, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.NoError(t, err) @@ -877,8 +828,6 @@ func TestHelmWithMissingValueFiles(t *testing.T) { ValueFiles: []string{"values-production.yaml", missingValuesFile}, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, } // Should fail since we're passing a non-existent values file, and error should indicate that @@ -904,8 +853,6 @@ func TestGenerateHelmWithEnvVars(t *testing.T) { ValueFiles: []string{"values-$ARGOCD_APP_NAME.yaml"}, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.NoError(t, err) @@ -928,7 +875,7 @@ func TestGenerateHelmWithEnvVars(t *testing.T) { } // The requested value file (`../minio/values.yaml`) is outside the app path (`./util/helm/testdata/redis`), however -// since the requested value is still under the repo directory (`~/go/src/github.com/argoproj/argo-cd`), it is allowed +// since the requested value is sill under the repo directory (`~/go/src/github.com/argoproj/argo-cd`), it is allowed func TestGenerateHelmWithValuesDirectoryTraversal(t *testing.T) { service := newService("../../util/helm/testdata") _, err := service.GenerateManifest(context.Background(), &apiclient.ManifestRequest{ @@ -937,12 +884,10 @@ func TestGenerateHelmWithValuesDirectoryTraversal(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: "./redis", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"../minio/values.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"../minio/values.yaml"}, + Values: `cluster: {slaveCount: 2}`, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.NoError(t, err) @@ -954,8 +899,6 @@ func TestGenerateHelmWithValuesDirectoryTraversal(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: "./my-chart", }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.NoError(t, err) } @@ -979,12 +922,7 @@ func TestHelmManifestFromChartRepoWithValueFile(t *testing.T) { ValueFiles: []string{"./my-chart-values.yaml"}, }, } - request := &apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: source, - NoCache: true, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + request := &apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: source, NoCache: true} response, err := service.GenerateManifest(context.Background(), request) assert.NoError(t, err) assert.NotNil(t, response) @@ -1023,8 +961,7 @@ func TestHelmManifestFromChartRepoWithValueFileLinks(t *testing.T) { ValueFiles: []string{"my-chart-link.yaml"}, }, } - request := &apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: source, NoCache: true, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + request := &apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: source, NoCache: true} _, err := service.GenerateManifest(context.Background(), request) assert.NoError(t, err) }) @@ -1039,13 +976,11 @@ func TestGenerateHelmWithURL(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: ".", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"https://raw.githubusercontent.com/argoproj/argocd-example-apps/master/helm-guestbook/values.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"https://raw.githubusercontent.com/argoproj/argocd-example-apps/master/helm-guestbook/values.yaml"}, + Values: `cluster: {slaveCount: 2}`, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, - HelmOptions: &argoappv1.HelmOptions{ValuesFileSchemes: []string{"https"}}, + HelmOptions: &argoappv1.HelmOptions{ValuesFileSchemes: []string{"https"}}, }) assert.NoError(t, err) } @@ -1061,12 +996,10 @@ func TestGenerateHelmWithValuesDirectoryTraversalOutsideRepo(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: ".", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"../minio/values.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"../minio/values.yaml"}, + Values: `cluster: {slaveCount: 2}`, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.Error(t, err) assert.Contains(t, err.Error(), "outside repository root") @@ -1080,12 +1013,10 @@ func TestGenerateHelmWithValuesDirectoryTraversalOutsideRepo(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: "./my-chart", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"../my-chart/my-chart-values.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"../my-chart/my-chart-values.yaml"}, + Values: `cluster: {slaveCount: 2}`, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.NoError(t, err) }) @@ -1098,12 +1029,10 @@ func TestGenerateHelmWithValuesDirectoryTraversalOutsideRepo(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: "./my-chart", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"/my-chart/my-chart-values.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"/my-chart/my-chart-values.yaml"}, + Values: `cluster: {slaveCount: 2}`, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.NoError(t, err) }) @@ -1116,12 +1045,10 @@ func TestGenerateHelmWithValuesDirectoryTraversalOutsideRepo(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: "./my-chart", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"/../../../my-chart-values.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"/../../../my-chart-values.yaml"}, + Values: `cluster: {slaveCount: 2}`, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.Error(t, err) assert.Contains(t, err.Error(), "outside repository root") @@ -1135,12 +1062,10 @@ func TestGenerateHelmWithValuesDirectoryTraversalOutsideRepo(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: "./my-chart", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"file://../../../../my-chart-values.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"file://../../../../my-chart-values.yaml"}, + Values: `cluster: {slaveCount: 2}`, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.Error(t, err) assert.Contains(t, err.Error(), "is not allowed") @@ -1157,9 +1082,7 @@ func TestGenerateHelmWithValuesDirectoryTraversalOutsideRepo(t *testing.T) { ValueFiles: []string{"s3://my-bucket/my-chart-values.yaml"}, }, }, - HelmOptions: &argoappv1.HelmOptions{ValuesFileSchemes: []string{"s3"}}, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + HelmOptions: &argoappv1.HelmOptions{ValuesFileSchemes: []string{"s3"}}, }) assert.Error(t, err) assert.Contains(t, err.Error(), "s3://my-bucket/my-chart-values.yaml: no such file or directory") @@ -1190,47 +1113,43 @@ func TestGenerateHelmWithAbsoluteFileParameter(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: "./util/helm/testdata/redis", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"values-production.yaml"}, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, + ValueFiles: []string{"values-production.yaml"}, + Values: `cluster: {slaveCount: 2}`, FileParameters: []argoappv1.HelmFileParameter{{ Name: "passwordContent", Path: externalSecretPath, }}, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.Error(t, err) } // The requested file parameter (`../external/external-secret.txt`) is outside the app path -// (`./util/helm/testdata/redis`), however since the requested value is still under the repo +// (`./util/helm/testdata/redis`), however since the requested value is sill under the repo // directory (`~/go/src/github.com/argoproj/argo-cd`), it is allowed. It is used as a means of // providing direct content to a helm chart via a specific key. func TestGenerateHelmWithFileParameter(t *testing.T) { service := newService("../../util/helm/testdata") - res, err := service.GenerateManifest(context.Background(), &apiclient.ManifestRequest{ + _, err := service.GenerateManifest(context.Background(), &apiclient.ManifestRequest{ Repo: &argoappv1.Repository{}, AppName: "test", ApplicationSource: &argoappv1.ApplicationSource{ Path: "./redis", Helm: &argoappv1.ApplicationSourceHelm{ - ValueFiles: []string{"values-production.yaml"}, - Values: `cluster: {slaveCount: 10}`, - ValuesObject: &runtime.RawExtension{Raw: []byte(`cluster: {slaveCount: 2}`)}, - FileParameters: []argoappv1.HelmFileParameter{{ - Name: "passwordContent", - Path: "../external/external-secret.txt", - }}, + ValueFiles: []string{"values-production.yaml"}, + Values: `cluster: {slaveCount: 2}`, + FileParameters: []argoappv1.HelmFileParameter{ + argoappv1.HelmFileParameter{ + Name: "passwordContent", + Path: "../external/external-secret.txt", + }, + }, }, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) assert.NoError(t, err) - assert.Contains(t, res.Manifests[6], `"replicas":2`, "ValuesObject should override Values") } func TestGenerateNullList(t *testing.T) { @@ -1238,11 +1157,9 @@ func TestGenerateNullList(t *testing.T) { t.Run("null list", func(t *testing.T) { res1, err := service.GenerateManifest(context.Background(), &apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: &argoappv1.ApplicationSource{Path: "./testdata/null-list"}, - NoCache: true, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + Repo: &argoappv1.Repository{}, + ApplicationSource: &argoappv1.ApplicationSource{Path: "./testdata/null-list"}, + NoCache: true, }) assert.Nil(t, err) assert.Equal(t, len(res1.Manifests), 1) @@ -1251,11 +1168,9 @@ func TestGenerateNullList(t *testing.T) { t.Run("empty list", func(t *testing.T) { res1, err := service.GenerateManifest(context.Background(), &apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: &argoappv1.ApplicationSource{Path: "./testdata/empty-list"}, - NoCache: true, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + Repo: &argoappv1.Repository{}, + ApplicationSource: &argoappv1.ApplicationSource{Path: "./testdata/empty-list"}, + NoCache: true, }) assert.Nil(t, err) assert.Equal(t, len(res1.Manifests), 1) @@ -1264,11 +1179,9 @@ func TestGenerateNullList(t *testing.T) { t.Run("weird list", func(t *testing.T) { res1, err := service.GenerateManifest(context.Background(), &apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: &argoappv1.ApplicationSource{Path: "./testdata/weird-list"}, - NoCache: true, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + Repo: &argoappv1.Repository{}, + ApplicationSource: &argoappv1.ApplicationSource{Path: "./testdata/weird-list"}, + NoCache: true, }) assert.Nil(t, err) assert.Len(t, res1.Manifests, 2) @@ -1289,12 +1202,53 @@ func TestIdentifyAppSourceTypeByAppDirWithKustomizations(t *testing.T) { assert.Equal(t, argoappv1.ApplicationSourceTypeKustomize, sourceType) } +func TestRunCustomTool(t *testing.T) { + service := newService(".") + + res, err := service.GenerateManifest(context.Background(), &apiclient.ManifestRequest{ + AppName: "test-app", + Namespace: "test-namespace", + ApplicationSource: &argoappv1.ApplicationSource{ + Plugin: &argoappv1.ApplicationSourcePlugin{ + Name: "test", + Env: argoappv1.Env{ + { + Name: "TEST_REVISION", + Value: "prefix-$ARGOCD_APP_REVISION", + }, + }, + }, + }, + Plugins: []*argoappv1.ConfigManagementPlugin{{ + Name: "test", + Generate: argoappv1.Command{ + Command: []string{"sh", "-c"}, + Args: []string{`echo "{\"kind\": \"FakeObject\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"GIT_ASKPASS\": \"$GIT_ASKPASS\", \"GIT_USERNAME\": \"$GIT_USERNAME\", \"GIT_PASSWORD\": \"$GIT_PASSWORD\"}, \"labels\": {\"revision\": \"$ARGOCD_ENV_TEST_REVISION\"}}}"`}, + }, + }}, + Repo: &argoappv1.Repository{ + Username: "foo", Password: "bar", + }, + }) + + assert.NoError(t, err) + assert.Equal(t, 1, len(res.Manifests)) + + obj := &unstructured.Unstructured{} + assert.NoError(t, json.Unmarshal([]byte(res.Manifests[0]), obj)) + + assert.Equal(t, obj.GetName(), "test-app") + assert.Equal(t, obj.GetNamespace(), "test-namespace") + assert.Empty(t, obj.GetAnnotations()["GIT_USERNAME"]) + assert.Empty(t, obj.GetAnnotations()["GIT_PASSWORD"]) + // Git client is mocked, so the revision is always mock.Anything + assert.Equal(t, map[string]string{"revision": "prefix-mock.Anything"}, obj.GetLabels()) +} + func TestGenerateFromUTF16(t *testing.T) { q := apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: &argoappv1.ApplicationSource{}, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + Repo: &argoappv1.Repository{}, + ApplicationSource: &argoappv1.ApplicationSource{}, } res1, err := GenerateManifests(context.Background(), "./testdata/utf-16", "/", "", &q, false, &git.NoopCredsStore{}, resource.MustParse("0"), nil) assert.Nil(t, err) @@ -1472,13 +1426,7 @@ func TestGetSignatureVerificationResult(t *testing.T) { service := newServiceWithSignature("../../manifests/base") src := argoappv1.ApplicationSource{Path: "."} - q := apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: &src, - VerifySignature: true, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, - } + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, VerifySignature: true} res, err := service.GenerateManifest(context.Background(), &q) assert.NoError(t, err) @@ -1489,8 +1437,7 @@ func TestGetSignatureVerificationResult(t *testing.T) { service := newServiceWithSignature("../../manifests/base") src := argoappv1.ApplicationSource{Path: "."} - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src} res, err := service.GenerateManifest(context.Background(), &q) assert.NoError(t, err) @@ -1501,8 +1448,7 @@ func TestGetSignatureVerificationResult(t *testing.T) { service := newService("../../manifests/base") src := argoappv1.ApplicationSource{Path: "."} - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, VerifySignature: true, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, VerifySignature: true} res, err := service.GenerateManifest(context.Background(), &q) assert.NoError(t, err) @@ -1513,8 +1459,7 @@ func TestGetSignatureVerificationResult(t *testing.T) { service := newService("../../manifests/base") src := argoappv1.ApplicationSource{Path: "."} - q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, VerifySignature: true, ProjectName: "something", - ProjectSourceRepos: []string{"*"}} + q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src, VerifySignature: true} res, err := service.GenerateManifest(context.Background(), &q) assert.NoError(t, err) @@ -1527,7 +1472,6 @@ func Test_newEnv(t *testing.T) { &argoappv1.EnvEntry{Name: "ARGOCD_APP_NAME", Value: "my-app-name"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_NAMESPACE", Value: "my-namespace"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_REVISION", Value: "my-revision"}, - &argoappv1.EnvEntry{Name: "ARGOCD_APP_REVISION_SHORT", Value: "my-revi"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_SOURCE_REPO_URL", Value: "https://github.com/my-org/my-repo"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_SOURCE_PATH", Value: "my-path"}, &argoappv1.EnvEntry{Name: "ARGOCD_APP_SOURCE_TARGET_REVISION", Value: "my-target-revision"}, @@ -1674,8 +1618,6 @@ func TestGenerateManifestsWithAppParameterFile(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: path, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) require.NoError(t, err) resourceByKindName := make(map[string]*unstructured.Unstructured) @@ -1705,8 +1647,6 @@ func TestGenerateManifestsWithAppParameterFile(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: path, }, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, }) require.NoError(t, err) resourceByKindName := make(map[string]*unstructured.Unstructured) @@ -1736,9 +1676,7 @@ func TestGenerateManifestsWithAppParameterFile(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: path, }, - AppName: "testapp", - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + AppName: "testapp", }) require.NoError(t, err) resourceByKindName := make(map[string]*unstructured.Unstructured) @@ -1768,9 +1706,7 @@ func TestGenerateManifestsWithAppParameterFile(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ Path: path, }, - AppName: "testapp2", - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + AppName: "testapp2", }) require.NoError(t, err) resourceByKindName := make(map[string]*unstructured.Unstructured) @@ -1800,11 +1736,9 @@ func TestGenerateManifestsWithAppParameterFile(t *testing.T) { } sourceCopy := source.DeepCopy() // make a copy in case GenerateManifest mutates it. _, err := service.GenerateManifest(context.Background(), &apiclient.ManifestRequest{ - Repo: &argoappv1.Repository{}, - ApplicationSource: sourceCopy, - AppName: "test", - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + Repo: &argoappv1.Repository{}, + ApplicationSource: sourceCopy, + AppName: "test", }) assert.NoError(t, err) res := &cache.CachedManifestResponse{} @@ -1838,9 +1772,7 @@ func TestGenerateManifestWithAnnotatedAndRegularGitTagHashes(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ TargetRevision: regularGitTagHash, }, - NoCache: true, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + NoCache: true, }, wantError: false, service: newServiceWithCommitSHA(".", regularGitTagHash), @@ -1854,9 +1786,7 @@ func TestGenerateManifestWithAnnotatedAndRegularGitTagHashes(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ TargetRevision: annotatedGitTaghash, }, - NoCache: true, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + NoCache: true, }, wantError: false, service: newServiceWithCommitSHA(".", annotatedGitTaghash), @@ -1870,9 +1800,7 @@ func TestGenerateManifestWithAnnotatedAndRegularGitTagHashes(t *testing.T) { ApplicationSource: &argoappv1.ApplicationSource{ TargetRevision: invalidGitTaghash, }, - NoCache: true, - ProjectName: "something", - ProjectSourceRepos: []string{"*"}, + NoCache: true, }, wantError: true, service: newServiceWithCommitSHA(".", invalidGitTaghash), @@ -2862,182 +2790,3 @@ func Test_getResolvedValueFiles(t *testing.T) { }) } } -func TestErrorGetGitDirectories(t *testing.T) { - type fields struct { - service *Service - } - type args struct { - ctx context.Context - request *apiclient.GitDirectoriesRequest - } - tests := []struct { - name string - fields fields - args args - want *apiclient.GitDirectoriesResponse - wantErr assert.ErrorAssertionFunc - }{ - {name: "InvalidRepo", fields: fields{service: newService(".")}, args: args{ - ctx: context.TODO(), - request: &apiclient.GitDirectoriesRequest{ - Repo: nil, - SubmoduleEnabled: false, - Revision: "HEAD", - }, - }, want: nil, wantErr: assert.Error}, - {name: "InvalidResolveRevision", fields: fields{service: func() *Service { - s, _ := newServiceWithOpt(func(gitClient *gitmocks.Client, helmClient *helmmocks.Client, paths *iomocks.TempPaths) { - gitClient.On("Checkout", mock.Anything, mock.Anything).Return(nil) - gitClient.On("LsRemote", mock.Anything).Return("", fmt.Errorf("ah error")) - paths.On("GetPath", mock.Anything).Return(".", nil) - paths.On("GetPathIfExists", mock.Anything).Return(".", nil) - }, ".") - return s - }()}, args: args{ - ctx: context.TODO(), - request: &apiclient.GitDirectoriesRequest{ - Repo: &argoappv1.Repository{Repo: "not-a-valid-url"}, - SubmoduleEnabled: false, - Revision: "sadfsadf", - }, - }, want: nil, wantErr: assert.Error}, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - s := tt.fields.service - got, err := s.GetGitDirectories(tt.args.ctx, tt.args.request) - if !tt.wantErr(t, err, fmt.Sprintf("GetGitDirectories(%v, %v)", tt.args.ctx, tt.args.request)) { - return - } - assert.Equalf(t, tt.want, got, "GetGitDirectories(%v, %v)", tt.args.ctx, tt.args.request) - }) - } -} - -func TestGetGitDirectories(t *testing.T) { - // test not using the cache - root := "./testdata/git-files-dirs" - s, _ := newServiceWithOpt(func(gitClient *gitmocks.Client, helmClient *helmmocks.Client, paths *iomocks.TempPaths) { - gitClient.On("Init").Return(nil) - gitClient.On("Fetch", mock.Anything).Return(nil) - gitClient.On("Checkout", mock.Anything, mock.Anything).Once().Return(nil) - gitClient.On("LsRemote", "HEAD").Return("632039659e542ed7de0c170a4fcc1c571b288fc0", nil) - gitClient.On("Root").Return(root) - paths.On("GetPath", mock.Anything).Return(root, nil) - paths.On("GetPathIfExists", mock.Anything).Return(root, nil) - }, root) - dirRequest := &apiclient.GitDirectoriesRequest{ - Repo: &argoappv1.Repository{Repo: "a-url.com"}, - SubmoduleEnabled: false, - Revision: "HEAD", - } - directories, err := s.GetGitDirectories(context.TODO(), dirRequest) - assert.Nil(t, err) - assert.ElementsMatch(t, directories.GetPaths(), []string{"app", "app/bar", "app/foo/bar", "somedir", "app/foo"}) - - // do the same request again to use the cache - // we only allow CheckOut to be called once in the mock - directories, err = s.GetGitDirectories(context.TODO(), dirRequest) - assert.Nil(t, err) - assert.ElementsMatch(t, []string{"app", "app/bar", "app/foo/bar", "somedir", "app/foo"}, directories.GetPaths()) -} - -func TestErrorGetGitFiles(t *testing.T) { - type fields struct { - service *Service - } - type args struct { - ctx context.Context - request *apiclient.GitFilesRequest - } - tests := []struct { - name string - fields fields - args args - want *apiclient.GitFilesResponse - wantErr assert.ErrorAssertionFunc - }{ - {name: "InvalidRepo", fields: fields{service: newService(".")}, args: args{ - ctx: context.TODO(), - request: &apiclient.GitFilesRequest{ - Repo: nil, - SubmoduleEnabled: false, - Revision: "HEAD", - }, - }, want: nil, wantErr: assert.Error}, - {name: "InvalidResolveRevision", fields: fields{service: func() *Service { - s, _ := newServiceWithOpt(func(gitClient *gitmocks.Client, helmClient *helmmocks.Client, paths *iomocks.TempPaths) { - gitClient.On("Checkout", mock.Anything, mock.Anything).Return(nil) - gitClient.On("LsRemote", mock.Anything).Return("", fmt.Errorf("ah error")) - paths.On("GetPath", mock.Anything).Return(".", nil) - paths.On("GetPathIfExists", mock.Anything).Return(".", nil) - }, ".") - return s - }()}, args: args{ - ctx: context.TODO(), - request: &apiclient.GitFilesRequest{ - Repo: &argoappv1.Repository{Repo: "not-a-valid-url"}, - SubmoduleEnabled: false, - Revision: "sadfsadf", - }, - }, want: nil, wantErr: assert.Error}, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - s := tt.fields.service - got, err := s.GetGitFiles(tt.args.ctx, tt.args.request) - if !tt.wantErr(t, err, fmt.Sprintf("GetGitFiles(%v, %v)", tt.args.ctx, tt.args.request)) { - return - } - assert.Equalf(t, tt.want, got, "GetGitFiles(%v, %v)", tt.args.ctx, tt.args.request) - }) - } -} - -func TestGetGitFiles(t *testing.T) { - // test not using the cache - files := []string{"./testdata/git-files-dirs/somedir/config.yaml", - "./testdata/git-files-dirs/config.yaml", "./testdata/git-files-dirs/config.yaml", "./testdata/git-files-dirs/app/foo/bar/config.yaml"} - root := "" - s, _ := newServiceWithOpt(func(gitClient *gitmocks.Client, helmClient *helmmocks.Client, paths *iomocks.TempPaths) { - gitClient.On("Init").Return(nil) - gitClient.On("Fetch", mock.Anything).Return(nil) - gitClient.On("Checkout", mock.Anything, mock.Anything).Once().Return(nil) - gitClient.On("LsRemote", "HEAD").Return("632039659e542ed7de0c170a4fcc1c571b288fc0", nil) - gitClient.On("Root").Return(root) - gitClient.On("LsFiles", mock.Anything, mock.Anything).Once().Return(files, nil) - paths.On("GetPath", mock.Anything).Return(root, nil) - paths.On("GetPathIfExists", mock.Anything).Return(root, nil) - }, root) - filesRequest := &apiclient.GitFilesRequest{ - Repo: &argoappv1.Repository{Repo: "a-url.com"}, - SubmoduleEnabled: false, - Revision: "HEAD", - } - - // expected map - expected := make(map[string][]byte) - for _, filePath := range files { - fileContents, err := os.ReadFile(filePath) - assert.Nil(t, err) - expected[filePath] = fileContents - } - - fileResponse, err := s.GetGitFiles(context.TODO(), filesRequest) - assert.Nil(t, err) - assert.Equal(t, fileResponse.GetMap(), expected) - - // do the same request again to use the cache - // we only allow LsFiles to be called once in the mock - fileResponse, err = s.GetGitFiles(context.TODO(), filesRequest) - assert.Nil(t, err) - assert.Equal(t, expected, fileResponse.GetMap()) -} - -func Test_getRepoSanitizerRegex(t *testing.T) { - r := getRepoSanitizerRegex("/tmp/_argocd-repo") - msg := r.ReplaceAllString("error message containing /tmp/_argocd-repo/SENSITIVE and other stuff", "") - assert.Equal(t, "error message containing and other stuff", msg) - msg = r.ReplaceAllString("error message containing /tmp/_argocd-repo/SENSITIVE/with/trailing/path and other stuff", "") - assert.Equal(t, "error message containing /with/trailing/path and other stuff", msg) -} diff --git a/reposerver/repository/testdata/git-files-dirs/app/bar/.hidden/.keep b/reposerver/repository/testdata/git-files-dirs/app/bar/.hidden/.keep deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/reposerver/repository/testdata/git-files-dirs/app/bar/.keep b/reposerver/repository/testdata/git-files-dirs/app/bar/.keep deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/reposerver/repository/testdata/git-files-dirs/app/foo/bar/config.yaml b/reposerver/repository/testdata/git-files-dirs/app/foo/bar/config.yaml deleted file mode 100644 index 433c6b94dc0cf..0000000000000 --- a/reposerver/repository/testdata/git-files-dirs/app/foo/bar/config.yaml +++ /dev/null @@ -1,2 +0,0 @@ -version: 4.2.1a -name: fooaaaa \ No newline at end of file diff --git a/reposerver/repository/testdata/git-files-dirs/app/foo/config.yaml b/reposerver/repository/testdata/git-files-dirs/app/foo/config.yaml deleted file mode 100644 index 096b2f1a35b87..0000000000000 --- a/reposerver/repository/testdata/git-files-dirs/app/foo/config.yaml +++ /dev/null @@ -1,2 +0,0 @@ -version: 4.2.1 -name: foo \ No newline at end of file diff --git a/reposerver/repository/testdata/git-files-dirs/config.yaml b/reposerver/repository/testdata/git-files-dirs/config.yaml deleted file mode 100644 index 5c0feb3c03c8a..0000000000000 --- a/reposerver/repository/testdata/git-files-dirs/config.yaml +++ /dev/null @@ -1,2 +0,0 @@ -version: 4.2.1.5 -name: foooooo \ No newline at end of file diff --git a/reposerver/repository/testdata/git-files-dirs/somedir/config.yaml b/reposerver/repository/testdata/git-files-dirs/somedir/config.yaml deleted file mode 100644 index c66361bb14a46..0000000000000 --- a/reposerver/repository/testdata/git-files-dirs/somedir/config.yaml +++ /dev/null @@ -1,2 +0,0 @@ -version: 2.1 -name: fo \ No newline at end of file diff --git a/reposerver/repository/testdata/invalid-metadata/bad.yaml b/reposerver/repository/testdata/invalid-metadata/bad.yaml deleted file mode 100644 index 83f48a40dc334..0000000000000 --- a/reposerver/repository/testdata/invalid-metadata/bad.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: my-map-annotation - annotations: - invalid: true -stringData: - foo: bar ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: my-map-label - labels: - invalid: true -stringData: - foo: bar diff --git a/reposerver/repository/testdata/nil-metadata-accessors/nil-metadata-accessors.yaml b/reposerver/repository/testdata/nil-metadata-accessors/nil-metadata-accessors.yaml deleted file mode 100644 index 53979de769c01..0000000000000 --- a/reposerver/repository/testdata/nil-metadata-accessors/nil-metadata-accessors.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: my-map - annotations: - labels: -stringData: - foo: bar diff --git a/reposerver/repository/types.go b/reposerver/repository/types.go deleted file mode 100644 index 3e45a5bf3a1cf..0000000000000 --- a/reposerver/repository/types.go +++ /dev/null @@ -1,14 +0,0 @@ -package repository - -// Chart see: https://helm.sh/docs/topics/charts/ for more details -type Chart struct { - Description string `yaml:"description,omitempty"` - Home string `yaml:"home,omitempty"` - Maintainers []Maintainer `yaml:"maintainers,omitempty"` -} - -type Maintainer struct { - Name string `yaml:"name,omitempty"` - Email string `yaml:"email,omitempty"` - Url string `yaml:"url,omitempty"` -} diff --git a/resource_customizations/apps/Deployment/actions/testdata/deployment-pause.yaml b/resource_customizations/apps/Deployment/actions/testdata/deployment-pause.yaml index 3ddbbe3e5cef2..38cb1faf8498f 100644 --- a/resource_customizations/apps/Deployment/actions/testdata/deployment-pause.yaml +++ b/resource_customizations/apps/Deployment/actions/testdata/deployment-pause.yaml @@ -4,8 +4,6 @@ metadata: annotations: deployment.kubernetes.io/revision: "1" creationTimestamp: "2021-09-21T22:35:20Z" - name: nginx-deploy - namespace: default generation: 2 spec: paused: true diff --git a/resource_customizations/apps/Deployment/actions/testdata/deployment-resume.yaml b/resource_customizations/apps/Deployment/actions/testdata/deployment-resume.yaml index 8ccb8dcab0802..ea8d3b14de51d 100644 --- a/resource_customizations/apps/Deployment/actions/testdata/deployment-resume.yaml +++ b/resource_customizations/apps/Deployment/actions/testdata/deployment-resume.yaml @@ -5,8 +5,6 @@ metadata: deployment.kubernetes.io/revision: "1" creationTimestamp: "2021-09-21T22:35:20Z" generation: 3 - name: nginx-deploy - namespace: default spec: progressDeadlineSeconds: 600 replicas: 3 diff --git a/resource_customizations/argoproj.io/CronWorkflow/actions/action_test.yaml b/resource_customizations/argoproj.io/CronWorkflow/actions/action_test.yaml deleted file mode 100644 index 7fce1c3b36cf6..0000000000000 --- a/resource_customizations/argoproj.io/CronWorkflow/actions/action_test.yaml +++ /dev/null @@ -1,7 +0,0 @@ -actionTests: -- action: create-workflow - inputPath: testdata/cronworkflow.yaml - expectedOutputPath: testdata/workflow.yaml -- action: create-workflow - inputPath: testdata/cronworkflow-without-label.yaml - expectedOutputPath: testdata/workflow-without-label.yaml diff --git a/resource_customizations/argoproj.io/CronWorkflow/actions/create-workflow/action.lua b/resource_customizations/argoproj.io/CronWorkflow/actions/create-workflow/action.lua deleted file mode 100644 index 85470525b60b2..0000000000000 --- a/resource_customizations/argoproj.io/CronWorkflow/actions/create-workflow/action.lua +++ /dev/null @@ -1,82 +0,0 @@ -local os = require("os") - --- This action constructs a Workflow resource from a CronWorkflow resource, to enable creating a CronWorkflow instance --- on demand. --- It returns an array with a single member - a table with the operation to perform (create) and the Workflow resource. --- It mimics the output of "argo submit --from=CronWorkflow/" command, declaratively. - --- This code is written to mimic what the Argo Workflows API server does to create a Workflow from a CronWorkflow. --- https://github.com/argoproj/argo-workflows/blob/873a58de7dd9dad76d5577b8c4294a58b52849b8/workflow/common/convert.go#L12 - --- Deep-copying an object is a ChatGPT generated code. --- Since empty tables are treated as empty arrays, the resulting k8s resource might be invalid (arrays instead of maps). --- So empty tables are not cloned to the target object. -function deepCopy(object) - local lookup_table = {} - local function _copy(obj) - if type(obj) ~= "table" then - return obj - elseif lookup_table[obj] then - return lookup_table[obj] - elseif next(obj) == nil then - return nil - else - local new_table = {} - lookup_table[obj] = new_table - for key, value in pairs(obj) do - new_table[_copy(key)] = _copy(value) - end - return setmetatable(new_table, getmetatable(obj)) - end - end - return _copy(object) -end - -workflow = {} -workflow.apiVersion = "argoproj.io/v1alpha1" -workflow.kind = "Workflow" - -workflow.metadata = {} -workflow.metadata.name = obj.metadata.name .. "-" ..os.date("!%Y%m%d%H%M") -workflow.metadata.namespace = obj.metadata.namespace -workflow.metadata.labels = {} -workflow.metadata.annotations = {} -if (obj.spec.workflowMetadata ~= nil) then - if (obj.spec.workflowMetadata.labels ~= nil) then - workflow.metadata.labels = deepCopy(obj.spec.workflowMetadata.labels) - end - if (obj.spec.workflowMetadata.annotations ~= nil) then - workflow.metadata.annotations = deepCopy(obj.spec.workflowMetadata.annotations) - end -end -workflow.metadata.labels["workflows.argoproj.io/cron-workflow"] = obj.metadata.name -if (obj.metadata.labels ~= nil and obj.metadata.labels["workflows.argoproj.io/controller-instanceid"] ~= nil) then - workflow.metadata.labels["workflows.argoproj.io/controller-instanceid"] = obj.metadata.labels["workflows.argoproj.io/controller-instanceid"] -end -workflow.metadata.annotations["workflows.argoproj.io/scheduled-time"] = os.date("!%Y-%m-%dT%d:%H:%MZ") - -workflow.finalizers = {} --- add all finalizers from obj.spec.workflowMetadata.finalizers -if (obj.spec.workflowMetadata ~= nil and obj.spec.workflowMetadata.finalizers ~= nil) then - for i, finalizer in ipairs(obj.spec.workflowMetadata.finalizers) do - workflow.finalizers[i] = finalizer - end -end - -ownerRef = {} -ownerRef.apiVersion = obj.apiVersion -ownerRef.kind = obj.kind -ownerRef.name = obj.metadata.name -ownerRef.uid = obj.metadata.uid -workflow.metadata.ownerReferences = {} -workflow.metadata.ownerReferences[1] = ownerRef - -workflow.spec = deepCopy(obj.spec.workflowSpec) - -impactedResource = {} -impactedResource.operation = "create" -impactedResource.resource = workflow -result = {} -result[1] = impactedResource - -return result \ No newline at end of file diff --git a/resource_customizations/argoproj.io/CronWorkflow/actions/discovery.lua b/resource_customizations/argoproj.io/CronWorkflow/actions/discovery.lua deleted file mode 100644 index 717386b29a691..0000000000000 --- a/resource_customizations/argoproj.io/CronWorkflow/actions/discovery.lua +++ /dev/null @@ -1,6 +0,0 @@ -actions = {} -actions["create-workflow"] = { - ["iconClass"] = "fa fa-fw fa-play", - ["displayName"] = "Create Workflow" -} -return actions \ No newline at end of file diff --git a/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/cronworkflow-without-label.yaml b/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/cronworkflow-without-label.yaml deleted file mode 100644 index a9f9e2ed8d5c0..0000000000000 --- a/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/cronworkflow-without-label.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: CronWorkflow -metadata: - annotations: - cronworkflows.argoproj.io/last-used-schedule: CRON_TZ=America/Los_Angeles * * * * * - name: hello-world - namespace: default -spec: - concurrencyPolicy: Replace - failedJobsHistoryLimit: 4 - schedule: '* * * * *' - startingDeadlineSeconds: 0 - successfulJobsHistoryLimit: 4 - suspend: true - timezone: America/Los_Angeles - workflowSpec: - entrypoint: whalesay - templates: - - container: - args: - - "\U0001F553 hello world. Scheduled on: {{workflow.scheduledTime}}" - command: - - cowsay - image: 'docker/whalesay:latest' - name: whalesay - workflowMetadata: - labels: - example: test - annotations: - another-example: another-test - finalizers: [test-finalizer] diff --git a/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/cronworkflow.yaml b/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/cronworkflow.yaml deleted file mode 100644 index 2a2c7d1807db4..0000000000000 --- a/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/cronworkflow.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: CronWorkflow -metadata: - annotations: - cronworkflows.argoproj.io/last-used-schedule: CRON_TZ=America/Los_Angeles * * * * * - labels: - workflows.argoproj.io/controller-instanceid: test-instance - app.kubernetes.io/instance: test - name: hello-world - namespace: default -spec: - concurrencyPolicy: Replace - failedJobsHistoryLimit: 4 - schedule: '* * * * *' - startingDeadlineSeconds: 0 - successfulJobsHistoryLimit: 4 - suspend: true - timezone: America/Los_Angeles - workflowSpec: - entrypoint: whalesay - templates: - - container: - args: - - "\U0001F553 hello world. Scheduled on: {{workflow.scheduledTime}}" - command: - - cowsay - image: 'docker/whalesay:latest' - name: whalesay - workflowMetadata: - labels: - example: test - annotations: - another-example: another-test - finalizers: [test-finalizer] diff --git a/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/workflow-without-label.yaml b/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/workflow-without-label.yaml deleted file mode 100644 index 1d20bc0d72a6a..0000000000000 --- a/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/workflow-without-label.yaml +++ /dev/null @@ -1,26 +0,0 @@ -- k8sOperation: create - unstructuredObj: - apiVersion: argoproj.io/v1alpha1 - kind: Workflow - metadata: - annotations: - another-example: another-test - labels: - example: test - name: hello-world-202306221736 - namespace: default - ownerReferences: - - apiVersion: argoproj.io/v1alpha1 - kind: CronWorkflow - name: hello-world - finalizers: [test-finalizer] - spec: - entrypoint: whalesay - templates: - - container: - args: - - "\U0001F553 hello world. Scheduled on: {{workflow.scheduledTime}}" - command: - - cowsay - image: 'docker/whalesay:latest' - name: whalesay diff --git a/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/workflow.yaml b/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/workflow.yaml deleted file mode 100644 index 9f231dbb5c5b3..0000000000000 --- a/resource_customizations/argoproj.io/CronWorkflow/actions/testdata/workflow.yaml +++ /dev/null @@ -1,28 +0,0 @@ -- k8sOperation: create - unstructuredObj: - apiVersion: argoproj.io/v1alpha1 - kind: Workflow - metadata: - annotations: - another-example: another-test - labels: - workflows.argoproj.io/cron-workflow: hello-world - workflows.argoproj.io/controller-instanceid: test-instance - example: test - name: hello-world-202306221736 - namespace: default - ownerReferences: - - apiVersion: argoproj.io/v1alpha1 - kind: CronWorkflow - name: hello-world - finalizers: [test-finalizer] - spec: - entrypoint: whalesay - templates: - - container: - args: - - "\U0001F553 hello world. Scheduled on: {{workflow.scheduledTime}}" - command: - - cowsay - image: 'docker/whalesay:latest' - name: whalesay diff --git a/resource_customizations/argoproj.io/EventBus/health.lua b/resource_customizations/argoproj.io/EventBus/health.lua deleted file mode 100644 index 4d2c676f72892..0000000000000 --- a/resource_customizations/argoproj.io/EventBus/health.lua +++ /dev/null @@ -1,21 +0,0 @@ -hs={ status = "Progressing", message = "Waiting for initialization" } - -if obj.status ~= nil then - if obj.status.conditions ~= nil then - for _, condition in ipairs(obj.status.conditions) do - if condition.type == "Deployed" and condition.status == "False" then - hs.status = "Degraded" - hs.message = condition.message or condition.reason - return hs - end - if condition.type == "Deployed" and condition.status == "True" then - hs.status = "Healthy" - hs.message = condition.message or condition.reason - return hs - end - end - end -end - - -return hs diff --git a/resource_customizations/argoproj.io/EventBus/health_test.yaml b/resource_customizations/argoproj.io/EventBus/health_test.yaml deleted file mode 100644 index 7babe7fc7f9a3..0000000000000 --- a/resource_customizations/argoproj.io/EventBus/health_test.yaml +++ /dev/null @@ -1,9 +0,0 @@ -tests: - - healthStatus: - status: Healthy - message: "JetStream is deployed" - inputPath: testdata/healthy.yaml - - healthStatus: - status: Degraded - message: 'failed to get jetstream version, err: unsupported version "iwillfail", supported versions: "2.9.5,latest"' - inputPath: testdata/degraded.yaml \ No newline at end of file diff --git a/resource_customizations/argoproj.io/EventBus/testdata/degraded.yaml b/resource_customizations/argoproj.io/EventBus/testdata/degraded.yaml deleted file mode 100644 index 4ffd1cf6a9623..0000000000000 --- a/resource_customizations/argoproj.io/EventBus/testdata/degraded.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: EventBus -metadata: - name: test - namespace: eventbus-test -spec: - jetstream: - replicas: 3 - version: iwillfail -status: - conditions: - - lastTransitionTime: null - status: 'True' - type: Configured - - lastTransitionTime: null - message: >- - failed to get jetstream version, err: unsupported version "iwillfail", - supported versions: "2.9.5,latest" - reason: JetStreamStatefulSetFailed - status: 'False' - type: Deployed \ No newline at end of file diff --git a/resource_customizations/argoproj.io/EventBus/testdata/healthy.yaml b/resource_customizations/argoproj.io/EventBus/testdata/healthy.yaml deleted file mode 100644 index 8db1455a14d8e..0000000000000 --- a/resource_customizations/argoproj.io/EventBus/testdata/healthy.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: EventBus -metadata: - name: test - namespace: eventbus-test -spec: - jetstream: - replicas: 3 - version: latest -status: - conditions: - - lastTransitionTime: '2022-12-30T11:44:15Z' - status: 'True' - type: Configured - - lastTransitionTime: '2022-12-30T11:44:15Z' - message: JetStream is deployed - reason: Succeeded - status: 'True' - type: Deployed \ No newline at end of file diff --git a/resource_customizations/argoproj.io/WorkflowTemplate/actions/action_test.yaml b/resource_customizations/argoproj.io/WorkflowTemplate/actions/action_test.yaml deleted file mode 100644 index db503fe0b6aae..0000000000000 --- a/resource_customizations/argoproj.io/WorkflowTemplate/actions/action_test.yaml +++ /dev/null @@ -1,4 +0,0 @@ -actionTests: -- action: create-workflow - inputPath: testdata/workflowtemplate.yaml - expectedOutputPath: testdata/workflow.yaml diff --git a/resource_customizations/argoproj.io/WorkflowTemplate/actions/create-workflow/action.lua b/resource_customizations/argoproj.io/WorkflowTemplate/actions/create-workflow/action.lua deleted file mode 100644 index 66f5ec55d3a16..0000000000000 --- a/resource_customizations/argoproj.io/WorkflowTemplate/actions/create-workflow/action.lua +++ /dev/null @@ -1,39 +0,0 @@ -local os = require("os") - --- This action constructs a Workflow resource from a WorkflowTemplate resource, to enable creating a WorkflowTemplate instance --- on demand. --- It returns an array with a single member - a table with the operation to perform (create) and the Workflow resource. --- It mimics the output of "argo submit --from=workflowtemplate/" command, declaratively. - --- This code is written to mimic what the Argo Workflows API server does to create a Workflow from a WorkflowTemplate. --- https://github.com/argoproj/argo-workflows/blob/873a58de7dd9dad76d5577b8c4294a58b52849b8/workflow/common/convert.go#L34 - -workflow = {} -workflow.apiVersion = "argoproj.io/v1alpha1" -workflow.kind = "Workflow" - -workflow.metadata = {} -workflow.metadata.name = obj.metadata.name .. "-" ..os.date("!%Y%m%d%H%M") -workflow.metadata.namespace = obj.metadata.namespace -workflow.metadata.labels = {} -workflow.metadata.labels["workflows.argoproj.io/workflow-template"] = obj.metadata.name - -workflow.spec = {} -workflow.spec.workflowTemplateRef = {} -workflow.spec.workflowTemplateRef.name = obj.metadata.name - -ownerRef = {} -ownerRef.apiVersion = obj.apiVersion -ownerRef.kind = obj.kind -ownerRef.name = obj.metadata.name -ownerRef.uid = obj.metadata.uid -workflow.metadata.ownerReferences = {} -workflow.metadata.ownerReferences[1] = ownerRef - -impactedResource = {} -impactedResource.operation = "create" -impactedResource.resource = workflow -result = {} -result[1] = impactedResource - -return result \ No newline at end of file diff --git a/resource_customizations/argoproj.io/WorkflowTemplate/actions/discovery.lua b/resource_customizations/argoproj.io/WorkflowTemplate/actions/discovery.lua deleted file mode 100644 index 717386b29a691..0000000000000 --- a/resource_customizations/argoproj.io/WorkflowTemplate/actions/discovery.lua +++ /dev/null @@ -1,6 +0,0 @@ -actions = {} -actions["create-workflow"] = { - ["iconClass"] = "fa fa-fw fa-play", - ["displayName"] = "Create Workflow" -} -return actions \ No newline at end of file diff --git a/resource_customizations/argoproj.io/WorkflowTemplate/actions/testdata/workflow.yaml b/resource_customizations/argoproj.io/WorkflowTemplate/actions/testdata/workflow.yaml deleted file mode 100644 index 46063bee03397..0000000000000 --- a/resource_customizations/argoproj.io/WorkflowTemplate/actions/testdata/workflow.yaml +++ /dev/null @@ -1,16 +0,0 @@ -- k8sOperation: create - unstructuredObj: - apiVersion: argoproj.io/v1alpha1 - kind: Workflow - metadata: - labels: - workflows.argoproj.io/workflow-template: workflow-template-submittable - name: workflow-template-submittable-202306221735 - namespace: default - ownerReferences: - - apiVersion: argoproj.io/v1alpha1 - kind: WorkflowTemplate - name: workflow-template-submittable - spec: - workflowTemplateRef: - name: workflow-template-submittable diff --git a/resource_customizations/argoproj.io/WorkflowTemplate/actions/testdata/workflowtemplate.yaml b/resource_customizations/argoproj.io/WorkflowTemplate/actions/testdata/workflowtemplate.yaml deleted file mode 100644 index 5b7d2319e9c9e..0000000000000 --- a/resource_customizations/argoproj.io/WorkflowTemplate/actions/testdata/workflowtemplate.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: WorkflowTemplate -metadata: - labels: - app.kubernetes.io/instance: test - name: workflow-template-submittable - namespace: default -spec: - arguments: - parameters: - - name: message - value: hello world - entrypoint: whalesay-template - templates: - - container: - args: - - '{{inputs.parameters.message}}' - command: - - cowsay - image: docker/whalesay - inputs: - parameters: - - name: message - name: whalesay-template diff --git a/resource_customizations/batch/CronJob/actions/action_test.yaml b/resource_customizations/batch/CronJob/actions/action_test.yaml deleted file mode 100644 index a9b5320db5721..0000000000000 --- a/resource_customizations/batch/CronJob/actions/action_test.yaml +++ /dev/null @@ -1,4 +0,0 @@ -actionTests: -- action: create-job - inputPath: testdata/cronjob.yaml - expectedOutputPath: testdata/job.yaml diff --git a/resource_customizations/batch/CronJob/actions/create-job/action.lua b/resource_customizations/batch/CronJob/actions/create-job/action.lua deleted file mode 100644 index 17b6455fa3d5d..0000000000000 --- a/resource_customizations/batch/CronJob/actions/create-job/action.lua +++ /dev/null @@ -1,62 +0,0 @@ -local os = require("os") - --- This action constructs a Job resource from a CronJob resource, to enable creating a CronJob instance on demand. --- It returns an array with a single member - a table with the operation to perform (create) and the Job resource. --- It mimics the output of "kubectl create job --from=" command, declaratively. - --- Deep-copying an object is a ChatGPT generated code. --- Since empty tables are treated as empty arrays, the resulting k8s resource might be invalid (arrays instead of maps). --- So empty tables are not cloned to the target object. -function deepCopy(object) - local lookup_table = {} - local function _copy(obj) - if type(obj) ~= "table" then - return obj - elseif lookup_table[obj] then - return lookup_table[obj] - elseif next(obj) == nil then - return nil - else - local new_table = {} - lookup_table[obj] = new_table - for key, value in pairs(obj) do - new_table[_copy(key)] = _copy(value) - end - return setmetatable(new_table, getmetatable(obj)) - end - end - return _copy(object) -end - -job = {} -job.apiVersion = "batch/v1" -job.kind = "Job" - -job.metadata = deepCopy(obj.spec.jobTemplate.metadata) -if job.metadata == nil then - job.metadata = {} -end -job.metadata.name = obj.metadata.name .. "-" ..os.date("!%Y%m%d%H%M") -job.metadata.namespace = obj.metadata.namespace - -ownerRef = {} -ownerRef.apiVersion = obj.apiVersion -ownerRef.kind = obj.kind -ownerRef.name = obj.metadata.name -ownerRef.uid = obj.metadata.uid -job.metadata.ownerReferences = {} -job.metadata.ownerReferences[1] = ownerRef - -job.spec = {} -job.spec.suspend = false -job.spec.template = {} -job.spec.template.metadata = deepCopy(obj.spec.jobTemplate.spec.template.metadata) -job.spec.template.spec = deepCopy(obj.spec.jobTemplate.spec.template.spec) - -impactedResource = {} -impactedResource.operation = "create" -impactedResource.resource = job -result = {} -result[1] = impactedResource - -return result \ No newline at end of file diff --git a/resource_customizations/batch/CronJob/actions/discovery.lua b/resource_customizations/batch/CronJob/actions/discovery.lua deleted file mode 100644 index a8b0950181456..0000000000000 --- a/resource_customizations/batch/CronJob/actions/discovery.lua +++ /dev/null @@ -1,6 +0,0 @@ -actions = {} -actions["create-job"] = { - ["iconClass"] = "fa fa-fw fa-play", - ["displayName"] = "Create Job" -} -return actions \ No newline at end of file diff --git a/resource_customizations/batch/CronJob/actions/testdata/cronjob.yaml b/resource_customizations/batch/CronJob/actions/testdata/cronjob.yaml deleted file mode 100644 index d422c82da393a..0000000000000 --- a/resource_customizations/batch/CronJob/actions/testdata/cronjob.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: batch/v1 -kind: CronJob -metadata: - name: hello - namespace: test-ns - uid: "123" -spec: - schedule: "* * * * *" - jobTemplate: - metadata: - labels: - my: label - annotations: - my: annotation - spec: - template: - metadata: - labels: - pod: label - annotations: - pod: annotation - spec: - containers: - - name: hello - image: busybox:1.28 - imagePullPolicy: IfNotPresent - command: - - /bin/sh - - -c - - date; echo Hello from the Kubernetes cluster - resources: {} - restartPolicy: OnFailure \ No newline at end of file diff --git a/resource_customizations/batch/CronJob/actions/testdata/job.yaml b/resource_customizations/batch/CronJob/actions/testdata/job.yaml deleted file mode 100644 index 16d4e4960b0dc..0000000000000 --- a/resource_customizations/batch/CronJob/actions/testdata/job.yaml +++ /dev/null @@ -1,28 +0,0 @@ -- k8sOperation: create - unstructuredObj: - apiVersion: batch/v1 - kind: Job - metadata: - name: hello-00000000000 - namespace: test-ns - labels: - my: label - annotations: - my: annotation - spec: - template: - metadata: - labels: - pod: label - annotations: - pod: annotation - spec: - containers: - - name: hello - image: busybox:1.28 - imagePullPolicy: IfNotPresent - command: - - /bin/sh - - -c - - date; echo Hello from the Kubernetes cluster - restartPolicy: OnFailure \ No newline at end of file diff --git a/resource_customizations/cert-manager.io/ClusterIssuer/health.lua b/resource_customizations/cert-manager.io/ClusterIssuer/health.lua deleted file mode 100644 index 79945c4334c50..0000000000000 --- a/resource_customizations/cert-manager.io/ClusterIssuer/health.lua +++ /dev/null @@ -1,21 +0,0 @@ -hs = {} -if obj.status ~= nil then - if obj.status.conditions ~= nil then - for i, condition in ipairs(obj.status.conditions) do - if condition.type == "Ready" and condition.status == "False" then - hs.status = "Degraded" - hs.message = condition.message - return hs - end - if condition.type == "Ready" and condition.status == "True" then - hs.status = "Healthy" - hs.message = condition.message - return hs - end - end - end -end - -hs.status = "Progressing" -hs.message = "Initializing ClusterIssuer" -return hs diff --git a/resource_customizations/cert-manager.io/ClusterIssuer/health_test.yaml b/resource_customizations/cert-manager.io/ClusterIssuer/health_test.yaml deleted file mode 100644 index 1eda5cfb3ca4a..0000000000000 --- a/resource_customizations/cert-manager.io/ClusterIssuer/health_test.yaml +++ /dev/null @@ -1,14 +0,0 @@ -tests: -- healthStatus: - status: Progressing - message: Initializing ClusterIssuer - inputPath: testdata/progressing_noStatus.yaml -- healthStatus: - status: Healthy - message: The ACME account was registered with the ACME server - inputPath: testdata/healthy_registered.yaml -- healthStatus: - status: Degraded - message: "Failed to verify ACME account: acme: : 404 page not found\n" - inputPath: testdata/degraded_acmeFailed.yaml - diff --git a/resource_customizations/cert-manager.io/ClusterIssuer/testdata/degraded_acmeFailed.yaml b/resource_customizations/cert-manager.io/ClusterIssuer/testdata/degraded_acmeFailed.yaml deleted file mode 100644 index 75a249feb3da6..0000000000000 --- a/resource_customizations/cert-manager.io/ClusterIssuer/testdata/degraded_acmeFailed.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - creationTimestamp: "2019-02-15T19:23:48Z" - generation: 1 - name: test-issuer - resourceVersion: "68352438" - uid: 37f408e3-3157-11e9-be3f-42010a800011 -spec: - acme: - email: myemail@test.com - http01: {} - privateKeySecretRef: - key: "" - name: letsencrypt - server: https://acme-v02.api.letsencrypt.org/directory124 -status: - acme: - uri: "" - conditions: - - lastTransitionTime: "2019-02-15T19:23:53Z" - message: | - Failed to verify ACME account: acme: : 404 page not found - reason: ErrRegisterACMEAccount - status: "False" - type: Ready diff --git a/resource_customizations/cert-manager.io/ClusterIssuer/testdata/healthy_registered.yaml b/resource_customizations/cert-manager.io/ClusterIssuer/testdata/healthy_registered.yaml deleted file mode 100644 index edad50241c40b..0000000000000 --- a/resource_customizations/cert-manager.io/ClusterIssuer/testdata/healthy_registered.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - creationTimestamp: "2018-11-06T23:14:18Z" - generation: 1 - name: test-issuer - resourceVersion: "48889060" - uid: b0045219-e219-11e8-9f93-42010a80021d -spec: - acme: - email: myemail@test.com - http01: {} - privateKeySecretRef: - key: "" - name: letsencrypt - server: https://acme-v02.api.letsencrypt.org/directory -status: - acme: - uri: https://acme-v02.api.letsencrypt.org/acme/acct/45250083 - conditions: - - lastTransitionTime: "2018-12-06T06:42:59Z" - message: The ACME account was registered with the ACME server - reason: ACMEAccountRegistered - status: "True" - type: Ready diff --git a/resource_customizations/cert-manager.io/ClusterIssuer/testdata/progressing_noStatus.yaml b/resource_customizations/cert-manager.io/ClusterIssuer/testdata/progressing_noStatus.yaml deleted file mode 100644 index b05c4aeb7d13f..0000000000000 --- a/resource_customizations/cert-manager.io/ClusterIssuer/testdata/progressing_noStatus.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - creationTimestamp: "2018-11-06T23:14:18Z" - generation: 1 - name: test-issuer - resourceVersion: "48889060" - uid: b0045219-e219-11e8-9f93-42010a80021d -spec: - acme: - email: myemail@test.com - http01: {} - privateKeySecretRef: - key: "" - name: letsencrypt - server: https://acme-v02.api.letsencrypt.org/directory diff --git a/resource_customizations/elasticsearch.k8s.elastic.co/Elasticsearch/health.lua b/resource_customizations/elasticsearch.k8s.elastic.co/Elasticsearch/health.lua index 2670862b41602..3bac570b0c4d7 100644 --- a/resource_customizations/elasticsearch.k8s.elastic.co/Elasticsearch/health.lua +++ b/resource_customizations/elasticsearch.k8s.elastic.co/Elasticsearch/health.lua @@ -17,7 +17,7 @@ if obj.status ~= nil then hs.message = "Elasticsearch Cluster status is Green" return hs elseif obj.status.health == "yellow" then - hs.status = "Progressing" + hs.status = "Degraded" hs.message = "Elasticsearch Cluster status is Yellow. Check the status of indices, replicas and shards" return hs elseif obj.status.health == "red" then diff --git a/resource_customizations/elasticsearch.k8s.elastic.co/Elasticsearch/health_test.yaml b/resource_customizations/elasticsearch.k8s.elastic.co/Elasticsearch/health_test.yaml index 015bc145d8ff8..0a0ef51d16f6c 100644 --- a/resource_customizations/elasticsearch.k8s.elastic.co/Elasticsearch/health_test.yaml +++ b/resource_customizations/elasticsearch.k8s.elastic.co/Elasticsearch/health_test.yaml @@ -4,7 +4,7 @@ tests: message: "Elasticsearch Cluster status is Green" inputPath: testdata/ready_green.yaml - healthStatus: - status: Progressing + status: Degraded message: "Elasticsearch Cluster status is Yellow. Check the status of indices, replicas and shards" inputPath: testdata/ready_yellow.yaml - healthStatus: diff --git a/resource_customizations/embed.go b/resource_customizations/embed.go index 8a4d5316cd3df..251b12293efac 100644 --- a/resource_customizations/embed.go +++ b/resource_customizations/embed.go @@ -5,6 +5,5 @@ import ( ) // Embedded contains embedded resource customization -// //go:embed * var Embedded embed.FS diff --git a/resource_customizations/external-secrets.io/ClusterExternalSecret/health.lua b/resource_customizations/external-secrets.io/ClusterExternalSecret/health.lua deleted file mode 100644 index 2157b5c7a78fa..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterExternalSecret/health.lua +++ /dev/null @@ -1,25 +0,0 @@ -hs = {} -if obj.status ~= nil then - if obj.status.conditions ~= nil then - -- For ClusterExternalSecret, new statuses are appended to the end of the list - lastStatus = obj.status.conditions[#obj.status.conditions] - if lastStatus.type == "Ready" and lastStatus.status == "True" then - hs.status = "Healthy" - hs.message = lastStatus.message - return hs - end - if lastStatus.type == "PartiallyReady" and lastStatus.status == "True" then - hs.status = "Degraded" - hs.message = lastStatus.message - return hs - end - if lastStatus.type == "NotReady" and lastStatus.status == "True" then - hs.status = "Degraded" - hs.message = lastStatus.message - return hs - end - end -end -hs.status = "Progressing" -hs.message = "Waiting for ClusterExternalSecret" -return hs diff --git a/resource_customizations/external-secrets.io/ClusterExternalSecret/health_test.yaml b/resource_customizations/external-secrets.io/ClusterExternalSecret/health_test.yaml deleted file mode 100644 index 52e4c7c13740f..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterExternalSecret/health_test.yaml +++ /dev/null @@ -1,21 +0,0 @@ -tests: - - healthStatus: - status: Progressing - message: Waiting for ClusterExternalSecret - inputPath: testdata/progressing.yaml - - healthStatus: - status: Degraded - message: 'one or more namespaces failed' - inputPath: testdata/notready.yaml - - healthStatus: - status: Degraded - message: 'one or more namespaces failed' - inputPath: testdata/partiallyready.yaml - - healthStatus: - status: Degraded - message: 'one or more namespaces failed' - inputPath: testdata/partiallyready-multiple-conditions.yaml - - healthStatus: - status: Healthy - message: '' - inputPath: testdata/healthy.yaml diff --git a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/healthy.yaml b/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/healthy.yaml deleted file mode 100644 index 1a5f61b44a48f..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/healthy.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterExternalSecret -metadata: - name: ces -spec: - externalSecretName: hello-world-es - externalSecretSpec: - data: - - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /foo - property: key - secretKey: mykey - refreshInterval: 1h - secretStoreRef: - kind: ClusterSecretStore - name: secretmanager - target: - creationPolicy: Owner - deletionPolicy: Retain - name: mysecret - template: - data: - somekey: '{{ .somecreds }}' - engineVersion: v2 - type: Opaque - namespaceSelector: - matchLabels: - cool: label -status: - conditions: - - message: one or more namespaces failed - status: "True" - type: PartiallyReady - - status: "True" - type: Ready diff --git a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/notready.yaml b/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/notready.yaml deleted file mode 100644 index eeea3069bfb2d..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/notready.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterExternalSecret -metadata: - name: ces -spec: - externalSecretName: hello-world-es - externalSecretSpec: - data: - - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /foo - property: key - secretKey: mykey - refreshInterval: 1h - secretStoreRef: - kind: ClusterSecretStore - name: secretmanager - target: - creationPolicy: Owner - deletionPolicy: Retain - name: mysecret - template: - data: - somekey: '{{ .somecreds }}' - engineVersion: v2 - type: Opaque - namespaceSelector: - matchLabels: - cool: label -status: - conditions: - - message: one or more namespaces failed - status: "True" - type: NotReady - failedNamespaces: - - namespace: default - reason: external secret already exists in namespace diff --git a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/partiallyready-multiple-conditions.yaml b/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/partiallyready-multiple-conditions.yaml deleted file mode 100644 index 52f6141871de0..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/partiallyready-multiple-conditions.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterExternalSecret -metadata: - name: ces -spec: - externalSecretName: hello-world-es - externalSecretSpec: - data: - - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /foo - property: key - secretKey: mykey - refreshInterval: 1h - secretStoreRef: - kind: ClusterSecretStore - name: secretmanager - target: - creationPolicy: Owner - deletionPolicy: Retain - name: mysecret - template: - data: - somekey: '{{ .somecreds }}' - engineVersion: v2 - type: Opaque - namespaceSelector: - matchLabels: - cool: label -status: - conditions: - - message: one or more namespaces failed - status: "True" - type: NotReady - - message: one or more namespaces failed - status: "True" - type: PartiallyReady - failedNamespaces: - - namespace: default - reason: external secret already exists in namespace - provisionedNamespaces: - - other-namespace diff --git a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/partiallyready.yaml b/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/partiallyready.yaml deleted file mode 100644 index f6a291526fd7f..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/partiallyready.yaml +++ /dev/null @@ -1,40 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterExternalSecret -metadata: - name: ces -spec: - externalSecretName: hello-world-es - externalSecretSpec: - data: - - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /foo - property: key - secretKey: mykey - refreshInterval: 1h - secretStoreRef: - kind: ClusterSecretStore - name: secretmanager - target: - creationPolicy: Owner - deletionPolicy: Retain - name: mysecret - template: - data: - somekey: '{{ .somecreds }}' - engineVersion: v2 - type: Opaque - namespaceSelector: - matchLabels: - cool: label -status: - conditions: - - message: one or more namespaces failed - status: "True" - type: PartiallyReady - failedNamespaces: - - namespace: default - reason: external secret already exists in namespace - provisionedNamespaces: - - other-namespace diff --git a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/progressing.yaml b/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/progressing.yaml deleted file mode 100644 index 8e326e413cf8a..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterExternalSecret/testdata/progressing.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterExternalSecret -metadata: - name: ces -spec: - externalSecretName: hello-world-es - externalSecretSpec: - data: - - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /foo - property: key - secretKey: mykey - refreshInterval: 1h - secretStoreRef: - kind: ClusterSecretStore - name: secretmanager - target: - creationPolicy: Owner - deletionPolicy: Retain - name: mysecret - template: - data: - somekey: '{{ .somecreds }}' - engineVersion: v2 - type: Opaque - namespaceSelector: - matchLabels: - cool: label diff --git a/resource_customizations/external-secrets.io/ClusterSecretStore/health.lua b/resource_customizations/external-secrets.io/ClusterSecretStore/health.lua deleted file mode 100644 index 14a77a70354ae..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterSecretStore/health.lua +++ /dev/null @@ -1,20 +0,0 @@ -hs = {} -if obj.status ~= nil then - if obj.status.conditions ~= nil then - for i, condition in ipairs(obj.status.conditions) do - if condition.type == "Ready" and condition.status == "False" then - hs.status = "Degraded" - hs.message = condition.message - return hs - end - if condition.type == "Ready" and condition.status == "True" then - hs.status = "Healthy" - hs.message = condition.message - return hs - end - end - end -end -hs.status = "Progressing" -hs.message = "Waiting for ClusterSecretStore" -return hs diff --git a/resource_customizations/external-secrets.io/ClusterSecretStore/health_test.yaml b/resource_customizations/external-secrets.io/ClusterSecretStore/health_test.yaml deleted file mode 100644 index 6e692158e6e10..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterSecretStore/health_test.yaml +++ /dev/null @@ -1,9 +0,0 @@ -tests: - - healthStatus: - status: Degraded - message: 'unable to validate store' - inputPath: testdata/degraded.yaml - - healthStatus: - status: Healthy - message: 'store validated' - inputPath: testdata/healthy.yaml diff --git a/resource_customizations/external-secrets.io/ClusterSecretStore/testdata/degraded.yaml b/resource_customizations/external-secrets.io/ClusterSecretStore/testdata/degraded.yaml deleted file mode 100644 index 1f00cc4ea61e7..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterSecretStore/testdata/degraded.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterSecretStore -metadata: - name: secretmanager -spec: - provider: - aws: - region: us-east-1 - service: SecretsManager -status: - conditions: - - lastTransitionTime: "2023-03-21T22:58:01Z" - message: unable to validate store - reason: ValidationFailed - status: "False" - type: Ready diff --git a/resource_customizations/external-secrets.io/ClusterSecretStore/testdata/healthy.yaml b/resource_customizations/external-secrets.io/ClusterSecretStore/testdata/healthy.yaml deleted file mode 100644 index 8c99de1326179..0000000000000 --- a/resource_customizations/external-secrets.io/ClusterSecretStore/testdata/healthy.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ClusterSecretStore -metadata: - name: secretmanager -spec: - provider: - aws: - region: us-east-1 - service: SecretsManager -status: - capabilities: ReadWrite - conditions: - - lastTransitionTime: "2023-03-22T04:51:03Z" - message: store validated - reason: Valid - status: "True" - type: Ready diff --git a/resource_customizations/external-secrets.io/ExternalSecret/actions/action_test.yaml b/resource_customizations/external-secrets.io/ExternalSecret/actions/action_test.yaml deleted file mode 100644 index 83f49fcff7439..0000000000000 --- a/resource_customizations/external-secrets.io/ExternalSecret/actions/action_test.yaml +++ /dev/null @@ -1,4 +0,0 @@ -actionTests: - - action: refresh - inputPath: testdata/external-secret.yaml - expectedOutputPath: testdata/external-secret-updated.yaml diff --git a/resource_customizations/external-secrets.io/ExternalSecret/actions/discovery.lua b/resource_customizations/external-secrets.io/ExternalSecret/actions/discovery.lua deleted file mode 100644 index cfac448cba278..0000000000000 --- a/resource_customizations/external-secrets.io/ExternalSecret/actions/discovery.lua +++ /dev/null @@ -1,3 +0,0 @@ -actions = {} -actions["refresh"] = {["disabled"] = false} -return actions diff --git a/resource_customizations/external-secrets.io/ExternalSecret/actions/refresh/action.lua b/resource_customizations/external-secrets.io/ExternalSecret/actions/refresh/action.lua deleted file mode 100644 index fa29c485fa16a..0000000000000 --- a/resource_customizations/external-secrets.io/ExternalSecret/actions/refresh/action.lua +++ /dev/null @@ -1,6 +0,0 @@ -local os = require("os") -if obj.metadata.annotations == nil then - obj.metadata.annotations = {} -end -obj.metadata.annotations["force-sync"] = os.date("!%Y-%m-%dT%XZ") -return obj diff --git a/resource_customizations/external-secrets.io/ExternalSecret/actions/testdata/external-secret-updated.yaml b/resource_customizations/external-secrets.io/ExternalSecret/actions/testdata/external-secret-updated.yaml deleted file mode 100644 index 4266e9a5d18fd..0000000000000 --- a/resource_customizations/external-secrets.io/ExternalSecret/actions/testdata/external-secret-updated.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: external-secrets.io/v1alpha1 -kind: ExternalSecret -metadata: - annotations: - force-sync: '0001-01-01T00:00:00Z' - creationTimestamp: '2021-11-16T21:59:33Z' - generation: 1 - name: test-healthy - namespace: argocd - resourceVersion: '136487331' - selfLink: /apis/external-secrets.io/v1alpha1/namespaces/argocd/externalsecrets/test-healthy - uid: 1e754a7e-0781-4d57-932d-4651d5b19586 -spec: - data: - - remoteRef: - key: secret/sa/example - property: api.address - secretKey: url - - remoteRef: - key: secret/sa/example - property: ca.crt - secretKey: ca - - remoteRef: - key: secret/sa/example - property: token - secretKey: token - refreshInterval: 1m - secretStoreRef: - kind: SecretStore - name: example - target: - creationPolicy: Owner - template: - data: - config: | - { - "bearerToken": "{{ .token | base64decode | toString }}", - "tlsClientConfig": { - "insecure": false, - "caData": "{{ .ca | toString }}" - } - } - name: cluster-test - server: '{{ .url | toString }}' - metadata: - labels: - argocd.argoproj.io/secret-type: cluster -status: - conditions: - - lastTransitionTime: '2021-11-16T21:59:34Z' - message: Secret was synced - reason: SecretSynced - status: 'True' - type: Ready - refreshTime: '2021-11-29T18:32:24Z' - syncedResourceVersion: 1-519a61da0dc68b2575b4f8efada70e42 diff --git a/resource_customizations/external-secrets.io/ExternalSecret/actions/testdata/external-secret.yaml b/resource_customizations/external-secrets.io/ExternalSecret/actions/testdata/external-secret.yaml deleted file mode 100644 index da17edbfe902d..0000000000000 --- a/resource_customizations/external-secrets.io/ExternalSecret/actions/testdata/external-secret.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: external-secrets.io/v1alpha1 -kind: ExternalSecret -metadata: - creationTimestamp: '2021-11-16T21:59:33Z' - generation: 1 - name: test-healthy - namespace: argocd - resourceVersion: '136487331' - selfLink: /apis/external-secrets.io/v1alpha1/namespaces/argocd/externalsecrets/test-healthy - uid: 1e754a7e-0781-4d57-932d-4651d5b19586 -spec: - data: - - remoteRef: - key: secret/sa/example - property: api.address - secretKey: url - - remoteRef: - key: secret/sa/example - property: ca.crt - secretKey: ca - - remoteRef: - key: secret/sa/example - property: token - secretKey: token - refreshInterval: 1m - secretStoreRef: - kind: SecretStore - name: example - target: - creationPolicy: Owner - template: - data: - config: | - { - "bearerToken": "{{ .token | base64decode | toString }}", - "tlsClientConfig": { - "insecure": false, - "caData": "{{ .ca | toString }}" - } - } - name: cluster-test - server: '{{ .url | toString }}' - metadata: - labels: - argocd.argoproj.io/secret-type: cluster -status: - conditions: - - lastTransitionTime: '2021-11-16T21:59:34Z' - message: Secret was synced - reason: SecretSynced - status: 'True' - type: Ready - refreshTime: '2021-11-29T18:32:24Z' - syncedResourceVersion: 1-519a61da0dc68b2575b4f8efada70e42 diff --git a/resource_customizations/flink.apache.org/FlinkDeployment/health.lua b/resource_customizations/flink.apache.org/FlinkDeployment/health.lua index 2528244d17c7a..64c0782209791 100644 --- a/resource_customizations/flink.apache.org/FlinkDeployment/health.lua +++ b/resource_customizations/flink.apache.org/FlinkDeployment/health.lua @@ -1,7 +1,7 @@ health_status = {} if obj.status ~= nil and obj.status.reconciliationStatus ~= nil then - if obj.status.reconciliationStatus.success or obj.status.reconciliationStatus.state == "DEPLOYED" then + if obj.status.reconciliationStatus.success then health_status.status = "Healthy" return health_status end diff --git a/resource_customizations/flink.apache.org/FlinkDeployment/health_test.yaml b/resource_customizations/flink.apache.org/FlinkDeployment/health_test.yaml index 25a4f1273a5d3..1e8cb55b72769 100644 --- a/resource_customizations/flink.apache.org/FlinkDeployment/health_test.yaml +++ b/resource_customizations/flink.apache.org/FlinkDeployment/health_test.yaml @@ -1,16 +1,10 @@ tests: - healthStatus: status: Healthy - inputPath: testdata/healthy_running_v0.1.x.yaml + inputPath: testdata/healthy_running.yaml - healthStatus: status: Healthy - inputPath: testdata/healthy_running_v1.x.yaml -- healthStatus: - status: Healthy - inputPath: testdata/healthy_suspended_v0.1.x.yaml -- healthStatus: - status: Healthy - inputPath: testdata/healthy_suspended_v1.x.yaml + inputPath: testdata/healthy_suspended.yaml - healthStatus: status: Progressing message: Waiting for deploying diff --git a/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_running_v0.1.x.yaml b/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_running.yaml similarity index 100% rename from resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_running_v0.1.x.yaml rename to resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_running.yaml diff --git a/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_running_v1.x.yaml b/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_running_v1.x.yaml deleted file mode 100644 index 60e2c2bfa26fc..0000000000000 --- a/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_running_v1.x.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: flink.apache.org/v1alpha1 -kind: FlinkDeployment -spec: - job: - state: running -status: - jobManagerDeploymentStatus: READY - jobStatus: - state: RUNNING - reconciliationStatus: - state: DEPLOYED diff --git a/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_suspended_v0.1.x.yaml b/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_suspended.yaml similarity index 100% rename from resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_suspended_v0.1.x.yaml rename to resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_suspended.yaml diff --git a/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_suspended_v1.x.yaml b/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_suspended_v1.x.yaml deleted file mode 100644 index 023c2899fb60d..0000000000000 --- a/resource_customizations/flink.apache.org/FlinkDeployment/testdata/healthy_suspended_v1.x.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: flink.apache.org/v1alpha1 -kind: FlinkDeployment -spec: - job: - state: suspended -status: - jobManagerDeploymentStatus: MISSING - jobStatus: - state: SUSPENDED - reconciliationStatus: - state: DEPLOYED diff --git a/resource_customizations/kafka.strimzi.io/Kafka/health_test.yaml b/resource_customizations/kafka.strimzi.io/Kafka/health_test.yaml index 0038036e84a47..9c7d7bc31fe45 100644 --- a/resource_customizations/kafka.strimzi.io/Kafka/health_test.yaml +++ b/resource_customizations/kafka.strimzi.io/Kafka/health_test.yaml @@ -5,6 +5,7 @@ tests: inputPath: testdata/progressing_noStatus.yaml - healthStatus: status: Degraded + message: "Error" message: "Exceeded timeout of 300000ms while waiting for StatefulSet resource my-cluster-zookeeper in namespace default to be ready" inputPath: testdata/degraded.yaml - healthStatus: diff --git a/resource_customizations/mariadb.mmontes.io/MariaDB/health.lua b/resource_customizations/mariadb.mmontes.io/MariaDB/health.lua deleted file mode 100644 index 60f2386a635ec..0000000000000 --- a/resource_customizations/mariadb.mmontes.io/MariaDB/health.lua +++ /dev/null @@ -1,25 +0,0 @@ -health_status = {} - -if obj.status ~= nil and obj.status.conditions ~= nil then - - for i, condition in ipairs(obj.status.conditions) do - - health_status.message = condition.message - - if condition.status == "False" then - if condition.reason == "Failed" then - health_status.status = "Degraded" - return health_status - end - health_status.status = "Progressing" - return health_status - end - end - - health_status.status = "Healthy" - return health_status -end - -health_status.status = "Progressing" -health_status.message = "No status info available" -return health_status diff --git a/resource_customizations/mariadb.mmontes.io/MariaDB/health_test.yaml b/resource_customizations/mariadb.mmontes.io/MariaDB/health_test.yaml deleted file mode 100644 index f3dba1ac80c58..0000000000000 --- a/resource_customizations/mariadb.mmontes.io/MariaDB/health_test.yaml +++ /dev/null @@ -1,25 +0,0 @@ -tests: -- healthStatus: - status: Progressing - message: "No status info available" - inputPath: testdata/no_status.yaml -- healthStatus: - status: Healthy - message: "Running" - inputPath: testdata/statefulset_ready.yaml -- healthStatus: - status: Progressing - message: "Not ready" - inputPath: testdata/statefulset_not_ready.yaml -- healthStatus: - status: Healthy - message: "Running" - inputPath: testdata/restore_complete.yaml -- healthStatus: - status: Progressing - message: "Restoring backup" - inputPath: testdata/restore_not_complete.yaml -- healthStatus: - status: Degraded - message: "Error creating ConfigMap" - inputPath: testdata/mariadb_error.yaml diff --git a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/mariadb_error.yaml b/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/mariadb_error.yaml deleted file mode 100644 index 030391dda7acc..0000000000000 --- a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/mariadb_error.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: mariadb.mmontes.io/v1alpha1 -kind: MariaDB -metadata: - name: mariadb-server -spec: - rootPasswordSecretKeyRef: - name: mariadb - key: root-password - image: - repository: mariadb - tag: "10.7.4" - pullPolicy: IfNotPresent - port: 3306 - volumeClaimTemplate: - resources: - requests: - storage: 100Mi - storageClassName: standard - accessModes: - - ReadWriteOnce -status: - conditions: - - lastTransitionTime: '2023-04-20T15:31:15Z' - message: Error creating ConfigMap - reason: Failed - status: 'False' - type: Ready diff --git a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/no_status.yaml b/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/no_status.yaml deleted file mode 100644 index 276d09b04c272..0000000000000 --- a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/no_status.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: mariadb.mmontes.io/v1alpha1 -kind: MariaDB -metadata: - name: mariadb-server -spec: - rootPasswordSecretKeyRef: - name: mariadb - key: root-password - image: - repository: mariadb - tag: "10.7.4" - pullPolicy: IfNotPresent - port: 3306 - volumeClaimTemplate: - resources: - requests: - storage: 100Mi - storageClassName: standard - accessModes: - - ReadWriteOnce -status: - revision: 0 diff --git a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/restore_complete.yaml b/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/restore_complete.yaml deleted file mode 100644 index 7a9358c0f16d6..0000000000000 --- a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/restore_complete.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: mariadb.mmontes.io/v1alpha1 -kind: MariaDB -metadata: - name: mariadb-server -spec: - rootPasswordSecretKeyRef: - name: mariadb - key: root-password - image: - repository: mariadb - tag: "10.7.4" - pullPolicy: IfNotPresent - port: 3306 - volumeClaimTemplate: - resources: - requests: - storage: 100Mi - storageClassName: standard - accessModes: - - ReadWriteOnce -status: - conditions: - - lastTransitionTime: "2023-04-05T14:18:01Z" - message: Ready - reason: RestoreComplete - status: "True" - type: Bootstrapped - - lastTransitionTime: "2023-04-05T14:18:02Z" - message: Running - reason: RestoreComplete - status: "True" - type: Ready diff --git a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/restore_not_complete.yaml b/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/restore_not_complete.yaml deleted file mode 100644 index a3f600eae96a2..0000000000000 --- a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/restore_not_complete.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: mariadb.mmontes.io/v1alpha1 -kind: MariaDB -metadata: - name: mariadb-server -spec: - rootPasswordSecretKeyRef: - name: mariadb - key: root-password - image: - repository: mariadb - tag: "10.7.4" - pullPolicy: IfNotPresent - port: 3306 - volumeClaimTemplate: - resources: - requests: - storage: 100Mi - storageClassName: standard - accessModes: - - ReadWriteOnce -status: - conditions: - - lastTransitionTime: "2023-04-05T14:18:01Z" - message: Restoring backup - reason: RestoreNotComplete - status: "False" - type: Ready - - lastTransitionTime: "2023-04-05T14:18:02Z" - message: Not ready - reason: RestoreNotComplete - status: "False" - type: Bootstrapped diff --git a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/statefulset_not_ready.yaml b/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/statefulset_not_ready.yaml deleted file mode 100644 index 96d46b4bf61fe..0000000000000 --- a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/statefulset_not_ready.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: mariadb.mmontes.io/v1alpha1 -kind: MariaDB -metadata: - name: mariadb-server -spec: - rootPasswordSecretKeyRef: - name: mariadb - key: root-password - image: - repository: mariadb - tag: "10.7.4" - pullPolicy: IfNotPresent - port: 3306 - volumeClaimTemplate: - resources: - requests: - storage: 100Mi - storageClassName: standard - accessModes: - - ReadWriteOnce -status: - conditions: - - lastTransitionTime: "2023-04-05T14:18:01Z" - message: Not ready - reason: StatefulSetNotReady - status: "False" - type: Ready diff --git a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/statefulset_ready.yaml b/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/statefulset_ready.yaml deleted file mode 100644 index e4870b0064dbb..0000000000000 --- a/resource_customizations/mariadb.mmontes.io/MariaDB/testdata/statefulset_ready.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: mariadb.mmontes.io/v1alpha1 -kind: MariaDB -metadata: - name: mariadb-server -spec: - rootPasswordSecretKeyRef: - name: mariadb - key: root-password - image: - repository: mariadb - tag: "10.7.4" - pullPolicy: IfNotPresent - port: 3306 - volumeClaimTemplate: - resources: - requests: - storage: 100Mi - storageClassName: standard - accessModes: - - ReadWriteOnce -status: - conditions: - - lastTransitionTime: "2023-04-05T14:18:01Z" - message: Running - reason: StatefulSetReady - status: "True" - type: Ready diff --git a/resource_customizations/operator.openshift.io/IngressController/health.lua b/resource_customizations/operator.openshift.io/IngressController/health.lua deleted file mode 100644 index cd0d9821ee64f..0000000000000 --- a/resource_customizations/operator.openshift.io/IngressController/health.lua +++ /dev/null @@ -1,31 +0,0 @@ --- healthcheck for IngressController resources -hs = {} -if obj.status ~= nil then - if obj.status.conditions ~= nil then - -- if the status conditions are present, iterate over them and check their status - for _, condition in pairs(obj.status.conditions) do - if condition.type == "Degraded" and condition.status == "True" then - hs.status = "Degraded" - hs.message = condition.message - return hs - elseif condition.type == "DeploymentReplicasAllAvailable" and condition.status == "False" then - hs.status = "Progressing" - hs.message = condition.message - return hs - elseif condition.type == "Progressing" and condition.status == "True" then - hs.status = "Progressing" - hs.message = condition.reason - return hs - elseif condition.type == "Available" and condition.status == "True" then - hs.status = "Healthy" - hs.message = "IngressController is available" - return hs - end - end - end -end - --- default status when none of the previous condition matches -hs.status = "Progressing" -hs.message = "Status of IngressController is not known yet" -return hs diff --git a/resource_customizations/operator.openshift.io/IngressController/health_test.yaml b/resource_customizations/operator.openshift.io/IngressController/health_test.yaml deleted file mode 100644 index 761d0d6e8fac1..0000000000000 --- a/resource_customizations/operator.openshift.io/IngressController/health_test.yaml +++ /dev/null @@ -1,17 +0,0 @@ -tests: -- healthStatus: - status: Progressing - message: "Status of IngressController is not known yet" - inputPath: testdata/progressing_initialization.yaml -- healthStatus: - status: Progressing - message: "0/1 of replicas are available" - inputPath: testdata/progressing_pod_rollout.yaml -- healthStatus: - status: Degraded - message: "One or more other status conditions indicate a degraded state." - inputPath: testdata/degraded.yaml -- healthStatus: - status: Healthy - message: "IngressController is available" - inputPath: testdata/healthy.yaml diff --git a/resource_customizations/operator.openshift.io/IngressController/testdata/degraded.yaml b/resource_customizations/operator.openshift.io/IngressController/testdata/degraded.yaml deleted file mode 100644 index 73c7c89e370a9..0000000000000 --- a/resource_customizations/operator.openshift.io/IngressController/testdata/degraded.yaml +++ /dev/null @@ -1,103 +0,0 @@ ---- -apiVersion: operator.openshift.io/v1 -kind: IngressController -metadata: - name: default - namespace: openshift-ingress-operator -spec: - domain: openshift.example.com - endpointPublishingStrategy: - hostNetwork: - httpPort: 80 - httpsPort: 443 - statsPort: 1936 - type: HostNetwork - nodePlacement: - nodeSelector: - matchLabels: - node-role.kubernetes.io/worker: "" - replicas: 1 -status: - availableReplicas: 0 - conditions: - - lastTransitionTime: "2023-01-28T10:05:06Z" - reason: Valid - status: "True" - type: Admitted - - lastTransitionTime: "2023-01-28T10:09:15Z" - status: "True" - type: PodsScheduled - - lastTransitionTime: "2023-01-28T10:05:06Z" - message: The configured endpoint publishing strategy does not include a managed - load balancer - reason: EndpointPublishingStrategyExcludesManagedLoadBalancer - status: "False" - type: LoadBalancerManaged - - lastTransitionTime: "2023-01-28T10:05:06Z" - message: No DNS zones are defined in the cluster dns config. - reason: NoDNSZones - status: "False" - type: DNSManaged - - lastTransitionTime: "2023-01-28T10:05:06Z" - status: "False" - type: Progressing - - lastTransitionTime: "2023-01-28T10:13:55Z" - message: "One or more other status conditions indicate a degraded state." - # message: 'One or more other status conditions indicate a degraded state: CanaryChecksSucceeding=False - # (CanaryChecksRepetitiveFailures: Canary route checks for the default ingress - # controller are failing)' - reason: DegradedConditions - status: "True" - type: Degraded - - lastTransitionTime: "2023-01-28T10:05:06Z" - message: IngressController is upgradeable. - reason: Upgradeable - status: "True" - type: Upgradeable - - lastTransitionTime: "2023-01-28T10:12:55Z" - message: Canary route checks for the default ingress controller are failing - reason: CanaryChecksRepetitiveFailures - status: "False" - type: CanaryChecksSucceeding - domain: openshift.example.com - endpointPublishingStrategy: - hostNetwork: - httpPort: 80 - httpsPort: 443 - protocol: TCP - statsPort: 1936 - type: HostNetwork - namespaceSelector: {} - observedGeneration: 2 - routeSelector: {} - selector: ingresscontroller.operator.openshift.io/deployment-ingresscontroller=default - tlsProfile: - ciphers: - - ECDHE-ECDSA-CHACHA20-POLY1305 - - ECDHE-RSA-CHACHA20-POLY1305 - - ECDHE-ECDSA-AES128-GCM-SHA256 - - ECDHE-RSA-AES128-GCM-SHA256 - - ECDHE-ECDSA-AES256-GCM-SHA384 - - ECDHE-RSA-AES256-GCM-SHA384 - - DHE-RSA-AES128-GCM-SHA256 - - DHE-RSA-AES256-GCM-SHA384 - - ECDHE-ECDSA-AES128-SHA256 - - ECDHE-RSA-AES128-SHA256 - - ECDHE-ECDSA-AES128-SHA - - ECDHE-RSA-AES256-SHA384 - - ECDHE-RSA-AES128-SHA - - ECDHE-ECDSA-AES256-SHA384 - - ECDHE-ECDSA-AES256-SHA - - ECDHE-RSA-AES256-SHA - - DHE-RSA-AES128-SHA256 - - DHE-RSA-AES128-SHA - - DHE-RSA-AES256-SHA256 - - DHE-RSA-AES256-SHA - - AES128-GCM-SHA256 - - AES256-GCM-SHA384 - - AES128-SHA256 - - AES256-SHA256 - - AES128-SHA - - AES256-SHA - - '!DSS' - minTLSVersion: VersionTLS11 diff --git a/resource_customizations/operator.openshift.io/IngressController/testdata/healthy.yaml b/resource_customizations/operator.openshift.io/IngressController/testdata/healthy.yaml deleted file mode 100644 index 4c7ad766f1d86..0000000000000 --- a/resource_customizations/operator.openshift.io/IngressController/testdata/healthy.yaml +++ /dev/null @@ -1,93 +0,0 @@ ---- -apiVersion: operator.openshift.io/v1 -kind: IngressController -metadata: - name: apps-shard-2 - namespace: openshift-ingress-operator -spec: - domain: openshift-apps-shard-2.example.com - endpointPublishingStrategy: - hostNetwork: - httpPort: 80 - httpsPort: 443 - statsPort: 1936 - type: HostNetwork - nodePlacement: - nodeSelector: - matchLabels: - node-role.kubernetes.io/worker: "" - replicas: 1 -status: - availableReplicas: 1 - conditions: - - lastTransitionTime: "2023-01-28T09:34:36Z" - reason: Valid - status: "True" - type: Admitted - - lastTransitionTime: "2023-01-28T09:43:42Z" - status: "True" - type: PodsScheduled - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: The deployment has Available status condition set to True - reason: DeploymentAvailable - status: "True" - type: DeploymentAvailable - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: Minimum replicas requirement is met - reason: DeploymentMinimumReplicasMet - status: "True" - type: DeploymentReplicasMinAvailable - - lastTransitionTime: "2023-01-28T09:44:36Z" - message: All replicas are available - reason: DeploymentReplicasAvailable - status: "True" - type: DeploymentReplicasAllAvailable - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: The configured endpoint publishing strategy does not include a managed - load balancer - reason: EndpointPublishingStrategyExcludesManagedLoadBalancer - status: "False" - type: LoadBalancerManaged - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: No DNS zones are defined in the cluster dns config. - reason: NoDNSZones - status: "False" - type: DNSManaged - - lastTransitionTime: "2023-01-28T09:34:36Z" - status: "True" - type: Available - - lastTransitionTime: "2023-01-28T09:34:36Z" - status: "False" - type: Progressing - - lastTransitionTime: "2023-01-28T09:34:36Z" - status: "False" - type: Degraded - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: IngressController is upgradeable. - reason: Upgradeable - status: "True" - type: Upgradeable - domain: openshift-apps-shard-2.example.com - endpointPublishingStrategy: - hostNetwork: - httpPort: 80 - httpsPort: 443 - protocol: TCP - statsPort: 1936 - type: HostNetwork - observedGeneration: 5 - selector: ingresscontroller.operator.openshift.io/deployment-ingresscontroller=apps-shard-2 - tlsProfile: - ciphers: - - ECDHE-ECDSA-AES128-GCM-SHA256 - - ECDHE-RSA-AES128-GCM-SHA256 - - ECDHE-ECDSA-AES256-GCM-SHA384 - - ECDHE-RSA-AES256-GCM-SHA384 - - ECDHE-ECDSA-CHACHA20-POLY1305 - - ECDHE-RSA-CHACHA20-POLY1305 - - DHE-RSA-AES128-GCM-SHA256 - - DHE-RSA-AES256-GCM-SHA384 - - TLS_AES_128_GCM_SHA256 - - TLS_AES_256_GCM_SHA384 - - TLS_CHACHA20_POLY1305_SHA256 - minTLSVersion: VersionTLS12 diff --git a/resource_customizations/operator.openshift.io/IngressController/testdata/progressing_initialization.yaml b/resource_customizations/operator.openshift.io/IngressController/testdata/progressing_initialization.yaml deleted file mode 100644 index 470216e376e84..0000000000000 --- a/resource_customizations/operator.openshift.io/IngressController/testdata/progressing_initialization.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -apiVersion: operator.openshift.io/v1 -kind: IngressController -metadata: - name: apps-shard-2 - namespace: openshift-ingress-operator -spec: - domain: openshift-apps-shard-2.example.com - endpointPublishingStrategy: - hostNetwork: - httpPort: 80 - httpsPort: 443 - statsPort: 1936 - type: HostNetwork - nodePlacement: - nodeSelector: - matchLabels: - node-role.kubernetes.io/worker: "" - replicas: 1 -status: - availableReplicas: 0 - conditions: - - lastTransitionTime: "2023-01-28T09:34:36Z" - reason: Valid - status: "True" - type: Admitted - domain: openshift-apps-shard-2.example.com - endpointPublishingStrategy: - hostNetwork: - httpPort: 80 - httpsPort: 443 - protocol: TCP - statsPort: 1936 - type: HostNetwork - observedGeneration: 1 - selector: "" diff --git a/resource_customizations/operator.openshift.io/IngressController/testdata/progressing_pod_rollout.yaml b/resource_customizations/operator.openshift.io/IngressController/testdata/progressing_pod_rollout.yaml deleted file mode 100644 index 73a33ae48613b..0000000000000 --- a/resource_customizations/operator.openshift.io/IngressController/testdata/progressing_pod_rollout.yaml +++ /dev/null @@ -1,101 +0,0 @@ ---- -apiVersion: operator.openshift.io/v1 -kind: IngressController -metadata: - name: apps-shard-2 - namespace: openshift-ingress-operator -spec: - domain: openshift-apps-shard-2.example.com - endpointPublishingStrategy: - hostNetwork: - httpPort: 80 - httpsPort: 443 - statsPort: 1936 - type: HostNetwork - nodePlacement: - nodeSelector: - matchLabels: - node-role.kubernetes.io/worker: "" - replicas: 1 -status: - availableReplicas: 0 - conditions: - - lastTransitionTime: "2023-01-28T09:34:36Z" - reason: Valid - status: "True" - type: Admitted - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: 'Some pods are not scheduled: Pod "router-apps-shard-2-7b5cb5f98d-gk4hj" - cannot be scheduled: 0/6 nodes are available: 2 node(s) didn''t have free ports - for the requested pod ports, 3 node(s) had untolerated taint {node-role.kubernetes.io/master: - }, 5 node(s) didn''t match Pod''s node affinity/selector. preemption: 0/6 nodes - are available: 1 node(s) didn''t have free ports for the requested pod ports, - 5 Preemption is not helpful for scheduling. Make sure you have sufficient worker - nodes.' - reason: PodsNotScheduled - status: "False" - type: PodsScheduled - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: The deployment has Available status condition set to True - reason: DeploymentAvailable - status: "True" - type: DeploymentAvailable - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: Minimum replicas requirement is met - reason: DeploymentMinimumReplicasMet - status: "True" - type: DeploymentReplicasMinAvailable - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: 0/1 of replicas are available - reason: DeploymentReplicasNotAvailable - status: "False" - type: DeploymentReplicasAllAvailable - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: The configured endpoint publishing strategy does not include a managed - load balancer - reason: EndpointPublishingStrategyExcludesManagedLoadBalancer - status: "False" - type: LoadBalancerManaged - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: No DNS zones are defined in the cluster dns config. - reason: NoDNSZones - status: "False" - type: DNSManaged - - lastTransitionTime: "2023-01-28T09:34:36Z" - status: "True" - type: Available - - lastTransitionTime: "2023-01-28T09:34:36Z" - status: "False" - type: Progressing - - lastTransitionTime: "2023-01-28T09:34:36Z" - status: "False" - type: Degraded - - lastTransitionTime: "2023-01-28T09:34:36Z" - message: IngressController is upgradeable. - reason: Upgradeable - status: "True" - type: Upgradeable - domain: openshift-apps-shard-2.example.com - endpointPublishingStrategy: - hostNetwork: - httpPort: 80 - httpsPort: 443 - protocol: TCP - statsPort: 1936 - type: HostNetwork - observedGeneration: 2 - selector: ingresscontroller.operator.openshift.io/deployment-ingresscontroller=apps-shard-2 - tlsProfile: - ciphers: - - ECDHE-ECDSA-AES128-GCM-SHA256 - - ECDHE-RSA-AES128-GCM-SHA256 - - ECDHE-ECDSA-AES256-GCM-SHA384 - - ECDHE-RSA-AES256-GCM-SHA384 - - ECDHE-ECDSA-CHACHA20-POLY1305 - - ECDHE-RSA-CHACHA20-POLY1305 - - DHE-RSA-AES128-GCM-SHA256 - - DHE-RSA-AES256-GCM-SHA384 - - TLS_AES_128_GCM_SHA256 - - TLS_AES_256_GCM_SHA384 - - TLS_CHACHA20_POLY1305_SHA256 - minTLSVersion: VersionTLS12 diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/health.lua b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/health.lua deleted file mode 100644 index ca1e046c001ef..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/health.lua +++ /dev/null @@ -1,29 +0,0 @@ -adopted = { status = "Unknown" } -advertised = { status = "Unknown" } -discovered = { status = "Unknown" } - -if obj.status ~= nil then - if obj.status.conditions ~= nil then - for i, c in ipairs(obj.status.conditions) do - if c.type == "Adopted" then - adopted = c - elseif c.type == "Advertised" then - advertised = c - elseif c.type == "Discoverable" then - discovered = c - end - end - end -end - -if adopted.status == "False" then - return { status = "Degraded", message = adopted.message } -elseif advertised.reason == "AdvertiseError" or advertised.reason == "UnadvertiseError" then - return { status = "Degraded", message = advertised.message } -elseif discovered.reason == "DiscoveryError" then - return { status = "Unknown", message = discovered.message } -elseif discovered.status == "True" then - return { status = "Healthy", message = discovered.message } -else - return { status = "Progressing", message = discovered.message } -end diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/health_test.yaml b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/health_test.yaml deleted file mode 100644 index 1b9b30cf2e44b..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/health_test.yaml +++ /dev/null @@ -1,29 +0,0 @@ -tests: - - healthStatus: - status: Healthy - message: DNS-SD browse and lookup results match the advertised DNS records - inputPath: testdata/healthy.yaml - - healthStatus: - status: Progressing - message: DNS-SD browse could not find this instance - inputPath: testdata/progressing_negativeBrowse.yaml - - healthStatus: - status: Progressing - message: DNS-SD lookup could not find this instance - inputPath: testdata/progressing_negativeLookup.yaml - - healthStatus: - status: Degraded - message: none of the configured providers can advertise on "example.org" - inputPath: testdata/degraded_notAdopted.yaml - - healthStatus: - status: Degraded - message: "" - inputPath: testdata/degraded_advertiseError.yaml - - healthStatus: - status: Degraded - message: "" - inputPath: testdata/degraded_unadvertiseError.yaml - - healthStatus: - status: Unknown - message: "" - inputPath: testdata/unknown_discoveryError.yaml diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_advertiseError.yaml b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_advertiseError.yaml deleted file mode 100644 index 905b2e9194e8b..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_advertiseError.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: proclaim.dogmatiq.io/v1 -kind: DNSSDServiceInstance -metadata: - creationTimestamp: "2023-03-20T01:47:37Z" - finalizers: - - proclaim.dogmatiq.io/unadvertise - generation: 2 - name: test-instance - namespace: proclaim - resourceVersion: "308914" - uid: 991a66a3-9b7e-4515-9a41-f7513e9b7b33 -spec: - instance: - attributes: - - baz: qux - flag: "" - foo: bar - - more: attrs - domain: example.org - name: test-instance - serviceType: _proclaim._tcp - targets: - - host: test.example.org - port: 8080 - priority: 0 - weight: 0 - ttl: 1m0s -status: - conditions: - - lastTransitionTime: "2023-03-20T01:47:40Z" - message: "" - observedGeneration: 2 - reason: AdvertiseError - status: "False" - type: Advertised diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_notAdopted.yaml b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_notAdopted.yaml deleted file mode 100644 index efccdb2c3f247..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_notAdopted.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: proclaim.dogmatiq.io/v1 -kind: DNSSDServiceInstance -metadata: - creationTimestamp: "2023-03-20T01:47:37Z" - finalizers: - - proclaim.dogmatiq.io/unadvertise - generation: 2 - name: test-instance - namespace: proclaim - resourceVersion: "308914" - uid: 991a66a3-9b7e-4515-9a41-f7513e9b7b33 -spec: - instance: - attributes: - - baz: qux - flag: "" - foo: bar - - more: attrs - domain: example.org - name: test-instance - serviceType: _proclaim._tcp - targets: - - host: test.example.org - port: 8080 - priority: 0 - weight: 0 - ttl: 1m0s -status: - conditions: - - lastTransitionTime: "2023-03-20T01:47:40Z" - message: none of the configured providers can advertise on "example.org" - observedGeneration: 2 - reason: InstanceIgnored - status: "False" - type: Adopted diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_unadvertiseError.yaml b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_unadvertiseError.yaml deleted file mode 100644 index 552eadbe702cc..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/degraded_unadvertiseError.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: proclaim.dogmatiq.io/v1 -kind: DNSSDServiceInstance -metadata: - creationTimestamp: "2023-03-20T01:47:37Z" - finalizers: - - proclaim.dogmatiq.io/unadvertise - generation: 2 - name: test-instance - namespace: proclaim - resourceVersion: "308914" - uid: 991a66a3-9b7e-4515-9a41-f7513e9b7b33 -spec: - instance: - attributes: - - baz: qux - flag: "" - foo: bar - - more: attrs - domain: example.org - name: test-instance - serviceType: _proclaim._tcp - targets: - - host: test.example.org - port: 8080 - priority: 0 - weight: 0 - ttl: 1m0s -status: - conditions: - - lastTransitionTime: "2023-03-20T01:47:40Z" - message: "" - observedGeneration: 2 - reason: UnadvertiseError - status: "False" - type: Advertised diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/healthy.yaml b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/healthy.yaml deleted file mode 100644 index f8ad890b9f934..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/healthy.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: proclaim.dogmatiq.io/v1 -kind: DNSSDServiceInstance -metadata: - creationTimestamp: "2023-03-20T01:47:37Z" - finalizers: - - proclaim.dogmatiq.io/unadvertise - generation: 2 - name: test-instance - namespace: proclaim - resourceVersion: "308914" - uid: 991a66a3-9b7e-4515-9a41-f7513e9b7b33 -spec: - instance: - attributes: - - baz: qux - flag: "" - foo: bar - - more: attrs - domain: example.org - name: test-instance - serviceType: _proclaim._tcp - targets: - - host: test.example.org - port: 8080 - priority: 0 - weight: 0 - ttl: 1m0s -status: - conditions: - - lastTransitionTime: "2023-03-20T01:47:40Z" - message: DNS-SD browse and lookup results match the advertised DNS records - observedGeneration: 2 - reason: Discovered - status: "True" - type: Discoverable diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/progressing_negativeBrowse.yaml b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/progressing_negativeBrowse.yaml deleted file mode 100644 index e34e6c18f853a..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/progressing_negativeBrowse.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: proclaim.dogmatiq.io/v1 -kind: DNSSDServiceInstance -metadata: - creationTimestamp: "2023-03-20T01:47:37Z" - finalizers: - - proclaim.dogmatiq.io/unadvertise - generation: 2 - name: test-instance - namespace: proclaim - resourceVersion: "308914" - uid: 991a66a3-9b7e-4515-9a41-f7513e9b7b33 -spec: - instance: - attributes: - - baz: qux - flag: "" - foo: bar - - more: attrs - domain: example.org - name: test-instance - serviceType: _proclaim._tcp - targets: - - host: test.example.org - port: 8080 - priority: 0 - weight: 0 - ttl: 1m0s -status: - conditions: - - lastTransitionTime: "2023-03-20T01:47:40Z" - message: DNS-SD browse could not find this instance - observedGeneration: 2 - reason: NegativeBrowseResult - status: "False" - type: Discoverable diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/progressing_negativeLookup.yaml b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/progressing_negativeLookup.yaml deleted file mode 100644 index a563e7c9c40ca..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/progressing_negativeLookup.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: proclaim.dogmatiq.io/v1 -kind: DNSSDServiceInstance -metadata: - creationTimestamp: "2023-03-20T01:47:37Z" - finalizers: - - proclaim.dogmatiq.io/unadvertise - generation: 2 - name: test-instance - namespace: proclaim - resourceVersion: "308914" - uid: 991a66a3-9b7e-4515-9a41-f7513e9b7b33 -spec: - instance: - attributes: - - baz: qux - flag: "" - foo: bar - - more: attrs - domain: example.org - name: test-instance - serviceType: _proclaim._tcp - targets: - - host: test.example.org - port: 8080 - priority: 0 - weight: 0 - ttl: 1m0s -status: - conditions: - - lastTransitionTime: "2023-03-20T01:47:40Z" - message: DNS-SD lookup could not find this instance - observedGeneration: 2 - reason: NegativeLookupResult - status: "False" - type: Discoverable diff --git a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/unknown_discoveryError.yaml b/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/unknown_discoveryError.yaml deleted file mode 100644 index c6139a504c3ff..0000000000000 --- a/resource_customizations/proclaim.dogmatiq.io/DNSSDServiceInstance/testdata/unknown_discoveryError.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: proclaim.dogmatiq.io/v1 -kind: DNSSDServiceInstance -metadata: - creationTimestamp: "2023-03-20T01:47:37Z" - finalizers: - - proclaim.dogmatiq.io/unadvertise - generation: 2 - name: test-instance - namespace: proclaim - resourceVersion: "308914" - uid: 991a66a3-9b7e-4515-9a41-f7513e9b7b33 -spec: - instance: - attributes: - - baz: qux - flag: "" - foo: bar - - more: attrs - domain: example.org - name: test-instance - serviceType: _proclaim._tcp - targets: - - host: test.example.org - port: 8080 - priority: 0 - weight: 0 - ttl: 1m0s -status: - conditions: - - lastTransitionTime: "2023-03-20T01:47:40Z" - message: "" - observedGeneration: 2 - reason: DiscoveryError - status: "Unknown" - type: Discoverable diff --git a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/health.lua b/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/health.lua deleted file mode 100644 index e28ef99f9f05a..0000000000000 --- a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/health.lua +++ /dev/null @@ -1,38 +0,0 @@ -hs = {} -if obj.status ~= nil then - - if obj.status.state == "initializing" then - hs.status = "Progressing" - hs.message = obj.status.ready .. "/" .. obj.status.size .. " node(s) are ready" - return hs - end - - if obj.status.state == "ready" then - hs.status = "Healthy" - hs.message = obj.status.ready .. "/" .. obj.status.size .. " node(s) are ready" - return hs - end - - if obj.status.state == "paused" then - hs.status = "Unknown" - hs.message = "Cluster is paused" - return hs - end - - if obj.status.state == "stopping" then - hs.status = "Degraded" - hs.message = "Cluster is stopping (" .. obj.status.ready .. "/" .. obj.status.size .. " node(s) are ready)" - return hs - end - - if obj.status.state == "error" then - hs.status = "Degraded" - hs.message = "Cluster is on error: " .. table.concat(obj.status.messages, ", ") - return hs - end - -end - -hs.status = "Unknown" -hs.message = "Cluster status is unknown. Ensure your ArgoCD is current and then check for/file a bug report: https://github.com/argoproj/argo-cd/issues" -return hs diff --git a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/health_test.yaml b/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/health_test.yaml deleted file mode 100644 index 73b9968ff7a4c..0000000000000 --- a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/health_test.yaml +++ /dev/null @@ -1,25 +0,0 @@ -tests: -- healthStatus: - status: Progressing - message: "0/1 node(s) are ready" - inputPath: testdata/initializing.yaml -- healthStatus: - status: Healthy - message: "1/1 node(s) are ready" - inputPath: testdata/ready.yaml -- healthStatus: - status: Unknown - message: "Cluster is paused" - inputPath: testdata/paused.yaml -- healthStatus: - status: Degraded - message: "Cluster is stopping (1/2 node(s) are ready)" - inputPath: testdata/stopping.yaml -- healthStatus: - status: Degraded - message: "Cluster is on error: we lost node" - inputPath: testdata/error.yaml -- healthStatus: - status: Unknown - message: "Cluster status is unknown. Ensure your ArgoCD is current and then check for/file a bug report: https://github.com/argoproj/argo-cd/issues" - inputPath: testdata/unknown.yaml diff --git a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/error.yaml b/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/error.yaml deleted file mode 100644 index b6f1884be0819..0000000000000 --- a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/error.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: pxc.percona.com/v1 -kind: PerconaXtraDBCluster -metadata: - name: quickstart -spec: {} -status: - backup: {} - haproxy: {} - host: pxc-mysql-pxc - logcollector: {} - observedGeneration: 1 - pmm: {} - proxysql: {} - pxc: - image: '' - ready: 1 - size: 2 - status: error - version: 8.0.21-12.1 - ready: 1 - size: 2 - state: error - messages: - - we lost node diff --git a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/initializing.yaml b/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/initializing.yaml deleted file mode 100644 index 11f3ff046543e..0000000000000 --- a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/initializing.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: pxc.percona.com/v1 -kind: PerconaXtraDBCluster -metadata: - name: quickstart -spec: {} -status: - backup: {} - haproxy: {} - host: pxc-mysql-pxc - logcollector: {} - observedGeneration: 1 - pmm: {} - proxysql: {} - pxc: - image: '' - ready: 0 - size: 1 - status: initializing - version: 8.0.21-12.1 - ready: 0 - size: 1 - state: initializing diff --git a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/paused.yaml b/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/paused.yaml deleted file mode 100644 index 46440a23df7e2..0000000000000 --- a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/paused.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: pxc.percona.com/v1 -kind: PerconaXtraDBCluster -metadata: - name: quickstart -spec: {} -status: - backup: {} - haproxy: {} - host: pxc-mysql-pxc - logcollector: {} - observedGeneration: 1 - pmm: {} - proxysql: {} - pxc: - image: '' - ready: 1 - size: 1 - status: paused - version: 8.0.21-12.1 - ready: 1 - size: 1 - state: paused diff --git a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/ready.yaml b/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/ready.yaml deleted file mode 100644 index bd7d82a2a08fe..0000000000000 --- a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/ready.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: pxc.percona.com/v1 -kind: PerconaXtraDBCluster -metadata: - name: quickstart -spec: {} -status: - backup: {} - haproxy: {} - host: pxc-mysql-pxc - logcollector: {} - observedGeneration: 1 - pmm: {} - proxysql: {} - pxc: - image: '' - ready: 1 - size: 1 - status: ready - version: 8.0.21-12.1 - ready: 1 - size: 1 - state: ready diff --git a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/stopping.yaml b/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/stopping.yaml deleted file mode 100644 index f527445c506a0..0000000000000 --- a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/stopping.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: pxc.percona.com/v1 -kind: PerconaXtraDBCluster -metadata: - name: quickstart -spec: {} -status: - backup: {} - haproxy: {} - host: pxc-mysql-pxc - logcollector: {} - observedGeneration: 1 - pmm: {} - proxysql: {} - pxc: - image: '' - ready: 1 - size: 2 - status: stopping - version: 8.0.21-12.1 - ready: 1 - size: 2 - state: stopping diff --git a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/unknown.yaml b/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/unknown.yaml deleted file mode 100644 index c12b04682b18e..0000000000000 --- a/resource_customizations/pxc.percona.com/PerconaXtraDBCluster/testdata/unknown.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: pxc.percona.com/v1 -kind: PerconaXtraDBCluster -metadata: - name: quickstart -spec: {} -status: - backup: {} - haproxy: {} - host: pxc-mysql-pxc - logcollector: {} - observedGeneration: 1 - pmm: {} - proxysql: {} - pxc: - image: '' - ready: 1 - size: 1 - status: dontknow - version: 8.0.21-12.1 - ready: 1 - size: 1 - state: dontknow diff --git a/resource_customizations/serving.kserve.io/InferenceService/health.lua b/resource_customizations/serving.kserve.io/InferenceService/health.lua deleted file mode 100644 index e256bfccd36c1..0000000000000 --- a/resource_customizations/serving.kserve.io/InferenceService/health.lua +++ /dev/null @@ -1,40 +0,0 @@ -health_status = {} -health_status.status = "Progressing" -health_status.message = "Waiting for status update." -if obj.status ~= nil and obj.status.conditions ~= nil then - status_true = 0 - status_false = 0 - status_unknown = 0 - health_status.message = "" - for i, condition in pairs(obj.status.conditions) do - if condition.status == "True" and (condition.type == "IngressReady" or condition.type == "PredictorConfigurationReady" or condition.type == "PredictorReady" or condition.type == "PredictorRouteReady" or condition.type == "Ready") then - status_true = status_true + 1 - elseif condition.status == "False" or condition.status == "Unknown" then - msg = condition.type .. " is " .. condition.status - if condition.reason ~= nil and condition.reason ~= "" then - msg = msg .. ", since " .. condition.reason .. "." - end - if condition.message ~= nil and condition.message ~= "" then - msg = msg .. " " .. condition.message - end - health_status.message = health_status.message .. msg .. "\n" - if condition.status == "False" then - status_false = status_false + 1 - else - status_unknown = status_unknown + 1 - end - end - end - if status_true == 5 and status_false == 0 and status_unknown == 0 then - health_status.message = "Inference Service is healthy." - health_status.status = "Healthy" - return health_status - elseif status_false > 0 then - health_status.status = "Degraded" - return health_status - else - health_status.status = "Progressing" - return health_status - end -end -return health_status \ No newline at end of file diff --git a/resource_customizations/serving.kserve.io/InferenceService/health_test.yaml b/resource_customizations/serving.kserve.io/InferenceService/health_test.yaml deleted file mode 100644 index e8f32bd51f798..0000000000000 --- a/resource_customizations/serving.kserve.io/InferenceService/health_test.yaml +++ /dev/null @@ -1,13 +0,0 @@ -tests: -- healthStatus: - status: Progressing - message: "PredictorConfigurationReady is Unknown\nPredictorReady is Unknown, since RevisionMissing. Configuration \"hello-world-predictor-default\" is waiting for a Revision to become ready.\nPredictorRouteReady is Unknown, since RevisionMissing. Configuration \"hello-world-predictor-default\" is waiting for a Revision to become ready.\nReady is Unknown, since RevisionMissing. Configuration \"hello-world-predictor-default\" is waiting for a Revision to become ready.\n" - inputPath: testdata/progressing.yaml -- healthStatus: - status: Degraded - message: "IngressReady is False, since Predictor ingress not created.\nPredictorConfigurationReady is False, since RevisionFailed. Revision \"helloworld-00002\" failed with message: Container failed with: container exited with no error.\nPredictorReady is False, since RevisionFailed. Revision \"helloworld-00002\" failed with message: Container failed with: container exited with no error.\nReady is False, since Predictor ingress not created.\n" - inputPath: testdata/degraded.yaml -- healthStatus: - status: Healthy - message: Inference Service is healthy. - inputPath: testdata/healthy.yaml diff --git a/resource_customizations/serving.kserve.io/InferenceService/testdata/degraded.yaml b/resource_customizations/serving.kserve.io/InferenceService/testdata/degraded.yaml deleted file mode 100644 index 0cd337860c670..0000000000000 --- a/resource_customizations/serving.kserve.io/InferenceService/testdata/degraded.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: serving.kserve.io/v1beta1 -kind: InferenceService -metadata: - name: helloworld - namespace: default -spec: {} -status: - conditions: - - lastTransitionTime: "2022-06-14T03:45:38Z" - reason: Predictor ingress not created - status: "False" - type: IngressReady - - lastTransitionTime: "2022-06-14T03:45:38Z" - message: 'Revision "helloworld-00002" failed with message: Container failed with: container exited with no error.' - reason: RevisionFailed - status: "False" - type: PredictorConfigurationReady - - lastTransitionTime: "2022-06-14T03:45:38Z" - message: 'Revision "helloworld-00002" failed with message: Container failed with: container exited with no error.' - reason: RevisionFailed - status: "False" - type: PredictorReady - - lastTransitionTime: "2022-06-14T03:45:38Z" - severity: Info - status: "True" - type: PredictorRouteReady - - lastTransitionTime: "2022-06-14T03:45:38Z" - reason: Predictor ingress not created - status: "False" - type: Ready diff --git a/resource_customizations/serving.kserve.io/InferenceService/testdata/healthy.yaml b/resource_customizations/serving.kserve.io/InferenceService/testdata/healthy.yaml deleted file mode 100644 index 3c28c61d48602..0000000000000 --- a/resource_customizations/serving.kserve.io/InferenceService/testdata/healthy.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: serving.kserve.io/v1beta1 -kind: InferenceService -metadata: - name: helloworld - namespace: default -spec: {} -status: - conditions: - - lastTransitionTime: "2023-06-20T22:44:51Z" - status: "True" - type: IngressReady - - lastTransitionTime: "2023-06-20T22:44:50Z" - severity: Info - status: "True" - type: PredictorConfigurationReady - - lastTransitionTime: "2023-06-20T22:44:51Z" - status: "True" - type: PredictorReady - - lastTransitionTime: "2023-06-20T22:44:51Z" - severity: Info - status: "True" - type: PredictorRouteReady - - lastTransitionTime: "2023-06-20T22:44:51Z" - status: "True" - type: Ready diff --git a/resource_customizations/serving.kserve.io/InferenceService/testdata/progressing.yaml b/resource_customizations/serving.kserve.io/InferenceService/testdata/progressing.yaml deleted file mode 100644 index fab0a57b61f23..0000000000000 --- a/resource_customizations/serving.kserve.io/InferenceService/testdata/progressing.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: serving.kserve.io/v1beta1 -kind: InferenceService -metadata: - name: helloworld - namespace: default -spec: {} -status: - conditions: - - lastTransitionTime: "2023-06-21T22:25:58Z" - severity: Info - status: Unknown - type: PredictorConfigurationReady - - lastTransitionTime: "2023-06-21T22:25:58Z" - message: 'Configuration "hello-world-predictor-default" is waiting for a Revision to become ready.' - reason: RevisionMissing - status: Unknown - type: PredictorReady - - lastTransitionTime: "2023-06-21T22:25:58Z" - message: 'Configuration "hello-world-predictor-default" is waiting for a Revision to become ready.' - reason: RevisionMissing - severity: Info - status: Unknown - type: PredictorRouteReady - - lastTransitionTime: "2023-06-21T22:25:58Z" - message: 'Configuration "hello-world-predictor-default" is waiting for a Revision to become ready.' - reason: RevisionMissing - status: Unknown - type: Ready diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/health.lua b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/health.lua deleted file mode 100644 index aa10e766dac18..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/health.lua +++ /dev/null @@ -1,18 +0,0 @@ -hs = {} - -if obj.status ~= nil and obj.status.readyToUse then - hs.status = "Healthy" - hs.message = "Ready to use" - return hs -end - -if obj.status ~= nil and obj.status.error ~= nil then - hs.status = "Degraded" - hs.message = obj.status.error.message - return hs -end - -hs.status = "Progressing" -hs.message = "Waiting for status" - -return hs diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/health_test.yaml b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/health_test.yaml deleted file mode 100644 index 7914d4acdd3d8..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/health_test.yaml +++ /dev/null @@ -1,14 +0,0 @@ -tests: -- healthStatus: - status: Progressing - message: "Waiting for status" - inputPath: testdata/initializing.yaml -- healthStatus: - status: Healthy - message: "Ready to use" - inputPath: testdata/good.yaml -- healthStatus: - status: Degraded - message: "VolumeSnapshotContent is dynamically provisioned while expecting a pre-provisioned one" - inputPath: testdata/bad.yaml - diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/bad.yaml b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/bad.yaml deleted file mode 100644 index 2d7447f1334e7..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/bad.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshot -metadata: - name: data-04-06-2023 -spec: - source: - volumeSnapshotContentName: data-04-06-2023 -status: - error: - message: >- - VolumeSnapshotContent is dynamically provisioned while expecting a - pre-provisioned one - time: '2023-06-05T14:51:25Z' - readyToUse: false diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/good.yaml b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/good.yaml deleted file mode 100644 index b8a82eff5b45c..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/good.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshot -metadata: - finalizers: - - snapshot.storage.kubernetes.io/volumesnapshot-as-source-protection - - snapshot.storage.kubernetes.io/volumesnapshot-bound-protection -status: - boundVolumeSnapshotContentName: snapcontent-7db10be0-424c-4ed2-9dfe-6c2120eae05b - creationTime: '2023-06-04T19:13:20Z' - readyToUse: true - restoreSize: 1Ti -spec: - source: - persistentVolumeClaimName: mask-data-process-trcxk-mysql-data - volumeSnapshotClassName: azure-tools diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/initializing.yaml b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/initializing.yaml deleted file mode 100644 index 3df029d9a46cf..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshot/testdata/initializing.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshot -metadata: - name: data-04-06-2023 -spec: - driver: disk.csi.azure.com -status: {} diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/health.lua b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/health.lua deleted file mode 100644 index aa10e766dac18..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/health.lua +++ /dev/null @@ -1,18 +0,0 @@ -hs = {} - -if obj.status ~= nil and obj.status.readyToUse then - hs.status = "Healthy" - hs.message = "Ready to use" - return hs -end - -if obj.status ~= nil and obj.status.error ~= nil then - hs.status = "Degraded" - hs.message = obj.status.error.message - return hs -end - -hs.status = "Progressing" -hs.message = "Waiting for status" - -return hs diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/health_test.yaml b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/health_test.yaml deleted file mode 100644 index 6cc455afabe0a..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/health_test.yaml +++ /dev/null @@ -1,13 +0,0 @@ -tests: -- healthStatus: - status: Progressing - message: "Waiting for status" - inputPath: testdata/initializing.yaml -- healthStatus: - status: Healthy - message: "Ready to use" - inputPath: testdata/good.yaml -- healthStatus: - status: Degraded - message: "Failed to check and update snapshot content" - inputPath: testdata/bad.yaml diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/bad.yaml b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/bad.yaml deleted file mode 100644 index d8d3d3d7b5ff0..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/bad.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshotContent -metadata: - name: data-04-06-2023 -spec: - driver: disk.csi.azure.com -status: - error: - message: >- - Failed to check and update snapshot content - time: '2023-06-05T15:44:50Z' - readyToUse: false diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/good.yaml b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/good.yaml deleted file mode 100644 index 56166bec0c859..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/good.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshotContent -metadata: - creationTimestamp: '2023-06-04T19:13:19Z' - finalizers: - - snapshot.storage.kubernetes.io/volumesnapshotcontent-bound-protection -status: - creationTime: 1685906000388294100 - readyToUse: true - restoreSize: 1099511627776 - snapshotHandle: >- - /subscriptions/XXXXXX -spec: - driver: disk.csi.azure.com - source: - volumeHandle: >- - /subscriptions/XXXXXX - volumeSnapshotClassName: azure-tools - volumeSnapshotRef: - apiVersion: snapshot.storage.k8s.io/v1 diff --git a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/initializing.yaml b/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/initializing.yaml deleted file mode 100644 index 8558cf3e44966..0000000000000 --- a/resource_customizations/snapshot.storage.k8s.io/VolumeSnapshotContent/testdata/initializing.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1 -kind: VolumeSnapshotContent -metadata: - name: data-04-06-2023 -spec: - driver: disk.csi.azure.com -status: {} diff --git a/resource_customizations/sparkoperator.k8s.io/SparkApplication/health.lua b/resource_customizations/sparkoperator.k8s.io/SparkApplication/health.lua index 07fbf3a4dc64d..5a504602eb83c 100644 --- a/resource_customizations/sparkoperator.k8s.io/SparkApplication/health.lua +++ b/resource_customizations/sparkoperator.k8s.io/SparkApplication/health.lua @@ -5,10 +5,10 @@ infinity = 2^1024-1 local function executor_range_api() min_executor_instances = 0 max_executor_instances = infinity - if obj.spec.dynamicAllocation.maxExecutors then + if obj.spec.dynamicAllocation.maxExecutors then max_executor_instances = obj.spec.dynamicAllocation.maxExecutors end - if obj.spec.dynamicAllocation.minExecutors then + if obj.spec.dynamicAllocation.minExecutors then min_executor_instances = obj.spec.dynamicAllocation.minExecutors end return min_executor_instances, max_executor_instances @@ -17,7 +17,7 @@ end local function maybe_executor_range_spark_conf() min_executor_instances = 0 max_executor_instances = infinity - if obj.spec.sparkConf["spark.streaming.dynamicAllocation.enabled"] ~= nil and + if obj.spec.sparkConf["spark.streaming.dynamicAllocation.enabled"] ~= nil and obj.spec.sparkConf["spark.streaming.dynamicAllocation.enabled"] == "true" then if(obj.spec.sparkConf["spark.streaming.dynamicAllocation.maxExecutors"] ~= nil) then max_executor_instances = tonumber(obj.spec.sparkConf["spark.streaming.dynamicAllocation.maxExecutors"]) @@ -26,7 +26,7 @@ local function maybe_executor_range_spark_conf() min_executor_instances = tonumber(obj.spec.sparkConf["spark.streaming.dynamicAllocation.minExecutors"]) end return min_executor_instances, max_executor_instances - elseif obj.spec.sparkConf["spark.dynamicAllocation.enabled"] ~= nil and + elseif obj.spec.sparkConf["spark.dynamicAllocation.enabled"] ~= nil and obj.spec.sparkConf["spark.dynamicAllocation.enabled"] == "true" then if(obj.spec.sparkConf["spark.dynamicAllocation.maxExecutors"] ~= nil) then max_executor_instances = tonumber(obj.spec.sparkConf["spark.dynamicAllocation.maxExecutors"]) @@ -45,19 +45,11 @@ local function maybe_executor_range() return executor_range_api() elseif obj.spec["sparkConf"] ~= nil then return maybe_executor_range_spark_conf() - else + else return nil end end -local function dynamic_executors_without_spec_config() - if obj.spec.dynamicAllocation == nil and obj.spec.executor.instances == nil then - return true - else - return false - end -end - if obj.status ~= nil then if obj.status.applicationState.state ~= nil then if obj.status.applicationState.state == "" then @@ -68,26 +60,23 @@ if obj.status ~= nil then if obj.status.applicationState.state == "RUNNING" then if obj.status.executorState ~= nil then count=0 + executor_instances = obj.spec.executor.instances for i, executorState in pairs(obj.status.executorState) do if executorState == "RUNNING" then count=count+1 end end - if obj.spec.executor.instances ~= nil and obj.spec.executor.instances == count then + if executor_instances == count then health_status.status = "Healthy" health_status.message = "SparkApplication is Running" return health_status elseif maybe_executor_range() then min_executor_instances, max_executor_instances = maybe_executor_range() - if count >= min_executor_instances and count <= max_executor_instances then + if count >= min_executor_instances and count <= max_executor_instances then health_status.status = "Healthy" health_status.message = "SparkApplication is Running" return health_status end - elseif dynamic_executors_without_spec_config() and count >= 1 then - health_status.status = "Healthy" - health_status.message = "SparkApplication is Running" - return health_status end end end diff --git a/resource_customizations/sparkoperator.k8s.io/SparkApplication/health_test.yaml b/resource_customizations/sparkoperator.k8s.io/SparkApplication/health_test.yaml index e0ad7dfdf387d..582b446eca324 100644 --- a/resource_customizations/sparkoperator.k8s.io/SparkApplication/health_test.yaml +++ b/resource_customizations/sparkoperator.k8s.io/SparkApplication/health_test.yaml @@ -23,7 +23,3 @@ tests: status: Healthy message: "SparkApplication is Running" inputPath: testdata/healthy_dynamic_alloc_operator_api.yaml -- healthStatus: - status: Healthy - message: "SparkApplication is Running" - inputPath: testdata/healthy_dynamic_alloc_without_spec_config.yaml diff --git a/resource_customizations/sparkoperator.k8s.io/SparkApplication/testdata/healthy_dynamic_alloc_without_spec_config.yaml b/resource_customizations/sparkoperator.k8s.io/SparkApplication/testdata/healthy_dynamic_alloc_without_spec_config.yaml deleted file mode 100644 index a2ab7b85b5c50..0000000000000 --- a/resource_customizations/sparkoperator.k8s.io/SparkApplication/testdata/healthy_dynamic_alloc_without_spec_config.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: sparkoperator.k8s.io/v1beta2 -kind: SparkApplication -metadata: - generation: 4 - labels: - argocd.argoproj.io/instance: spark-job - name: spark-job-app - namespace: spark-cluster - resourceVersion: "31812990" - uid: bfee52b0-74ca-4465-8005-f6643097ed64 -spec: - executor: {} -status: - applicationState: - state: RUNNING - driverInfo: - podName: ingestion-datalake-news-app-driver - webUIAddress: 172.20.207.161:4040 - webUIPort: 4040 - webUIServiceName: ingestion-datalake-news-app-ui-svc - executionAttempts: 13 - executorState: - ingestion-datalake-news-app-1591613851251-exec-1: RUNNING - ingestion-datalake-news-app-1591613851251-exec-2: RUNNING - ingestion-datalake-news-app-1591613851251-exec-4: RUNNING - ingestion-datalake-news-app-1591613851251-exec-5: RUNNING - lastSubmissionAttemptTime: "2020-06-08T10:57:32Z" - sparkApplicationId: spark-a5920b2a5aa04d22a737c60759b5bf82 - submissionAttempts: 1 - submissionID: 3e713ec8-9f6c-4e78-ac28-749797c846f0 - terminationTime: null diff --git a/server/application/application.go b/server/application/application.go index fe9697dc77056..67ceee1716994 100644 --- a/server/application/application.go +++ b/server/application/application.go @@ -28,7 +28,6 @@ import ( "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/kubernetes" @@ -50,6 +49,7 @@ import ( "github.com/argoproj/argo-cd/v2/util/db" "github.com/argoproj/argo-cd/v2/util/env" "github.com/argoproj/argo-cd/v2/util/git" + "github.com/argoproj/argo-cd/v2/util/glob" ioutil "github.com/argoproj/argo-cd/v2/util/io" "github.com/argoproj/argo-cd/v2/util/lua" "github.com/argoproj/argo-cd/v2/util/manifeststream" @@ -140,88 +140,42 @@ func NewServer( // getAppEnforceRBAC gets the Application with the given name in the given namespace. If no namespace is // specified, the Application is fetched from the default namespace (the one in which the API server is running). // -// If the user does not provide a "project," then we have to be very careful how we respond. If an app with the given -// name exists, and the user has access to that app in the app's project, we return the app. If the app exists but the -// user does not have access, we return "permission denied." If the app does not exist, we return "permission denied" - -// if we responded with a 404, then the user could infer that the app exists when they get "permission denied." +// If the Application does not exist, then we have no way of determining if the user would have had access to get that +// Application. Verifying access requires knowing the Application's name, namespace, and project. The user may specify, +// at minimum, the Application name. // -// If the user does provide a "project," we can respond more specifically. If the user does not have access to the given -// app name in the given project, we return "permission denied." If the app exists, but the project is different from -func (s *Server) getAppEnforceRBAC(ctx context.Context, action, project, namespace, name string, getApp func() (*appv1.Application, error)) (*appv1.Application, error) { +// So to prevent a malicious user from inferring the existence or absense of the Application or namespace, we respond +// "permission denied" if the Application does not exist. +func (s *Server) getAppEnforceRBAC(ctx context.Context, action, namespace, name string, getApp func() (*appv1.Application, error)) (*appv1.Application, error) { logCtx := log.WithFields(map[string]interface{}{ "application": name, "namespace": namespace, }) - if project != "" { - // The user has provided everything we need to perform an initial RBAC check. - givenRBACName := security.RBACName(s.ns, project, namespace, name) - if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplications, action, givenRBACName); err != nil { - logCtx.WithFields(map[string]interface{}{ - "project": project, - argocommon.SecurityField: argocommon.SecurityMedium, - }).Warnf("user tried to %s application which they do not have access to: %s", action, err) - // Do a GET on the app. This ensures that the timing of a "no access" response is the same as a "yes access, - // but the app is in a different project" response. We don't want the user inferring the existence of the - // app from response time. - _, _ = getApp() - return nil, permissionDeniedErr - } - } a, err := getApp() if err != nil { if apierr.IsNotFound(err) { - if project != "" { - // We know that the user was allowed to get the Application, but the Application does not exist. Return 404. - return nil, status.Errorf(codes.NotFound, apierr.NewNotFound(schema.GroupResource{Group: "argoproj.io", Resource: "applications"}, name).Error()) - } - // We don't know if the user was allowed to get the Application, and we don't want to leak information about - // the Application's existence. Return 403. logCtx.Warn("application does not exist") return nil, permissionDeniedErr } logCtx.Errorf("failed to get application: %s", err) return nil, permissionDeniedErr } - // Even if we performed an initial RBAC check (because the request was fully parameterized), we still need to - // perform a second RBAC check to ensure that the user has access to the actual Application's project (not just the - // project they specified in the request). if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplications, action, a.RBACName(s.ns)); err != nil { logCtx.WithFields(map[string]interface{}{ "project": a.Spec.Project, argocommon.SecurityField: argocommon.SecurityMedium, }).Warnf("user tried to %s application which they do not have access to: %s", action, err) - if project != "" { - // The user specified a project. We would have returned a 404 if the user had access to the app, but the app - // did not exist. So we have to return a 404 when the app does exist, but the user does not have access. - // Otherwise, they could infer that the app exists based on the error code. - return nil, status.Errorf(codes.NotFound, apierr.NewNotFound(schema.GroupResource{Group: "argoproj.io", Resource: "applications"}, name).Error()) - } - // The user didn't specify a project. We always return permission denied for both lack of access and lack of - // existence. return nil, permissionDeniedErr } - effectiveProject := "default" - if a.Spec.Project != "" { - effectiveProject = a.Spec.Project - } - if project != "" && effectiveProject != project { - logCtx.WithFields(map[string]interface{}{ - "project": a.Spec.Project, - argocommon.SecurityField: argocommon.SecurityMedium, - }).Warnf("user tried to %s application in project %s, but the application is in project %s", action, project, effectiveProject) - // The user has access to the app, but the app is in a different project. Return 404, meaning "app doesn't - // exist in that project". - return nil, status.Errorf(codes.NotFound, apierr.NewNotFound(schema.GroupResource{Group: "argoproj.io", Resource: "applications"}, name).Error()) - } return a, nil } // getApplicationEnforceRBACInformer uses an informer to get an Application. If the app does not exist, permission is // denied, or any other error occurs when getting the app, we return a permission denied error to obscure any sensitive // information. -func (s *Server) getApplicationEnforceRBACInformer(ctx context.Context, action, project, namespace, name string) (*appv1.Application, error) { +func (s *Server) getApplicationEnforceRBACInformer(ctx context.Context, action, namespace, name string) (*appv1.Application, error) { namespaceOrDefault := s.appNamespaceOrDefault(namespace) - return s.getAppEnforceRBAC(ctx, action, project, namespaceOrDefault, name, func() (*appv1.Application, error) { + return s.getAppEnforceRBAC(ctx, action, namespaceOrDefault, name, func() (*appv1.Application, error) { return s.appLister.Applications(namespaceOrDefault).Get(name) }) } @@ -229,9 +183,9 @@ func (s *Server) getApplicationEnforceRBACInformer(ctx context.Context, action, // getApplicationEnforceRBACClient uses a client to get an Application. If the app does not exist, permission is denied, // or any other error occurs when getting the app, we return a permission denied error to obscure any sensitive // information. -func (s *Server) getApplicationEnforceRBACClient(ctx context.Context, action, project, namespace, name, resourceVersion string) (*appv1.Application, error) { +func (s *Server) getApplicationEnforceRBACClient(ctx context.Context, action, namespace, name, resourceVersion string) (*appv1.Application, error) { namespaceOrDefault := s.appNamespaceOrDefault(namespace) - return s.getAppEnforceRBAC(ctx, action, project, namespaceOrDefault, name, func() (*appv1.Application, error) { + return s.getAppEnforceRBAC(ctx, action, namespaceOrDefault, name, func() (*appv1.Application, error) { return s.appclientset.ArgoprojV1alpha1().Applications(namespaceOrDefault).Get(ctx, name, metav1.GetOptions{ ResourceVersion: resourceVersion, }) @@ -270,7 +224,7 @@ func (s *Server) List(ctx context.Context, q *application.ApplicationQuery) (*ap for _, a := range filteredApps { // Skip any application that is neither in the control plane's namespace // nor in the list of enabled namespaces. - if !s.isNamespaceEnabled(a.Namespace) { + if a.Namespace != s.ns && !glob.MatchStringInList(s.enabledNamespaces, a.Namespace, false) { continue } if s.enf.Enforce(ctx.Value("claims"), rbacpolicy.ResourceApplications, rbacpolicy.ActionGet, a.RBACName(s.ns)) { @@ -425,7 +379,7 @@ func (s *Server) GetManifests(ctx context.Context, q *application.ApplicationMan if q.Name == nil || *q.Name == "" { return nil, fmt.Errorf("invalid request: application name is missing") } - a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetName()) + a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetName()) if err != nil { return nil, err } @@ -448,6 +402,10 @@ func (s *Server) GetManifests(ctx context.Context, q *application.ApplicationMan return fmt.Errorf("error getting app instance label key from settings: %w", err) } + plugins, err := s.plugins() + if err != nil { + return fmt.Errorf("error getting plugins: %w", err) + } config, err := s.getApplicationClusterConfig(ctx, a) if err != nil { return fmt.Errorf("error getting application cluster config: %w", err) @@ -463,11 +421,6 @@ func (s *Server) GetManifests(ctx context.Context, q *application.ApplicationMan return fmt.Errorf("error getting API resources: %w", err) } - proj, err := argo.GetAppProject(a, applisters.NewAppProjectLister(s.projInformer.GetIndexer()), s.ns, s.settingsMgr, s.db, ctx) - if err != nil { - return fmt.Errorf("error getting app project: %w", err) - } - manifestInfo, err = client.GenerateManifest(ctx, &apiclient.ManifestRequest{ Repo: repo, Revision: revision, @@ -476,6 +429,7 @@ func (s *Server) GetManifests(ctx context.Context, q *application.ApplicationMan Namespace: a.Spec.Destination.Namespace, ApplicationSource: &source, Repos: helmRepos, + Plugins: plugins, KustomizeOptions: kustomizeOptions, KubeVersion: serverVersion, ApiVersions: argo.APIResourcesToStrings(apiResources, true), @@ -483,8 +437,6 @@ func (s *Server) GetManifests(ctx context.Context, q *application.ApplicationMan HelmOptions: helmOptions, TrackingMethod: string(argoutil.GetTrackingMethod(s.settingsMgr)), EnabledSourceTypes: enableGenerateManifests, - ProjectName: proj.Name, - ProjectSourceRepos: proj.Spec.SourceRepos, }) if err != nil { return fmt.Errorf("error generating manifests: %w", err) @@ -530,7 +482,7 @@ func (s *Server) GetManifestsWithFiles(stream application.ApplicationService_Get return fmt.Errorf("invalid request: application name is missing") } - a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, query.GetProject(), query.GetAppNamespace(), query.GetName()) + a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, query.GetAppNamespace(), query.GetName()) if err != nil { return err } @@ -544,6 +496,10 @@ func (s *Server) GetManifestsWithFiles(stream application.ApplicationService_Get return fmt.Errorf("error getting app instance label key from settings: %w", err) } + plugins, err := s.plugins() + if err != nil { + return fmt.Errorf("error getting plugins: %w", err) + } config, err := s.getApplicationClusterConfig(ctx, a) if err != nil { return fmt.Errorf("error getting application cluster config: %w", err) @@ -560,12 +516,6 @@ func (s *Server) GetManifestsWithFiles(stream application.ApplicationService_Get } source := a.Spec.GetSource() - - proj, err := argo.GetAppProject(a, applisters.NewAppProjectLister(s.projInformer.GetIndexer()), s.ns, s.settingsMgr, s.db, ctx) - if err != nil { - return fmt.Errorf("error getting app project: %w", err) - } - req := &apiclient.ManifestRequest{ Repo: repo, Revision: source.TargetRevision, @@ -574,6 +524,7 @@ func (s *Server) GetManifestsWithFiles(stream application.ApplicationService_Get Namespace: a.Spec.Destination.Namespace, ApplicationSource: &source, Repos: helmRepos, + Plugins: plugins, KustomizeOptions: kustomizeOptions, KubeVersion: serverVersion, ApiVersions: argo.APIResourcesToStrings(apiResources, true), @@ -581,8 +532,6 @@ func (s *Server) GetManifestsWithFiles(stream application.ApplicationService_Get HelmOptions: helmOptions, TrackingMethod: string(argoutil.GetTrackingMethod(s.settingsMgr)), EnabledSourceTypes: enableGenerateManifests, - ProjectName: proj.Name, - ProjectSourceRepos: proj.Spec.SourceRepos, } repoStreamClient, err := client.GenerateManifestWithFiles(stream.Context()) @@ -636,17 +585,10 @@ func (s *Server) Get(ctx context.Context, q *application.ApplicationQuery) (*app appName := q.GetName() appNs := s.appNamespaceOrDefault(q.GetAppNamespace()) - project := "" - projects := getProjectsFromApplicationQuery(*q) - if len(projects) == 1 { - project = projects[0] - } else if len(projects) > 1 { - return nil, status.Errorf(codes.InvalidArgument, "multiple projects specified - the get endpoint accepts either zero or one project") - } // We must use a client Get instead of an informer Get, because it's common to call Get immediately // following a Watch (which is not yet powered by an informer), and the Get must reflect what was // previously seen by the client. - a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, project, appNs, appName, q.GetResourceVersion()) + a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, appNs, appName, q.GetResourceVersion()) if err != nil { return nil, err } @@ -729,7 +671,7 @@ func (s *Server) Get(ctx context.Context, q *application.ApplicationQuery) (*app // ListResourceEvents returns a list of event resources func (s *Server) ListResourceEvents(ctx context.Context, q *application.ApplicationResourceEventsQuery) (*v1.EventList, error) { - a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetName()) + a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetName()) if err != nil { return nil, err } @@ -791,13 +733,11 @@ func (s *Server) ListResourceEvents(ctx context.Context, q *application.Applicat return list, nil } -// validateAndUpdateApp validates and updates the application. currentProject is the name of the project the app -// currently is under. If not specified, we assume that the app is under the project specified in the app spec. -func (s *Server) validateAndUpdateApp(ctx context.Context, newApp *appv1.Application, merge bool, validate bool, action string, currentProject string) (*appv1.Application, error) { +func (s *Server) validateAndUpdateApp(ctx context.Context, newApp *appv1.Application, merge bool, validate bool, action string) (*appv1.Application, error) { s.projectLock.RLock(newApp.Spec.GetProject()) defer s.projectLock.RUnlock(newApp.Spec.GetProject()) - app, err := s.getApplicationEnforceRBACClient(ctx, action, currentProject, newApp.Namespace, newApp.Name, "") + app, err := s.getApplicationEnforceRBACClient(ctx, action, newApp.Namespace, newApp.Name, "") if err != nil { return nil, err } @@ -895,7 +835,7 @@ func (s *Server) updateApp(app *appv1.Application, newApp *appv1.Application, ct // Update updates an application func (s *Server) Update(ctx context.Context, q *application.ApplicationUpdateRequest) (*appv1.Application, error) { if q.GetApplication() == nil { - return nil, fmt.Errorf("error updating application: application is nil in request") + return nil, fmt.Errorf("error creating application: application is nil in request") } a := q.GetApplication() if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplications, rbacpolicy.ActionUpdate, a.RBACName(s.ns)); err != nil { @@ -906,7 +846,7 @@ func (s *Server) Update(ctx context.Context, q *application.ApplicationUpdateReq if q.Validate != nil { validate = *q.Validate } - return s.validateAndUpdateApp(ctx, q.Application, false, validate, rbacpolicy.ActionUpdate, q.GetProject()) + return s.validateAndUpdateApp(ctx, q.Application, false, validate, rbacpolicy.ActionUpdate) } // UpdateSpec updates an application spec and filters out any invalid parameter overrides @@ -914,7 +854,7 @@ func (s *Server) UpdateSpec(ctx context.Context, q *application.ApplicationUpdat if q.GetSpec() == nil { return nil, fmt.Errorf("error updating application spec: spec is nil in request") } - a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionUpdate, q.GetProject(), q.GetAppNamespace(), q.GetName(), "") + a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionUpdate, q.GetAppNamespace(), q.GetName(), "") if err != nil { return nil, err } @@ -924,7 +864,7 @@ func (s *Server) UpdateSpec(ctx context.Context, q *application.ApplicationUpdat if q.Validate != nil { validate = *q.Validate } - a, err = s.validateAndUpdateApp(ctx, a, false, validate, rbacpolicy.ActionUpdate, q.GetProject()) + a, err = s.validateAndUpdateApp(ctx, a, false, validate, rbacpolicy.ActionUpdate) if err != nil { return nil, fmt.Errorf("error validating and updating app: %w", err) } @@ -933,7 +873,7 @@ func (s *Server) UpdateSpec(ctx context.Context, q *application.ApplicationUpdat // Patch patches an application func (s *Server) Patch(ctx context.Context, q *application.ApplicationPatchRequest) (*appv1.Application, error) { - app, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetName(), "") + app, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetName(), "") if err != nil { return nil, err } @@ -973,14 +913,14 @@ func (s *Server) Patch(ctx context.Context, q *application.ApplicationPatchReque if err != nil { return nil, fmt.Errorf("error unmarshaling patched app: %w", err) } - return s.validateAndUpdateApp(ctx, newApp, false, true, rbacpolicy.ActionUpdate, q.GetProject()) + return s.validateAndUpdateApp(ctx, newApp, false, true, rbacpolicy.ActionUpdate) } // Delete removes an application and all associated resources func (s *Server) Delete(ctx context.Context, q *application.ApplicationDeleteRequest) (*application.ApplicationResponse, error) { appName := q.GetName() appNs := s.appNamespaceOrDefault(q.GetAppNamespace()) - a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, q.GetProject(), appNs, appName, "") + a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, appNs, appName, "") if err != nil { return nil, err } @@ -1040,31 +980,6 @@ func (s *Server) Delete(ctx context.Context, q *application.ApplicationDeleteReq return &application.ApplicationResponse{}, nil } -func (s *Server) isApplicationPermitted(selector labels.Selector, minVersion int, claims any, appName, appNs string, projects map[string]bool, a appv1.Application) bool { - if len(projects) > 0 && !projects[a.Spec.GetProject()] { - return false - } - - if appVersion, err := strconv.Atoi(a.ResourceVersion); err == nil && appVersion < minVersion { - return false - } - matchedEvent := (appName == "" || (a.Name == appName && a.Namespace == appNs)) && selector.Matches(labels.Set(a.Labels)) - if !matchedEvent { - return false - } - - if !s.isNamespaceEnabled(a.Namespace) { - return false - } - - if !s.enf.Enforce(claims, rbacpolicy.ResourceApplications, rbacpolicy.ActionGet, a.RBACName(s.ns)) { - // do not emit apps user does not have accessing - return false - } - - return true -} - func (s *Server) Watch(q *application.ApplicationQuery, ws application.ApplicationService_WatchServer) error { appName := q.GetName() appNs := s.appNamespaceOrDefault(q.GetAppNamespace()) @@ -1091,8 +1006,20 @@ func (s *Server) Watch(q *application.ApplicationQuery, ws application.Applicati // sendIfPermitted is a helper to send the application to the client's streaming channel if the // caller has RBAC privileges permissions to view it sendIfPermitted := func(a appv1.Application, eventType watch.EventType) { - permitted := s.isApplicationPermitted(selector, minVersion, claims, appName, appNs, projects, a) - if !permitted { + if len(projects) > 0 && !projects[a.Spec.GetProject()] { + return + } + + if appVersion, err := strconv.Atoi(a.ResourceVersion); err == nil && appVersion < minVersion { + return + } + matchedEvent := (appName == "" || (a.Name == appName && a.Namespace == appNs)) && selector.Matches(labels.Set(a.Labels)) + if !matchedEvent { + return + } + + if !s.enf.Enforce(claims, rbacpolicy.ResourceApplications, rbacpolicy.ActionGet, a.RBACName(s.ns)) { + // do not emit apps user does not have accessing return } s.inferResourcesStatusHealth(&a) @@ -1169,16 +1096,19 @@ func (s *Server) validateAndNormalizeApp(ctx context.Context, app *appv1.Applica return err } } + plugins, err := s.plugins() + if err != nil { + return fmt.Errorf("error getting plugins: %w", err) + } if err := argo.ValidateDestination(ctx, &app.Spec.Destination, s.db); err != nil { return status.Errorf(codes.InvalidArgument, "application destination spec for %s is invalid: %s", app.Name, err.Error()) } var conditions []appv1.ApplicationCondition - if validate { conditions := make([]appv1.ApplicationCondition, 0) - condition, err := argo.ValidateRepo(ctx, app, s.repoClientset, s.db, s.kubectl, proj, s.settingsMgr) + condition, err := argo.ValidateRepo(ctx, app, s.repoClientset, s.db, plugins, s.kubectl, proj, s.settingsMgr) if err != nil { return fmt.Errorf("error validating the repo: %w", err) } @@ -1248,7 +1178,7 @@ func (s *Server) getAppResources(ctx context.Context, a *appv1.Application) (*ap } func (s *Server) getAppLiveResource(ctx context.Context, action string, q *application.ApplicationResourceRequest) (*appv1.ResourceNode, *rest.Config, *appv1.Application, error) { - a, err := s.getApplicationEnforceRBACInformer(ctx, action, q.GetProject(), q.GetAppNamespace(), q.GetName()) + a, err := s.getApplicationEnforceRBACInformer(ctx, action, q.GetAppNamespace(), q.GetName()) if err != nil { return nil, nil, nil, err } @@ -1315,7 +1245,6 @@ func (s *Server) PatchResource(ctx context.Context, q *application.ApplicationRe Kind: q.Kind, Version: q.Version, Group: q.Group, - Project: q.Project, } res, config, a, err := s.getAppLiveResource(ctx, rbacpolicy.ActionUpdate, resourceRequest) if err != nil { @@ -1358,7 +1287,6 @@ func (s *Server) DeleteResource(ctx context.Context, q *application.ApplicationR Kind: q.Kind, Version: q.Version, Group: q.Group, - Project: q.Project, } res, config, a, err := s.getAppLiveResource(ctx, rbacpolicy.ActionDelete, resourceRequest) if err != nil { @@ -1385,7 +1313,7 @@ func (s *Server) DeleteResource(ctx context.Context, q *application.ApplicationR } func (s *Server) ResourceTree(ctx context.Context, q *application.ResourcesQuery) (*appv1.ApplicationTree, error) { - a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetApplicationName()) + a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetApplicationName()) if err != nil { return nil, err } @@ -1394,7 +1322,7 @@ func (s *Server) ResourceTree(ctx context.Context, q *application.ResourcesQuery } func (s *Server) WatchResourceTree(q *application.ResourcesQuery, ws application.ApplicationService_WatchResourceTreeServer) error { - _, err := s.getApplicationEnforceRBACInformer(ws.Context(), rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetApplicationName()) + _, err := s.getApplicationEnforceRBACInformer(ws.Context(), rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetApplicationName()) if err != nil { return err } @@ -1410,7 +1338,7 @@ func (s *Server) WatchResourceTree(q *application.ResourcesQuery, ws application } func (s *Server) RevisionMetadata(ctx context.Context, q *application.RevisionMetadataQuery) (*appv1.RevisionMetadata, error) { - a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetName()) + a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetName()) if err != nil { return nil, err } @@ -1438,31 +1366,6 @@ func (s *Server) RevisionMetadata(ctx context.Context, q *application.RevisionMe }) } -// RevisionChartDetails returns the helm chart metadata, as fetched from the reposerver -func (s *Server) RevisionChartDetails(ctx context.Context, q *application.RevisionMetadataQuery) (*appv1.ChartDetails, error) { - a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetName()) - if err != nil { - return nil, err - } - if a.Spec.Source.Chart == "" { - return nil, fmt.Errorf("no chart found for application: %v", a.QualifiedName()) - } - repo, err := s.db.GetRepository(ctx, a.Spec.Source.RepoURL) - if err != nil { - return nil, fmt.Errorf("error getting repository by URL: %w", err) - } - conn, repoClient, err := s.repoClientset.NewRepoServerClient() - if err != nil { - return nil, fmt.Errorf("error creating repo server client: %w", err) - } - defer ioutil.Close(conn) - return repoClient.GetRevisionChartDetails(ctx, &apiclient.RepoServerRevisionChartDetailsRequest{ - Repo: repo, - Name: a.Spec.Source.Chart, - Revision: q.GetRevision(), - }) -} - func isMatchingResource(q *application.ResourcesQuery, key kube.ResourceKey) bool { return (q.GetName() == "" || q.GetName() == key.Name) && (q.GetNamespace() == "" || q.GetNamespace() == key.Namespace) && @@ -1471,7 +1374,7 @@ func isMatchingResource(q *application.ResourcesQuery, key kube.ResourceKey) boo } func (s *Server) ManagedResources(ctx context.Context, q *application.ResourcesQuery) (*application.ManagedResourcesResponse, error) { - a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetApplicationName()) + a, err := s.getApplicationEnforceRBACInformer(ctx, rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetApplicationName()) if err != nil { return nil, err } @@ -1528,7 +1431,7 @@ func (s *Server) PodLogs(q *application.ApplicationPodLogsQuery, ws application. } } - a, err := s.getApplicationEnforceRBACInformer(ws.Context(), rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetName()) + a, err := s.getApplicationEnforceRBACInformer(ws.Context(), rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetName()) if err != nil { return err } @@ -1720,7 +1623,7 @@ func isTheSelectedOne(currentNode *appv1.ResourceNode, q *application.Applicatio // Sync syncs an application to its target state func (s *Server) Sync(ctx context.Context, syncReq *application.ApplicationSyncRequest) (*appv1.Application, error) { - a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, syncReq.GetProject(), syncReq.GetAppNamespace(), syncReq.GetName(), "") + a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, syncReq.GetAppNamespace(), syncReq.GetName(), "") if err != nil { return nil, err } @@ -1829,7 +1732,7 @@ func (s *Server) Sync(ctx context.Context, syncReq *application.ApplicationSyncR } func (s *Server) Rollback(ctx context.Context, rollbackReq *application.ApplicationRollbackRequest) (*appv1.Application, error) { - a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionSync, rollbackReq.GetProject(), rollbackReq.GetAppNamespace(), rollbackReq.GetName(), "") + a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionSync, rollbackReq.GetAppNamespace(), rollbackReq.GetName(), "") if err != nil { return nil, err } @@ -1888,7 +1791,7 @@ func (s *Server) Rollback(ctx context.Context, rollbackReq *application.Applicat } func (s *Server) ListLinks(ctx context.Context, req *application.ListAppLinksRequest) (*application.LinksResponse, error) { - a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, req.GetProject(), req.GetNamespace(), req.GetName(), "") + a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, req.GetNamespace(), req.GetName(), "") if err != nil { return nil, err } @@ -2042,7 +1945,7 @@ func (s *Server) resolveRevision(ctx context.Context, app *appv1.Application, sy func (s *Server) TerminateOperation(ctx context.Context, termOpReq *application.OperationTerminateRequest) (*application.OperationTerminateResponse, error) { appName := termOpReq.GetName() appNs := s.appNamespaceOrDefault(termOpReq.GetAppNamespace()) - a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionSync, termOpReq.GetProject(), appNs, appName, "") + a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionSync, appNs, appName, "") if err != nil { return nil, err } @@ -2115,7 +2018,7 @@ func (s *Server) ListResourceActions(ctx context.Context, q *application.Applica func (s *Server) getUnstructuredLiveResourceOrApp(ctx context.Context, rbacRequest string, q *application.ApplicationResourceRequest) (obj *unstructured.Unstructured, res *appv1.ResourceNode, app *appv1.Application, config *rest.Config, err error) { if q.GetKind() == applicationType.ApplicationKind && q.GetGroup() == applicationType.Group && q.GetName() == q.GetResourceName() { - app, err = s.getApplicationEnforceRBACInformer(ctx, rbacRequest, q.GetProject(), q.GetAppNamespace(), q.GetName()) + app, err = s.getApplicationEnforceRBACInformer(ctx, rbacRequest, q.GetAppNamespace(), q.GetName()) if err != nil { return nil, nil, nil, nil, err } @@ -2133,7 +2036,6 @@ func (s *Server) getUnstructuredLiveResourceOrApp(ctx context.Context, rbacReque return nil, nil, nil, nil, err } obj, err = s.kubectl.GetResource(ctx, config, res.GroupKindVersion(), res.Name, res.Namespace) - } if err != nil { return nil, nil, nil, nil, fmt.Errorf("error getting resource: %w", err) @@ -2170,7 +2072,6 @@ func (s *Server) RunResourceAction(ctx context.Context, q *application.ResourceA Kind: q.Kind, Version: q.Version, Group: q.Group, - Project: q.Project, } actionRequest := fmt.Sprintf("%s/%s/%s/%s", rbacpolicy.ActionAction, q.GetGroup(), q.GetKind(), q.GetAction()) liveObj, res, a, config, err := s.getUnstructuredLiveResourceOrApp(ctx, actionRequest, resourceRequest) @@ -2178,11 +2079,6 @@ func (s *Server) RunResourceAction(ctx context.Context, q *application.ResourceA return nil, err } - liveObjBytes, err := json.Marshal(liveObj) - if err != nil { - return nil, fmt.Errorf("error marshaling live object: %w", err) - } - resourceOverrides, err := s.settingsMgr.GetResourceOverrides() if err != nil { return nil, fmt.Errorf("error getting resource overrides: %w", err) @@ -2196,80 +2092,21 @@ func (s *Server) RunResourceAction(ctx context.Context, q *application.ResourceA return nil, fmt.Errorf("error getting Lua resource action: %w", err) } - newObjects, err := luaVM.ExecuteResourceAction(liveObj, action.ActionLua) + newObj, err := luaVM.ExecuteResourceAction(liveObj, action.ActionLua) if err != nil { return nil, fmt.Errorf("error executing Lua resource action: %w", err) } - var app *appv1.Application - // Only bother getting the app if we know we're going to need it for a resource permission check. - if len(newObjects) > 0 { - // No need for an RBAC check, we checked above that the user is allowed to run this action. - app, err = s.appLister.Applications(s.appNamespaceOrDefault(q.GetAppNamespace())).Get(q.GetName()) - if err != nil { - return nil, err - } - } - - // First, make sure all the returned resources are permitted, for each operation. - // Also perform create with dry-runs for all create-operation resources. - // This is performed separately to reduce the risk of only some of the resources being successfully created later. - // TODO: when apply/delete operations would be supported for custom actions, - // the dry-run for relevant apply/delete operation would have to be invoked as well. - for _, impactedResource := range newObjects { - newObj := impactedResource.UnstructuredObj - err := s.verifyResourcePermitted(ctx, app, newObj) - if err != nil { - return nil, err - } - switch impactedResource.K8SOperation { - case lua.CreateOperation: - createOptions := metav1.CreateOptions{DryRun: []string{"All"}} - _, err := s.kubectl.CreateResource(ctx, config, newObj.GroupVersionKind(), newObj.GetName(), newObj.GetNamespace(), newObj, createOptions) - if err != nil { - return nil, err - } - } - } - - // Now, perform the actual operations. - // The creation itself is not transactional. - // TODO: maybe create a k8s list representation of the resources, - // and invoke create on this list resource to make it semi-transactional (there is still patch operation that is separate, - // thus can fail separately from create). - for _, impactedResource := range newObjects { - newObj := impactedResource.UnstructuredObj - newObjBytes, err := json.Marshal(newObj) - - if err != nil { - return nil, fmt.Errorf("error marshaling new object: %w", err) - } - - switch impactedResource.K8SOperation { - // No default case since a not supported operation would have failed upon unmarshaling earlier - case lua.PatchOperation: - _, err := s.patchResource(ctx, config, liveObjBytes, newObjBytes, newObj) - if err != nil { - return nil, err - } - case lua.CreateOperation: - _, err := s.createResource(ctx, config, newObj) - if err != nil { - return nil, err - } - } + newObjBytes, err := json.Marshal(newObj) + if err != nil { + return nil, fmt.Errorf("error marshaling new object: %w", err) } - if res == nil { - s.logAppEvent(a, ctx, argo.EventReasonResourceActionRan, fmt.Sprintf("ran action %s", q.GetAction())) - } else { - s.logAppEvent(a, ctx, argo.EventReasonResourceActionRan, fmt.Sprintf("ran action %s on resource %s/%s/%s", q.GetAction(), res.Group, res.Kind, res.Name)) - s.logResourceEvent(res, ctx, argo.EventReasonResourceActionRan, fmt.Sprintf("ran action %s", q.GetAction())) + liveObjBytes, err := json.Marshal(liveObj) + if err != nil { + return nil, fmt.Errorf("error marshaling live object: %w", err) } - return &application.ApplicationResponse{}, nil -} -func (s *Server) patchResource(ctx context.Context, config *rest.Config, liveObjBytes, newObjBytes []byte, newObj *unstructured.Unstructured) (*application.ApplicationResponse, error) { diffBytes, err := jsonpatch.CreateMergePatch(liveObjBytes, newObjBytes) if err != nil { return nil, fmt.Errorf("error calculating merge patch: %w", err) @@ -2309,38 +2146,12 @@ func (s *Server) patchResource(ctx context.Context, config *rest.Config, liveObj return nil, fmt.Errorf("error patching resource: %w", err) } } - return &application.ApplicationResponse{}, nil -} -func (s *Server) verifyResourcePermitted(ctx context.Context, app *appv1.Application, obj *unstructured.Unstructured) error { - proj, err := argo.GetAppProject(app, applisters.NewAppProjectLister(s.projInformer.GetIndexer()), s.ns, s.settingsMgr, s.db, ctx) - if err != nil { - if apierr.IsNotFound(err) { - return fmt.Errorf("application references project %s which does not exist", app.Spec.Project) - } - return fmt.Errorf("failed to get project %s: %w", app.Spec.Project, err) - } - permitted, err := proj.IsResourcePermitted(schema.GroupKind{Group: obj.GroupVersionKind().Group, Kind: obj.GroupVersionKind().Kind}, obj.GetNamespace(), app.Spec.Destination, func(project string) ([]*appv1.Cluster, error) { - clusters, err := s.db.GetProjectClusters(context.TODO(), project) - if err != nil { - return nil, fmt.Errorf("failed to get project clusters: %w", err) - } - return clusters, nil - }) - if err != nil { - return fmt.Errorf("error checking resource permissions: %w", err) - } - if !permitted { - return fmt.Errorf("application %s is not permitted to manage %s/%s/%s in %s", app.RBACName(s.ns), obj.GroupVersionKind().Group, obj.GroupVersionKind().Kind, obj.GetName(), obj.GetNamespace()) - } - - return nil -} - -func (s *Server) createResource(ctx context.Context, config *rest.Config, newObj *unstructured.Unstructured) (*application.ApplicationResponse, error) { - _, err := s.kubectl.CreateResource(ctx, config, newObj.GroupVersionKind(), newObj.GetName(), newObj.GetNamespace(), newObj, metav1.CreateOptions{}) - if err != nil { - return nil, fmt.Errorf("error creating resource: %w", err) + if res == nil { + s.logAppEvent(a, ctx, argo.EventReasonResourceActionRan, fmt.Sprintf("ran action %s", q.GetAction())) + } else { + s.logAppEvent(a, ctx, argo.EventReasonResourceActionRan, fmt.Sprintf("ran action %s on resource %s/%s/%s", q.GetAction(), res.Group, res.Kind, res.Name)) + s.logResourceEvent(res, ctx, argo.EventReasonResourceActionRan, fmt.Sprintf("ran action %s", q.GetAction())) } return &application.ApplicationResponse{}, nil } @@ -2378,8 +2189,21 @@ func splitStatusPatch(patch []byte) ([]byte, []byte, error) { return nonStatusPatch, statusPatch, nil } +func (s *Server) plugins() ([]*appv1.ConfigManagementPlugin, error) { + plugins, err := s.settingsMgr.GetConfigManagementPlugins() + if err != nil { + return nil, fmt.Errorf("error getting config management plugin: %w", err) + } + tools := make([]*appv1.ConfigManagementPlugin, len(plugins)) + for i, p := range plugins { + p := p + tools[i] = &p + } + return tools, nil +} + func (s *Server) GetApplicationSyncWindows(ctx context.Context, q *application.ApplicationSyncWindowsQuery) (*application.ApplicationSyncWindowsResponse, error) { - a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, q.GetProject(), q.GetAppNamespace(), q.GetName(), "") + a, err := s.getApplicationEnforceRBACClient(ctx, rbacpolicy.ActionGet, q.GetAppNamespace(), q.GetName(), "") if err != nil { return nil, err } diff --git a/server/application/application.proto b/server/application/application.proto index 53f161795902d..c5a377259c30e 100644 --- a/server/application/application.proto +++ b/server/application/application.proto @@ -13,11 +13,7 @@ import "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1/generated.p import "github.com/argoproj/argo-cd/v2/reposerver/repository/repository.proto"; -// ApplicationQuery is a query for application resources. When getting multiple applications, the "projects" field acts -// as a filter. When getting a single application, you may specify either zero or one project. If you specify zero -// projects, the application will be returned regardless of which project it belongs to (assuming you have access). If -// you specify one project, the application will only be returned if it exists and belongs to the specified project. -// Otherwise you will receive a 404. +// ApplicationQuery is a query for application resources message ApplicationQuery { // the application's name optional string name = 1; @@ -50,7 +46,6 @@ message RevisionMetadataQuery{ required string revision = 2; // the application's namespace optional string appNamespace = 3; - optional string project = 4; } // ApplicationEventsQuery is a query for application resource events @@ -60,7 +55,6 @@ message ApplicationResourceEventsQuery { optional string resourceName = 3; optional string resourceUID = 4; optional string appNamespace = 5; - optional string project = 6; } // ManifestQuery is a query for manifest resources @@ -68,7 +62,6 @@ message ApplicationManifestQuery { required string name = 1; optional string revision = 2; optional string appNamespace = 3; - optional string project = 4; } message FileChunk { @@ -79,7 +72,6 @@ message ApplicationManifestQueryWithFiles { required string name = 1; required string checksum = 2; optional string appNamespace = 3; - optional string project = 4; } message ApplicationManifestQueryWithFilesWrapper { @@ -100,7 +92,6 @@ message ApplicationCreateRequest { message ApplicationUpdateRequest { required github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.Application application = 1; optional bool validate = 2; - optional string project = 3; } message ApplicationDeleteRequest { @@ -108,7 +99,6 @@ message ApplicationDeleteRequest { optional bool cascade = 2; optional string propagationPolicy = 3; optional string appNamespace = 4; - optional string project = 5; } message SyncOptions { @@ -128,7 +118,6 @@ message ApplicationSyncRequest { optional github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.RetryStrategy retryStrategy = 10; optional SyncOptions syncOptions = 11; optional string appNamespace = 12; - optional string project = 13; } // ApplicationUpdateSpecRequest is a request to update application spec @@ -137,7 +126,6 @@ message ApplicationUpdateSpecRequest { required github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ApplicationSpec spec = 2; optional bool validate = 3; optional string appNamespace = 4; - optional string project = 5; } // ApplicationPatchRequest is a request to patch an application @@ -146,7 +134,6 @@ message ApplicationPatchRequest { required string patch = 2; required string patchType = 3; optional string appNamespace = 5; - optional string project = 6; } message ApplicationRollbackRequest { @@ -155,7 +142,6 @@ message ApplicationRollbackRequest { optional bool dryRun = 3; optional bool prune = 4; optional string appNamespace = 6; - optional string project = 7; } message ApplicationResourceRequest { @@ -166,7 +152,6 @@ message ApplicationResourceRequest { optional string group = 5; required string kind = 6; optional string appNamespace = 7; - optional string project = 8; } message ApplicationResourcePatchRequest { @@ -179,7 +164,6 @@ message ApplicationResourcePatchRequest { required string patch = 7; required string patchType = 8; optional string appNamespace = 9; - optional string project = 10; } message ApplicationResourceDeleteRequest { @@ -192,7 +176,6 @@ message ApplicationResourceDeleteRequest { optional bool force = 7; optional bool orphan = 8; optional string appNamespace = 9; - optional string project = 10; } message ResourceActionRunRequest { @@ -204,7 +187,6 @@ message ResourceActionRunRequest { required string kind = 6; required string action = 7; optional string appNamespace = 8; - optional string project = 9; } message ResourceActionsListResponse { @@ -231,7 +213,6 @@ message ApplicationPodLogsQuery { optional string resourceName = 13 ; optional bool previous = 14; optional string appNamespace = 15; - optional string project = 16; } message LogEntry { @@ -246,13 +227,11 @@ message LogEntry { message OperationTerminateRequest { required string name = 1; optional string appNamespace = 2; - optional string project = 3; } message ApplicationSyncWindowsQuery { required string name = 1; optional string appNamespace = 2; - optional string project = 3; } message ApplicationSyncWindowsResponse { @@ -281,7 +260,6 @@ message ResourcesQuery { optional string group = 5; optional string kind = 6; optional string appNamespace = 7; - optional string project = 8; } message ManagedResourcesResponse { @@ -302,7 +280,6 @@ message LinksResponse { message ListAppLinksRequest { required string name = 1; optional string namespace = 3; - optional string project = 4; } @@ -347,11 +324,6 @@ service ApplicationService { option (google.api.http).get = "/api/v1/applications/{name}/revisions/{revision}/metadata"; } - // Get the chart metadata (description, maintainers, home) for a specific revision of the application - rpc RevisionChartDetails (RevisionMetadataQuery) returns (github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ChartDetails) { - option (google.api.http).get = "/api/v1/applications/{name}/revisions/{revision}/chartdetails"; - } - // GetManifests returns application manifests rpc GetManifests (ApplicationManifestQuery) returns (repository.ManifestResponse) { option (google.api.http).get = "/api/v1/applications/{name}/manifests"; diff --git a/server/application/application_test.go b/server/application/application_test.go index 57b740a6f1ea4..7b8526908080f 100644 --- a/server/application/application_test.go +++ b/server/application/application_test.go @@ -10,13 +10,12 @@ import ( "testing" "time" - "k8s.io/apimachinery/pkg/labels" - "github.com/argoproj/gitops-engine/pkg/health" synccommon "github.com/argoproj/gitops-engine/pkg/sync/common" "github.com/argoproj/gitops-engine/pkg/utils/kube" "github.com/argoproj/gitops-engine/pkg/utils/kube/kubetest" "github.com/argoproj/pkg/sync" + "github.com/ghodss/yaml" "github.com/golang-jwt/jwt/v4" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" @@ -25,8 +24,6 @@ import ( "google.golang.org/grpc/metadata" "google.golang.org/grpc/status" k8sappsv1 "k8s.io/api/apps/v1" - k8sbatchv1 "k8s.io/api/batch/v1" - corev1 "k8s.io/api/core/v1" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" @@ -38,7 +35,6 @@ import ( kubetesting "k8s.io/client-go/testing" k8scache "k8s.io/client-go/tools/cache" "k8s.io/utils/pointer" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apiclient/application" @@ -90,14 +86,14 @@ func fakeAppList() *apiclient.AppList { } } -func fakeResolveRevisionResponse() *apiclient.ResolveRevisionResponse { +func fakeResolveRevesionResponse() *apiclient.ResolveRevisionResponse { return &apiclient.ResolveRevisionResponse{ Revision: "f9ba9e98119bf8c1176fbd65dbae26a71d044add", AmbiguousRevision: "HEAD (f9ba9e98119bf8c1176fbd65dbae26a71d044add)", } } -func fakeResolveRevisionResponseHelm() *apiclient.ResolveRevisionResponse { +func fakeResolveRevesionResponseHelm() *apiclient.ResolveRevisionResponse { return &apiclient.ResolveRevisionResponse{ Revision: "0.7.*", AmbiguousRevision: "0.7.* (0.7.2)", @@ -115,12 +111,11 @@ func fakeRepoServerClient(isHelm bool) *mocks.RepoServerServiceClient { mockWithFilesClient.On("Send", mock.Anything).Return(nil) mockWithFilesClient.On("CloseAndRecv").Return(&apiclient.ManifestResponse{}, nil) mockRepoServiceClient.On("GenerateManifestWithFiles", mock.Anything, mock.Anything).Return(mockWithFilesClient, nil) - mockRepoServiceClient.On("GetRevisionChartDetails", mock.Anything, mock.Anything).Return(&appsv1.ChartDetails{}, nil) if isHelm { - mockRepoServiceClient.On("ResolveRevision", mock.Anything, mock.Anything).Return(fakeResolveRevisionResponseHelm(), nil) + mockRepoServiceClient.On("ResolveRevision", mock.Anything, mock.Anything).Return(fakeResolveRevesionResponseHelm(), nil) } else { - mockRepoServiceClient.On("ResolveRevision", mock.Anything, mock.Anything).Return(fakeResolveRevisionResponse(), nil) + mockRepoServiceClient.On("ResolveRevision", mock.Anything, mock.Anything).Return(fakeResolveRevesionResponse(), nil) } return &mockRepoServiceClient @@ -571,7 +566,6 @@ type TestServerStream struct { ctx context.Context appName string headerSent bool - project string } func (t *TestServerStream) SetHeader(metadata.MD) error { @@ -606,7 +600,6 @@ func (t *TestServerStream) Recv() (*application.ApplicationManifestQueryWithFile return &application.ApplicationManifestQueryWithFilesWrapper{Part: &application.ApplicationManifestQueryWithFilesWrapper_Query{ Query: &application.ApplicationManifestQueryWithFiles{ Name: pointer.String(t.appName), - Project: pointer.String(t.project), Checksum: pointer.String(""), }, }}, nil @@ -727,49 +720,20 @@ func TestNoAppEnumeration(t *testing.T) { }, } }) - testHelmApp := newTestApp(func(app *appsv1.Application) { - app.Name = "test-helm" - app.Spec.Source.Path = "" - app.Spec.Source.Chart = "test" - app.Status.Resources = []appsv1.ResourceStatus{ - { - Group: deployment.GroupVersionKind().Group, - Kind: deployment.GroupVersionKind().Kind, - Version: deployment.GroupVersionKind().Version, - Name: deployment.Name, - Namespace: deployment.Namespace, - Status: "Synced", - }, - } - app.Status.History = []appsv1.RevisionHistory{ - { - ID: 0, - Source: appsv1.ApplicationSource{ - TargetRevision: "something-old", - }, - }, - } - }) testDeployment := kube.MustToUnstructured(&deployment) - appServer := newTestAppServerWithEnforcerConfigure(f, t, testApp, testHelmApp, testDeployment) + appServer := newTestAppServerWithEnforcerConfigure(f, t, testApp, testDeployment) noRoleCtx := context.Background() // nolint:staticcheck adminCtx := context.WithValue(noRoleCtx, "claims", &jwt.MapClaims{"groups": []string{"admin"}}) t.Run("Get", func(t *testing.T) { - // nolint:staticcheck _, err := appServer.Get(adminCtx, &application.ApplicationQuery{Name: pointer.String("test")}) assert.NoError(t, err) - // nolint:staticcheck _, err = appServer.Get(noRoleCtx, &application.ApplicationQuery{Name: pointer.String("test")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - // nolint:staticcheck _, err = appServer.Get(adminCtx, &application.ApplicationQuery{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - // nolint:staticcheck - _, err = appServer.Get(adminCtx, &application.ApplicationQuery{Name: pointer.String("doest-not-exist"), Project: []string{"test"}}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("GetManifests", func(t *testing.T) { @@ -779,8 +743,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.GetManifests(adminCtx, &application.ApplicationManifestQuery{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.GetManifests(adminCtx, &application.ApplicationManifestQuery{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("ListResourceEvents", func(t *testing.T) { @@ -790,8 +752,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.ListResourceEvents(adminCtx, &application.ApplicationResourceEventsQuery{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.ListResourceEvents(adminCtx, &application.ApplicationResourceEventsQuery{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("UpdateSpec", func(t *testing.T) { @@ -810,11 +770,6 @@ func TestNoAppEnumeration(t *testing.T) { Source: &appsv1.ApplicationSource{RepoURL: "https://some-fake-source", Path: "."}, }}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.UpdateSpec(adminCtx, &application.ApplicationUpdateSpecRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test"), Spec: &appsv1.ApplicationSpec{ - Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.com"}, - Source: &appsv1.ApplicationSource{RepoURL: "https://some-fake-source", Path: "."}, - }}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("Patch", func(t *testing.T) { @@ -824,8 +779,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.Patch(adminCtx, &application.ApplicationPatchRequest{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.Patch(adminCtx, &application.ApplicationPatchRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("GetResource", func(t *testing.T) { @@ -835,8 +788,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.GetResource(adminCtx, &application.ApplicationResourceRequest{Name: pointer.String("doest-not-exist"), ResourceName: pointer.String("test"), Group: pointer.String("apps"), Kind: pointer.String("Deployment"), Namespace: pointer.String("test")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.GetResource(adminCtx, &application.ApplicationResourceRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test"), ResourceName: pointer.String("test"), Group: pointer.String("apps"), Kind: pointer.String("Deployment"), Namespace: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("PatchResource", func(t *testing.T) { @@ -848,8 +799,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.PatchResource(adminCtx, &application.ApplicationResourcePatchRequest{Name: pointer.String("doest-not-exist"), ResourceName: pointer.String("test"), Group: pointer.String("apps"), Kind: pointer.String("Deployment"), Namespace: pointer.String("test"), Patch: pointer.String(`[{"op": "replace", "path": "/spec/replicas", "value": 3}]`)}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.PatchResource(adminCtx, &application.ApplicationResourcePatchRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test"), ResourceName: pointer.String("test"), Group: pointer.String("apps"), Kind: pointer.String("Deployment"), Namespace: pointer.String("test"), Patch: pointer.String(`[{"op": "replace", "path": "/spec/replicas", "value": 3}]`)}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("DeleteResource", func(t *testing.T) { @@ -859,8 +808,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.DeleteResource(adminCtx, &application.ApplicationResourceDeleteRequest{Name: pointer.String("doest-not-exist"), ResourceName: pointer.String("test"), Group: pointer.String("apps"), Kind: pointer.String("Deployment"), Namespace: pointer.String("test")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.DeleteResource(adminCtx, &application.ApplicationResourceDeleteRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test"), ResourceName: pointer.String("test"), Group: pointer.String("apps"), Kind: pointer.String("Deployment"), Namespace: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("ResourceTree", func(t *testing.T) { @@ -870,8 +817,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.ResourceTree(adminCtx, &application.ResourcesQuery{ApplicationName: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.ResourceTree(adminCtx, &application.ResourcesQuery{ApplicationName: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("RevisionMetadata", func(t *testing.T) { @@ -881,19 +826,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.RevisionMetadata(adminCtx, &application.RevisionMetadataQuery{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.RevisionMetadata(adminCtx, &application.RevisionMetadataQuery{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") - }) - - t.Run("RevisionChartDetails", func(t *testing.T) { - _, err := appServer.RevisionChartDetails(adminCtx, &application.RevisionMetadataQuery{Name: pointer.String("test-helm")}) - assert.NoError(t, err) - _, err = appServer.RevisionChartDetails(noRoleCtx, &application.RevisionMetadataQuery{Name: pointer.String("test-helm")}) - assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.RevisionChartDetails(adminCtx, &application.RevisionMetadataQuery{Name: pointer.String("doest-not-exist")}) - assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.RevisionChartDetails(adminCtx, &application.RevisionMetadataQuery{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("ManagedResources", func(t *testing.T) { @@ -903,8 +835,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.ManagedResources(adminCtx, &application.ResourcesQuery{ApplicationName: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.ManagedResources(adminCtx, &application.ResourcesQuery{ApplicationName: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("Sync", func(t *testing.T) { @@ -914,8 +844,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.Sync(adminCtx, &application.ApplicationSyncRequest{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.Sync(adminCtx, &application.ApplicationSyncRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("TerminateOperation", func(t *testing.T) { @@ -928,8 +856,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.TerminateOperation(adminCtx, &application.OperationTerminateRequest{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.TerminateOperation(adminCtx, &application.OperationTerminateRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("Rollback", func(t *testing.T) { @@ -940,8 +866,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.Rollback(adminCtx, &application.ApplicationRollbackRequest{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.Rollback(adminCtx, &application.ApplicationRollbackRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("ListResourceActions", func(t *testing.T) { @@ -953,8 +877,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.ListResourceActions(adminCtx, &application.ApplicationResourceRequest{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.ListResourceActions(adminCtx, &application.ApplicationResourceRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("RunResourceAction", func(t *testing.T) { @@ -966,8 +888,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.RunResourceAction(adminCtx, &application.ResourceActionRunRequest{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.RunResourceAction(adminCtx, &application.ResourceActionRunRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("GetApplicationSyncWindows", func(t *testing.T) { @@ -977,8 +897,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.GetApplicationSyncWindows(adminCtx, &application.ApplicationSyncWindowsQuery{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.GetApplicationSyncWindows(adminCtx, &application.ApplicationSyncWindowsQuery{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("GetManifestsWithFiles", func(t *testing.T) { @@ -988,8 +906,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") err = appServer.GetManifestsWithFiles(&TestServerStream{ctx: adminCtx, appName: "does-not-exist"}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - err = appServer.GetManifestsWithFiles(&TestServerStream{ctx: adminCtx, appName: "does-not-exist", project: "test"}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"does-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("WatchResourceTree", func(t *testing.T) { @@ -999,8 +915,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") err = appServer.WatchResourceTree(&application.ResourcesQuery{ApplicationName: pointer.String("does-not-exist")}, &TestResourceTreeServer{ctx: adminCtx}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - err = appServer.WatchResourceTree(&application.ResourcesQuery{ApplicationName: pointer.String("does-not-exist"), Project: pointer.String("test")}, &TestResourceTreeServer{ctx: adminCtx}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"does-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("PodLogs", func(t *testing.T) { @@ -1010,8 +924,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") err = appServer.PodLogs(&application.ApplicationPodLogsQuery{Name: pointer.String("does-not-exist")}, &TestPodLogsServer{ctx: adminCtx}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - err = appServer.PodLogs(&application.ApplicationPodLogsQuery{Name: pointer.String("does-not-exist"), Project: pointer.String("test")}, &TestPodLogsServer{ctx: adminCtx}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"does-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("ListLinks", func(t *testing.T) { @@ -1021,8 +933,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.ListLinks(adminCtx, &application.ListAppLinksRequest{Name: pointer.String("does-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.ListLinks(adminCtx, &application.ListAppLinksRequest{Name: pointer.String("does-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"does-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) t.Run("ListResourceLinks", func(t *testing.T) { @@ -1032,8 +942,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.ListResourceLinks(adminCtx, &application.ApplicationResourceRequest{Name: pointer.String("does-not-exist"), ResourceName: pointer.String("test"), Group: pointer.String("apps"), Kind: pointer.String("Deployment"), Namespace: pointer.String("test")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.ListResourceLinks(adminCtx, &application.ApplicationResourceRequest{Name: pointer.String("does-not-exist"), ResourceName: pointer.String("test"), Group: pointer.String("apps"), Kind: pointer.String("Deployment"), Namespace: pointer.String("test"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"does-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) // Do this last so other stuff doesn't fail. @@ -1044,8 +952,6 @@ func TestNoAppEnumeration(t *testing.T) { assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") _, err = appServer.Delete(adminCtx, &application.ApplicationDeleteRequest{Name: pointer.String("doest-not-exist")}) assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence") - _, err = appServer.Delete(adminCtx, &application.ApplicationDeleteRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test")}) - assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message") }) } @@ -1705,7 +1611,7 @@ p, admin, applications, update, default/test-app, allow p, admin, applications, create, my-proj/test-app, allow `) _, err := appServer.Update(ctx, &application.ApplicationUpdateRequest{Application: testApp}) - assert.Equal(t, codes.PermissionDenied, status.Code(err)) + assert.Equal(t, status.Code(err), codes.PermissionDenied) }) t.Run("cannot change projects without update privileges in old project", func(t *testing.T) { @@ -1968,7 +1874,7 @@ func TestLogsGetSelectedPod(t *testing.T) { // refreshAnnotationRemover runs an infinite loop until it detects and removes refresh annotation or given context is done func refreshAnnotationRemover(t *testing.T, ctx context.Context, patched *int32, appServer *Server, appName string, ch chan string) { for ctx.Err() == nil { - aName, appNs := argo.ParseFromQualifiedName(appName, appServer.ns) + aName, appNs := argo.ParseAppQualifiedName(appName, appServer.ns) a, err := appServer.appLister.Applications(appNs).Get(aName) require.NoError(t, err) a = a.DeepCopy() @@ -2091,255 +1997,3 @@ func TestInferResourcesStatusHealth(t *testing.T) { assert.Equal(t, health.HealthStatusDegraded, testApp.Status.Resources[0].Health.Status) assert.Nil(t, testApp.Status.Resources[1].Health) } - -func TestRunNewStyleResourceAction(t *testing.T) { - cacheClient := cacheutil.NewCache(cacheutil.NewInMemoryCache(1 * time.Hour)) - - group := "batch" - kind := "CronJob" - version := "v1" - resourceName := "my-cron-job" - namespace := testNamespace - action := "create-job" - uid := "1" - - resources := []appsv1.ResourceStatus{{ - Group: group, - Kind: kind, - Name: resourceName, - Namespace: testNamespace, - Version: version, - }} - - appStateCache := appstate.NewCache(cacheClient, time.Minute) - - nodes := []appsv1.ResourceNode{{ - ResourceRef: appsv1.ResourceRef{ - Group: group, - Kind: kind, - Version: version, - Name: resourceName, - Namespace: testNamespace, - UID: uid, - }, - }} - - createJobDenyingProj := &appsv1.AppProject{ - ObjectMeta: metav1.ObjectMeta{Name: "createJobDenyingProj", Namespace: "default"}, - Spec: appsv1.AppProjectSpec{ - SourceRepos: []string{"*"}, - Destinations: []appsv1.ApplicationDestination{{Server: "*", Namespace: "*"}}, - NamespaceResourceWhitelist: []metav1.GroupKind{{Group: "never", Kind: "mind"}}, - }, - } - - cronJob := k8sbatchv1.CronJob{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "batch/v1", - Kind: "CronJob", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "my-cron-job", - Namespace: testNamespace, - Labels: map[string]string{ - "some": "label", - }, - }, - Spec: k8sbatchv1.CronJobSpec{ - Schedule: "* * * * *", - JobTemplate: k8sbatchv1.JobTemplateSpec{ - Spec: k8sbatchv1.JobSpec{ - Template: corev1.PodTemplateSpec{ - Spec: corev1.PodSpec{ - Containers: []corev1.Container{ - { - Name: "hello", - Image: "busybox:1.28", - ImagePullPolicy: "IfNotPresent", - Command: []string{"/bin/sh", "-c", "date; echo Hello from the Kubernetes cluster"}, - }, - }, - RestartPolicy: corev1.RestartPolicyOnFailure, - }, - }, - }, - }, - }, - } - - t.Run("CreateOperationNotPermitted", func(t *testing.T) { - testApp := newTestApp() - testApp.Spec.Project = "createJobDenyingProj" - testApp.Status.ResourceHealthSource = appsv1.ResourceHealthLocationAppTree - testApp.Status.Resources = resources - - appServer := newTestAppServer(t, testApp, createJobDenyingProj, kube.MustToUnstructured(&cronJob)) - appServer.cache = servercache.NewCache(appStateCache, time.Minute, time.Minute, time.Minute) - - err := appStateCache.SetAppResourcesTree(testApp.Name, &appsv1.ApplicationTree{Nodes: nodes}) - require.NoError(t, err) - - appResponse, runErr := appServer.RunResourceAction(context.Background(), &application.ResourceActionRunRequest{ - Name: &testApp.Name, - Namespace: &namespace, - Action: &action, - AppNamespace: &testApp.Namespace, - ResourceName: &resourceName, - Version: &version, - Group: &group, - Kind: &kind, - }) - - assert.Contains(t, runErr.Error(), "is not permitted to manage") - assert.Nil(t, appResponse) - }) - - t.Run("CreateOperationPermitted", func(t *testing.T) { - testApp := newTestApp() - testApp.Status.ResourceHealthSource = appsv1.ResourceHealthLocationAppTree - testApp.Status.Resources = resources - - appServer := newTestAppServer(t, testApp, kube.MustToUnstructured(&cronJob)) - appServer.cache = servercache.NewCache(appStateCache, time.Minute, time.Minute, time.Minute) - - err := appStateCache.SetAppResourcesTree(testApp.Name, &appsv1.ApplicationTree{Nodes: nodes}) - require.NoError(t, err) - - appResponse, runErr := appServer.RunResourceAction(context.Background(), &application.ResourceActionRunRequest{ - Name: &testApp.Name, - Namespace: &namespace, - Action: &action, - AppNamespace: &testApp.Namespace, - ResourceName: &resourceName, - Version: &version, - Group: &group, - Kind: &kind, - }) - - require.NoError(t, runErr) - assert.NotNil(t, appResponse) - }) -} - -func TestRunOldStyleResourceAction(t *testing.T) { - cacheClient := cacheutil.NewCache(cacheutil.NewInMemoryCache(1 * time.Hour)) - - group := "apps" - kind := "Deployment" - version := "v1" - resourceName := "nginx-deploy" - namespace := testNamespace - action := "pause" - uid := "2" - - resources := []appsv1.ResourceStatus{{ - Group: group, - Kind: kind, - Name: resourceName, - Namespace: testNamespace, - Version: version, - }} - - appStateCache := appstate.NewCache(cacheClient, time.Minute) - - nodes := []appsv1.ResourceNode{{ - ResourceRef: appsv1.ResourceRef{ - Group: group, - Kind: kind, - Version: version, - Name: resourceName, - Namespace: testNamespace, - UID: uid, - }, - }} - - deployment := k8sappsv1.Deployment{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "apps/v1", - Kind: "Deployment", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "nginx-deploy", - Namespace: testNamespace, - }, - } - - t.Run("DefaultPatchOperation", func(t *testing.T) { - testApp := newTestApp() - testApp.Status.ResourceHealthSource = appsv1.ResourceHealthLocationAppTree - testApp.Status.Resources = resources - - // appServer := newTestAppServer(t, testApp, returnDeployment()) - appServer := newTestAppServer(t, testApp, kube.MustToUnstructured(&deployment)) - appServer.cache = servercache.NewCache(appStateCache, time.Minute, time.Minute, time.Minute) - - err := appStateCache.SetAppResourcesTree(testApp.Name, &appsv1.ApplicationTree{Nodes: nodes}) - require.NoError(t, err) - - appResponse, runErr := appServer.RunResourceAction(context.Background(), &application.ResourceActionRunRequest{ - Name: &testApp.Name, - Namespace: &namespace, - Action: &action, - AppNamespace: &testApp.Namespace, - ResourceName: &resourceName, - Version: &version, - Group: &group, - Kind: &kind, - }) - - require.NoError(t, runErr) - assert.NotNil(t, appResponse) - }) -} - -func TestIsApplicationPermitted(t *testing.T) { - t.Run("Incorrect project", func(t *testing.T) { - testApp := newTestApp() - appServer := newTestAppServer(t, testApp) - projects := map[string]bool{"test-app": false} - permitted := appServer.isApplicationPermitted(labels.Everything(), 0, nil, "test", "default", projects, *testApp) - assert.False(t, permitted) - }) - - t.Run("Version is incorrect", func(t *testing.T) { - testApp := newTestApp() - appServer := newTestAppServer(t, testApp) - minVersion := 100000 - testApp.ResourceVersion = strconv.Itoa(minVersion - 1) - permitted := appServer.isApplicationPermitted(labels.Everything(), minVersion, nil, "test", "default", nil, *testApp) - assert.False(t, permitted) - }) - - t.Run("Application name is incorrect", func(t *testing.T) { - testApp := newTestApp() - appServer := newTestAppServer(t, testApp) - appName := "test" - permitted := appServer.isApplicationPermitted(labels.Everything(), 0, nil, appName, "default", nil, *testApp) - assert.False(t, permitted) - }) - - t.Run("Application namespace is incorrect", func(t *testing.T) { - testApp := newTestApp() - appServer := newTestAppServer(t, testApp) - permitted := appServer.isApplicationPermitted(labels.Everything(), 0, nil, testApp.Name, "demo", nil, *testApp) - assert.False(t, permitted) - }) - - t.Run("Application is not part of enabled namespace", func(t *testing.T) { - testApp := newTestApp() - appServer := newTestAppServer(t, testApp) - appServer.ns = "server-ns" - appServer.enabledNamespaces = []string{"demo"} - permitted := appServer.isApplicationPermitted(labels.Everything(), 0, nil, testApp.Name, testApp.Namespace, nil, *testApp) - assert.False(t, permitted) - }) - - t.Run("Application is part of enabled namespace", func(t *testing.T) { - testApp := newTestApp() - appServer := newTestAppServer(t, testApp) - appServer.ns = "server-ns" - appServer.enabledNamespaces = []string{testApp.Namespace} - permitted := appServer.isApplicationPermitted(labels.Everything(), 0, nil, testApp.Name, testApp.Namespace, nil, *testApp) - assert.True(t, permitted) - }) -} diff --git a/server/application/terminal.go b/server/application/terminal.go index bea1f6ea6a110..be88c58d734df 100644 --- a/server/application/terminal.go +++ b/server/application/terminal.go @@ -4,7 +4,6 @@ import ( "context" "io" "net/http" - "time" util_session "github.com/argoproj/argo-cd/v2/util/session" "github.com/argoproj/gitops-engine/pkg/utils/kube" @@ -143,7 +142,7 @@ func (s *terminalHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { ctx := r.Context() - appRBACName := security.RBACName(s.namespace, project, appNamespace, app) + appRBACName := security.AppRBACName(s.namespace, project, appNamespace, app) if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplications, rbacpolicy.ActionGet, appRBACName); err != nil { http.Error(w, err.Error(), http.StatusUnauthorized) return @@ -232,10 +231,6 @@ func (s *terminalHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } defer session.Done() - // send pings across the WebSocket channel at regular intervals to keep it alive through - // load balancers which may close an idle connection after some period of time - go session.StartKeepalives(time.Second * 5) - if isValidShell(s.allowedShells, shell) { cmd := []string{shell} err = startProcess(kubeClientset, config, namespace, podName, container, cmd, session) diff --git a/server/application/websocket.go b/server/application/websocket.go index faee91c4f47e4..a6ebae3642e8d 100644 --- a/server/application/websocket.go +++ b/server/application/websocket.go @@ -74,23 +74,6 @@ func (t *terminalSession) Done() { close(t.doneChan) } -func (t *terminalSession) StartKeepalives(dur time.Duration) { - ticker := time.NewTicker(dur) - defer ticker.Stop() - for { - select { - case <-ticker.C: - err := t.Ping() - if err != nil { - log.Errorf("ping error: %v", err) - return - } - case <-t.doneChan: - return - } - } -} - // Next called in a loop from remotecommand as long as the process is running func (t *terminalSession) Next() *remotecommand.TerminalSize { select { @@ -158,17 +141,6 @@ func (t *terminalSession) Read(p []byte) (int, error) { } } -// Ping called periodically to ensure connection stays alive through load balancers -func (t *terminalSession) Ping() error { - t.writeLock.Lock() - err := t.wsConn.WriteMessage(websocket.PingMessage, []byte("ping")) - t.writeLock.Unlock() - if err != nil { - log.Errorf("ping message err: %v", err) - } - return err -} - // Write called from remotecommand whenever there is any output func (t *terminalSession) Write(p []byte) (int, error) { msg, err := json.Marshal(TerminalMessage{ diff --git a/server/applicationset/applicationset.go b/server/applicationset/applicationset.go index 26de80530e93b..abe95358c2a3b 100644 --- a/server/applicationset/applicationset.go +++ b/server/applicationset/applicationset.go @@ -30,25 +30,23 @@ import ( "github.com/argoproj/argo-cd/v2/util/argo" "github.com/argoproj/argo-cd/v2/util/db" "github.com/argoproj/argo-cd/v2/util/rbac" - "github.com/argoproj/argo-cd/v2/util/security" "github.com/argoproj/argo-cd/v2/util/session" "github.com/argoproj/argo-cd/v2/util/settings" ) type Server struct { - ns string - db db.ArgoDB - enf *rbac.Enforcer - cache *servercache.Cache - appclientset appclientset.Interface - appLister applisters.ApplicationLister - appsetInformer cache.SharedIndexInformer - appsetLister applisters.ApplicationSetNamespaceLister - projLister applisters.AppProjectNamespaceLister - auditLogger *argo.AuditLogger - settings *settings.SettingsManager - projectLock sync.KeyLock - enabledNamespaces []string + ns string + db db.ArgoDB + enf *rbac.Enforcer + cache *servercache.Cache + appclientset appclientset.Interface + appLister applisters.ApplicationLister + appsetInformer cache.SharedIndexInformer + appsetLister applisters.ApplicationSetNamespaceLister + projLister applisters.AppProjectNamespaceLister + auditLogger *argo.AuditLogger + settings *settings.SettingsManager + projectLock sync.KeyLock } // NewServer returns a new instance of the ApplicationSet service @@ -65,40 +63,31 @@ func NewServer( settings *settings.SettingsManager, namespace string, projectLock sync.KeyLock, - enabledNamespaces []string, ) applicationset.ApplicationSetServiceServer { s := &Server{ - ns: namespace, - cache: cache, - db: db, - enf: enf, - appclientset: appclientset, - appLister: appLister, - appsetInformer: appsetInformer, - appsetLister: appsetLister, - projLister: projLister, - settings: settings, - projectLock: projectLock, - auditLogger: argo.NewAuditLogger(namespace, kubeclientset, "argocd-server"), - enabledNamespaces: enabledNamespaces, + ns: namespace, + cache: cache, + db: db, + enf: enf, + appclientset: appclientset, + appLister: appLister, + appsetInformer: appsetInformer, + appsetLister: appsetLister, + projLister: projLister, + settings: settings, + projectLock: projectLock, + auditLogger: argo.NewAuditLogger(namespace, kubeclientset, "argocd-server"), } return s } func (s *Server) Get(ctx context.Context, q *applicationset.ApplicationSetGetQuery) (*v1alpha1.ApplicationSet, error) { - - namespace := s.appsetNamespaceOrDefault(q.AppsetNamespace) - - if !s.isNamespaceEnabled(namespace) { - return nil, security.NamespaceNotPermittedError(namespace) - } - - a, err := s.appclientset.ArgoprojV1alpha1().ApplicationSets(namespace).Get(ctx, q.Name, metav1.GetOptions{}) + a, err := s.appclientset.ArgoprojV1alpha1().ApplicationSets(s.ns).Get(ctx, q.GetName(), metav1.GetOptions{}) if err != nil { return nil, fmt.Errorf("error getting ApplicationSet: %w", err) } - if err = s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionGet, a.RBACName(s.ns)); err != nil { + if err = s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionGet, a.RBACName()); err != nil { return nil, err } @@ -107,27 +96,20 @@ func (s *Server) Get(ctx context.Context, q *applicationset.ApplicationSetGetQue // List returns list of ApplicationSets func (s *Server) List(ctx context.Context, q *applicationset.ApplicationSetListQuery) (*v1alpha1.ApplicationSetList, error) { - selector, err := labels.Parse(q.GetSelector()) + labelsMap, err := labels.ConvertSelectorToLabelsMap(q.GetSelector()) if err != nil { - return nil, fmt.Errorf("error parsing the selector: %w", err) + return nil, fmt.Errorf("error converting selector to labels map: %w", err) } - appIf := s.appclientset.ArgoprojV1alpha1().ApplicationSets(q.AppsetNamespace) - appsetList, err := appIf.List(ctx, metav1.ListOptions{LabelSelector: selector.String()}) + appIf := s.appclientset.ArgoprojV1alpha1().ApplicationSets(s.ns) + appsetList, err := appIf.List(ctx, metav1.ListOptions{LabelSelector: labelsMap.AsSelector().String()}) if err != nil { return nil, fmt.Errorf("error listing ApplicationSets with selectors: %w", err) } newItems := make([]v1alpha1.ApplicationSet, 0) for _, a := range appsetList.Items { - - // Skip any application that is neither in the conrol plane's namespace - // nor in the list of enabled namespaces. - if !security.IsNamespaceEnabled(a.Namespace, s.ns, s.enabledNamespaces) { - continue - } - - if s.enf.Enforce(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionGet, a.RBACName(s.ns)) { + if s.enf.Enforce(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionGet, a.RBACName()) { newItems = append(newItems, a) } } @@ -161,12 +143,6 @@ func (s *Server) Create(ctx context.Context, q *applicationset.ApplicationSetCre return nil, fmt.Errorf("error validating ApplicationSets: %w", err) } - namespace := s.appsetNamespaceOrDefault(appset.Namespace) - - if !s.isNamespaceEnabled(namespace) { - return nil, security.NamespaceNotPermittedError(namespace) - } - if err := s.checkCreatePermissions(ctx, appset, projectName); err != nil { return nil, fmt.Errorf("error checking create permissions for ApplicationSets %s : %s", appset.Name, err) } @@ -174,7 +150,7 @@ func (s *Server) Create(ctx context.Context, q *applicationset.ApplicationSetCre s.projectLock.RLock(projectName) defer s.projectLock.RUnlock(projectName) - created, err := s.appclientset.ArgoprojV1alpha1().ApplicationSets(namespace).Create(ctx, appset, metav1.CreateOptions{}) + created, err := s.appclientset.ArgoprojV1alpha1().ApplicationSets(s.ns).Create(ctx, appset, metav1.CreateOptions{}) if err == nil { s.logAppSetEvent(created, ctx, argo.EventReasonResourceCreated, "created ApplicationSet") s.waitSync(created) @@ -204,7 +180,7 @@ func (s *Server) Create(ctx context.Context, q *applicationset.ApplicationSetCre if !q.Upsert { return nil, status.Errorf(codes.InvalidArgument, "existing ApplicationSet spec is different, use upsert flag to force update") } - if err = s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionUpdate, appset.RBACName(s.ns)); err != nil { + if err = s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionUpdate, appset.RBACName()); err != nil { return nil, err } updated, err := s.updateAppSet(existing, appset, ctx, true) @@ -232,11 +208,11 @@ func (s *Server) updateAppSet(appset *v1alpha1.ApplicationSet, newAppset *v1alph if appset != nil && appset.Spec.Template.Spec.Project != newAppset.Spec.Template.Spec.Project { // When changing projects, caller must have applicationset create and update privileges in new project // NOTE: the update check was already verified in the caller to this function - if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionCreate, newAppset.RBACName(s.ns)); err != nil { + if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionCreate, newAppset.RBACName()); err != nil { return nil, err } // They also need 'update' privileges in the old project - if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionUpdate, appset.RBACName(s.ns)); err != nil { + if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionUpdate, appset.RBACName()); err != nil { return nil, err } } @@ -271,21 +247,19 @@ func (s *Server) updateAppSet(appset *v1alpha1.ApplicationSet, newAppset *v1alph func (s *Server) Delete(ctx context.Context, q *applicationset.ApplicationSetDeleteRequest) (*applicationset.ApplicationSetResponse, error) { - namespace := s.appsetNamespaceOrDefault(q.AppsetNamespace) - - appset, err := s.appclientset.ArgoprojV1alpha1().ApplicationSets(namespace).Get(ctx, q.Name, metav1.GetOptions{}) + appset, err := s.appclientset.ArgoprojV1alpha1().ApplicationSets(s.ns).Get(ctx, q.Name, metav1.GetOptions{}) if err != nil { return nil, fmt.Errorf("error getting ApplicationSets: %w", err) } - if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionDelete, appset.RBACName(s.ns)); err != nil { + if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionDelete, appset.RBACName()); err != nil { return nil, err } s.projectLock.RLock(appset.Spec.Template.Spec.Project) defer s.projectLock.RUnlock(appset.Spec.Template.Spec.Project) - err = s.appclientset.ArgoprojV1alpha1().ApplicationSets(namespace).Delete(ctx, q.Name, metav1.DeleteOptions{}) + err = s.appclientset.ArgoprojV1alpha1().ApplicationSets(s.ns).Delete(ctx, q.Name, metav1.DeleteOptions{}) if err != nil { return nil, fmt.Errorf("error deleting ApplicationSets: %w", err) } @@ -314,7 +288,7 @@ func (s *Server) validateAppSet(ctx context.Context, appset *v1alpha1.Applicatio func (s *Server) checkCreatePermissions(ctx context.Context, appset *v1alpha1.ApplicationSet, projectName string) error { - if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionCreate, appset.RBACName(s.ns)); err != nil { + if err := s.enf.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplicationSets, rbacpolicy.ActionCreate, appset.RBACName()); err != nil { return err } @@ -371,15 +345,3 @@ func (s *Server) logAppSetEvent(a *v1alpha1.ApplicationSet, ctx context.Context, message := fmt.Sprintf("%s %s", user, action) s.auditLogger.LogAppSetEvent(a, eventInfo, message, user) } - -func (s *Server) appsetNamespaceOrDefault(appNs string) string { - if appNs == "" { - return s.ns - } else { - return appNs - } -} - -func (s *Server) isNamespaceEnabled(namespace string) bool { - return security.IsNamespaceEnabled(namespace, s.ns, s.enabledNamespaces) -} diff --git a/server/applicationset/applicationset.proto b/server/applicationset/applicationset.proto index 2a857d41a00ce..8f6d09cf2b75b 100644 --- a/server/applicationset/applicationset.proto +++ b/server/applicationset/applicationset.proto @@ -14,8 +14,6 @@ import "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1/generated.p message ApplicationSetGetQuery { // the applicationsets's name string name = 1; - // The application set namespace. Default empty is argocd control plane namespace - string appsetNamespace = 2; } message ApplicationSetListQuery { @@ -23,8 +21,6 @@ message ApplicationSetListQuery { repeated string projects = 1; // the selector to restrict returned list to applications only with matched labels string selector = 2; - // The application set namespace. Default empty is argocd control plane namespace - string appsetNamespace = 3; } @@ -42,8 +38,6 @@ message ApplicationSetCreateRequest { message ApplicationSetDeleteRequest { string name = 1; - // The application set namespace. Default empty is argocd control plane namespace - string appsetNamespace = 2; } diff --git a/server/applicationset/applicationset_test.go b/server/applicationset/applicationset_test.go deleted file mode 100644 index aef61f289d494..0000000000000 --- a/server/applicationset/applicationset_test.go +++ /dev/null @@ -1,434 +0,0 @@ -package applicationset - -import ( - "context" - "testing" - - "github.com/argoproj/pkg/sync" - "github.com/stretchr/testify/assert" - v1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/client-go/kubernetes/fake" - k8scache "k8s.io/client-go/tools/cache" - - "github.com/argoproj/argo-cd/v2/common" - "github.com/argoproj/argo-cd/v2/pkg/apiclient/applicationset" - appsv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" - apps "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned/fake" - appinformer "github.com/argoproj/argo-cd/v2/pkg/client/informers/externalversions" - "github.com/argoproj/argo-cd/v2/server/rbacpolicy" - "github.com/argoproj/argo-cd/v2/util/assets" - "github.com/argoproj/argo-cd/v2/util/db" - "github.com/argoproj/argo-cd/v2/util/errors" - "github.com/argoproj/argo-cd/v2/util/rbac" - "github.com/argoproj/argo-cd/v2/util/settings" -) - -const ( - testNamespace = "default" - fakeRepoURL = "https://git.com/repo.git" -) - -func fakeRepo() *appsv1.Repository { - return &appsv1.Repository{ - Repo: fakeRepoURL, - } -} - -func fakeCluster() *appsv1.Cluster { - return &appsv1.Cluster{ - Server: "https://cluster-api.com", - Name: "fake-cluster", - Config: appsv1.ClusterConfig{}, - } -} - -// return an ApplicationServiceServer which returns fake data -func newTestAppSetServer(objects ...runtime.Object) *Server { - f := func(enf *rbac.Enforcer) { - _ = enf.SetBuiltinPolicy(assets.BuiltinPolicyCSV) - enf.SetDefaultRole("role:admin") - } - return newTestAppSetServerWithEnforcerConfigure(f, objects...) -} - -func newTestAppSetServerWithEnforcerConfigure(f func(*rbac.Enforcer), objects ...runtime.Object) *Server { - kubeclientset := fake.NewSimpleClientset(&v1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: testNamespace, - Name: "argocd-cm", - Labels: map[string]string{ - "app.kubernetes.io/part-of": "argocd", - }, - }, - }, &v1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "argocd-secret", - Namespace: testNamespace, - }, - Data: map[string][]byte{ - "admin.password": []byte("test"), - "server.secretkey": []byte("test"), - }, - }) - ctx := context.Background() - db := db.NewDB(testNamespace, settings.NewSettingsManager(ctx, kubeclientset, testNamespace), kubeclientset) - _, err := db.CreateRepository(ctx, fakeRepo()) - errors.CheckError(err) - _, err = db.CreateCluster(ctx, fakeCluster()) - errors.CheckError(err) - - defaultProj := &appsv1.AppProject{ - ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: "default"}, - Spec: appsv1.AppProjectSpec{ - SourceRepos: []string{"*"}, - Destinations: []appsv1.ApplicationDestination{{Server: "*", Namespace: "*"}}, - }, - } - myProj := &appsv1.AppProject{ - ObjectMeta: metav1.ObjectMeta{Name: "my-proj", Namespace: "default"}, - Spec: appsv1.AppProjectSpec{ - SourceRepos: []string{"*"}, - Destinations: []appsv1.ApplicationDestination{{Server: "*", Namespace: "*"}}, - }, - } - - objects = append(objects, defaultProj, myProj) - - fakeAppsClientset := apps.NewSimpleClientset(objects...) - factory := appinformer.NewSharedInformerFactoryWithOptions(fakeAppsClientset, 0, appinformer.WithNamespace(""), appinformer.WithTweakListOptions(func(options *metav1.ListOptions) {})) - fakeProjLister := factory.Argoproj().V1alpha1().AppProjects().Lister().AppProjects(testNamespace) - - enforcer := rbac.NewEnforcer(kubeclientset, testNamespace, common.ArgoCDRBACConfigMapName, nil) - f(enforcer) - enforcer.SetClaimsEnforcerFunc(rbacpolicy.NewRBACPolicyEnforcer(enforcer, fakeProjLister).EnforceClaims) - - settingsMgr := settings.NewSettingsManager(ctx, kubeclientset, testNamespace) - - // populate the app informer with the fake objects - appInformer := factory.Argoproj().V1alpha1().Applications().Informer() - // TODO(jessesuen): probably should return cancel function so tests can stop background informer - //ctx, cancel := context.WithCancel(context.Background()) - go appInformer.Run(ctx.Done()) - if !k8scache.WaitForCacheSync(ctx.Done(), appInformer.HasSynced) { - panic("Timed out waiting for caches to sync") - } - - projInformer := factory.Argoproj().V1alpha1().AppProjects().Informer() - go projInformer.Run(ctx.Done()) - if !k8scache.WaitForCacheSync(ctx.Done(), projInformer.HasSynced) { - panic("Timed out waiting for caches to sync") - } - - server := NewServer( - db, - kubeclientset, - enforcer, - nil, - fakeAppsClientset, - factory.Argoproj().V1alpha1().Applications().Lister(), - appInformer, - factory.Argoproj().V1alpha1().ApplicationSets().Lister().ApplicationSets(testNamespace), - fakeProjLister, - settingsMgr, - testNamespace, - sync.NewKeyLock(), - []string{testNamespace, "external-namespace"}, - ) - return server.(*Server) -} - -func newTestAppSet(opts ...func(appset *appsv1.ApplicationSet)) *appsv1.ApplicationSet { - appset := appsv1.ApplicationSet{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: testNamespace, - }, - Spec: appsv1.ApplicationSetSpec{ - Template: appsv1.ApplicationSetTemplate{ - Spec: appsv1.ApplicationSpec{ - Project: "default", - }, - }, - }, - } - for i := range opts { - opts[i](&appset) - } - return &appset -} - -func testListAppsetsWithLabels(t *testing.T, appsetQuery applicationset.ApplicationSetListQuery, appServer *Server) { - validTests := []struct { - testName string - label string - expectedResult []string - }{ - {testName: "Equality based filtering using '=' operator", - label: "key1=value1", - expectedResult: []string{"AppSet1"}}, - {testName: "Equality based filtering using '==' operator", - label: "key1==value1", - expectedResult: []string{"AppSet1"}}, - {testName: "Equality based filtering using '!=' operator", - label: "key1!=value1", - expectedResult: []string{"AppSet2", "AppSet3"}}, - {testName: "Set based filtering using 'in' operator", - label: "key1 in (value1, value3)", - expectedResult: []string{"AppSet1", "AppSet3"}}, - {testName: "Set based filtering using 'notin' operator", - label: "key1 notin (value1, value3)", - expectedResult: []string{"AppSet2"}}, - {testName: "Set based filtering using 'exists' operator", - label: "key1", - expectedResult: []string{"AppSet1", "AppSet2", "AppSet3"}}, - {testName: "Set based filtering using 'not exists' operator", - label: "!key2", - expectedResult: []string{"AppSet2", "AppSet3"}}, - } - //test valid scenarios - for _, validTest := range validTests { - t.Run(validTest.testName, func(t *testing.T) { - appsetQuery.Selector = validTest.label - res, err := appServer.List(context.Background(), &appsetQuery) - assert.NoError(t, err) - apps := []string{} - for i := range res.Items { - apps = append(apps, res.Items[i].Name) - } - assert.Equal(t, validTest.expectedResult, apps) - }) - } - - invalidTests := []struct { - testName string - label string - errorMesage string - }{ - {testName: "Set based filtering using '>' operator", - label: "key1>value1", - errorMesage: "error parsing the selector"}, - {testName: "Set based filtering using '<' operator", - label: "key1 0 { - for _, header := range svc.Headers { - if header.Name == "" { - return fmt.Errorf("header.name must be defined when providing service headers in the configuration") - } - if header.Value == "" { - return fmt.Errorf("header.value must be defined when providing service headers in the configuration") - } - } - } } } return nil @@ -412,7 +350,7 @@ func validateConfigs(configs *ExtensionConfigs) error { // NewProxy will instantiate a new reverse proxy based on the provided // targetURL and config. -func NewProxy(targetURL string, headers []Header, config ProxyConfig) (*httputil.ReverseProxy, error) { +func NewProxy(targetURL string, config ProxyConfig) (*httputil.ReverseProxy, error) { url, err := url.Parse(targetURL) if err != nil { return nil, fmt.Errorf("failed to parse proxy URL: %s", err) @@ -424,11 +362,6 @@ func NewProxy(targetURL string, headers []Header, config ProxyConfig) (*httputil req.URL.Scheme = url.Scheme req.URL.Host = url.Host req.Header.Set("Host", url.Host) - req.Header.Del("Authorization") - req.Header.Del("Cookie") - for _, header := range headers { - req.Header.Set(header.Name, header.Value) - } }, } return proxy, nil @@ -470,16 +403,16 @@ func applyProxyConfigDefaults(c *ProxyConfig) { // router. func (m *Manager) RegisterHandlers(r *mux.Router) error { m.log.Info("Registering extension handlers...") - settings, err := m.settings.Get() + config, err := m.settings.Get() if err != nil { return fmt.Errorf("error getting settings: %s", err) } - if settings.ExtensionConfig == "" { + if config.ExtensionConfig == "" { return fmt.Errorf("No extensions configurations found") } - extConfigs, err := parseAndValidateConfig(settings) + extConfigs, err := parseAndValidateConfig(config.ExtensionConfig) if err != nil { return fmt.Errorf("error parsing extension config: %s", err) } @@ -534,7 +467,7 @@ func (m *Manager) registerExtensions(r *mux.Router, extConfigs *ExtensionConfigs registry := NewProxyRegistry() singleBackend := len(ext.Backend.Services) == 1 for _, service := range ext.Backend.Services { - proxy, err := NewProxy(service.URL, service.Headers, ext.Backend.ProxyConfig) + proxy, err := NewProxy(service.URL, ext.Backend.ProxyConfig) if err != nil { return fmt.Errorf("error creating proxy: %s", err) } @@ -563,7 +496,7 @@ func (m *Manager) authorize(ctx context.Context, rr *RequestResources, extName s if m.rbac == nil { return nil, fmt.Errorf("rbac enforcer not set in extension manager") } - appRBACName := security.RBACName(rr.ApplicationNamespace, rr.ProjectName, rr.ApplicationNamespace, rr.ApplicationName) + appRBACName := security.AppRBACName(rr.ApplicationNamespace, rr.ProjectName, rr.ApplicationNamespace, rr.ApplicationName) if err := m.rbac.EnforceErr(ctx.Value("claims"), rbacpolicy.ResourceApplications, rbacpolicy.ActionGet, appRBACName); err != nil { return nil, fmt.Errorf("application authorization error: %s", err) } @@ -647,21 +580,17 @@ func (m *Manager) CallExtension(extName string, registry ProxyRegistry) func(htt return } - prepareRequest(r, extName, app) + sanitizeRequest(r, extName) m.log.Debugf("proxing request for extension %q", extName) proxy.ServeHTTP(w, r) } } -// prepareRequest is reponsible for preparing and cleaning the given +// sanitizeRequest is reponsible for preparing and cleaning the given // request, removing sensitive information before forwarding it to the // proxy extension. -func prepareRequest(r *http.Request, extName string, app *v1alpha1.Application) { +func sanitizeRequest(r *http.Request, extName string) { r.URL.Path = strings.TrimPrefix(r.URL.Path, fmt.Sprintf("%s/%s", URLPrefix, extName)) - if app.Spec.Destination.Name != "" { - r.Header.Set(HeaderArgoCDTargetClusterName, app.Spec.Destination.Name) - } - if app.Spec.Destination.Server != "" { - r.Header.Set(HeaderArgoCDTargetClusterURL, app.Spec.Destination.Server) - } + r.Header.Del("Cookie") + r.Header.Del("Authorization") } diff --git a/server/extension/extension_test.go b/server/extension/extension_test.go index cb71f01a2148b..aafb0d29de4be 100644 --- a/server/extension/extension_test.go +++ b/server/extension/extension_test.go @@ -210,14 +210,6 @@ func TestRegisterHandlers(t *testing.T) { name: "invalid name", configYaml: getExtensionConfigInvalidName(), }, - { - name: "no header name", - configYaml: getExtensionConfigNoHeaderName(), - }, - { - name: "no header value", - configYaml: getExtensionConfigNoHeaderValue(), - }, } // when @@ -343,13 +335,8 @@ func TestExtensionsHandler(t *testing.T) { } withExtensionConfig := func(configYaml string, f *fixture) { - secrets := make(map[string]string) - secrets["extension.auth.header"] = "Bearer some-bearer-token" - secrets["extension.auth.header2"] = "Bearer another-bearer-token" - settings := &settings.ArgoCDSettings{ ExtensionConfig: configYaml, - Secrets: secrets, } f.settingsGetterMock.On("Get", mock.Anything).Return(settings, nil) } @@ -365,9 +352,6 @@ func TestExtensionsHandler(t *testing.T) { startBackendTestSrv := func(response string) *httptest.Server { return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - for k, v := range r.Header { - w.Header().Add(k, strings.Join(v, ",")) - } fmt.Fprintln(w, response) })) @@ -409,9 +393,6 @@ func TestExtensionsHandler(t *testing.T) { clusterName := "clusterName" clusterURL := "clusterURL" backendSrv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - for k, v := range r.Header { - w.Header().Add(k, strings.Join(v, ",")) - } fmt.Fprintln(w, backendResponse) })) defer backendSrv.Close() @@ -436,8 +417,6 @@ func TestExtensionsHandler(t *testing.T) { require.NoError(t, err) actual := strings.TrimSuffix(string(body), "\n") assert.Equal(t, backendResponse, actual) - assert.Equal(t, clusterURL, resp.Header.Get(extension.HeaderArgoCDTargetClusterURL)) - assert.Equal(t, "Bearer some-bearer-token", resp.Header.Get("Authorization")) }) t.Run("will route requests with 2 backends for the same extension successfully", func(t *testing.T) { // given @@ -487,7 +466,6 @@ func TestExtensionsHandler(t *testing.T) { require.NoError(t, err) actual := strings.TrimSuffix(string(body), "\n") assert.Equal(t, response1, actual) - assert.Equal(t, "Bearer some-bearer-token", resp1.Header.Get("Authorization")) require.NotNil(t, resp2) assert.Equal(t, http.StatusOK, resp2.StatusCode) @@ -495,7 +473,6 @@ func TestExtensionsHandler(t *testing.T) { require.NoError(t, err) actual = strings.TrimSuffix(string(body), "\n") assert.Equal(t, response2, actual) - assert.Equal(t, "Bearer another-bearer-token", resp2.Header.Get("Authorization")) }) t.Run("will return 401 if sub has no access to get application", func(t *testing.T) { // given @@ -660,9 +637,6 @@ extensions: backend: services: - url: %s - headers: - - name: Authorization - value: '$extension.auth.header' ` return fmt.Sprintf(cfg, name, url) } @@ -674,15 +648,9 @@ extensions: backend: services: - url: %s - headers: - - name: Authorization - value: '$extension.auth.header' cluster: name: %s - url: %s - headers: - - name: Authorization - value: '$extension.auth.header2' cluster: server: %s ` @@ -699,9 +667,6 @@ extensions: backend: services: - url: https://httpbin.org - headers: - - name: some-header - value: '$some.secret.ref' - name: some-backend backend: services: @@ -736,27 +701,3 @@ extensions: - cluster: some-cluster ` } - -func getExtensionConfigNoHeaderName() string { - return ` -extensions: -- name: some-extension - backend: - services: - - url: https://httpbin.org - headers: - - value: '$some.secret.key' -` -} - -func getExtensionConfigNoHeaderValue() string { - return ` -extensions: -- name: some-extension - backend: - services: - - url: https://httpbin.org - headers: - - name: some-header-name -` -} diff --git a/server/logout/logout.go b/server/logout/logout.go index e49f815931596..e2bfa81f28bfb 100644 --- a/server/logout/logout.go +++ b/server/logout/logout.go @@ -19,7 +19,7 @@ import ( "github.com/argoproj/argo-cd/v2/util/settings" ) -// NewHandler creates handler serving to do api/logout endpoint +//NewHandler creates handler serving to do api/logout endpoint func NewHandler(appClientset versioned.Interface, settingsMrg *settings.SettingsManager, sessionMgr *session.SessionManager, rootPath, baseHRef, namespace string) *Handler { return &Handler{ appClientset: appClientset, diff --git a/server/rbacpolicy/rbacpolicy.go b/server/rbacpolicy/rbacpolicy.go index 940f5bfe70844..6d039dcdd6246 100644 --- a/server/rbacpolicy/rbacpolicy.go +++ b/server/rbacpolicy/rbacpolicy.go @@ -3,7 +3,7 @@ package rbacpolicy import ( "strings" - "github.com/golang-jwt/jwt/v4" + jwt "github.com/golang-jwt/jwt/v4" log "github.com/sirupsen/logrus" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" @@ -154,7 +154,7 @@ func (p *RBACPolicyEnforcer) EnforceClaims(claims jwt.Claims, rvals ...interface } } } - logCtx := log.WithFields(log.Fields{"claims": claims, "rval": rvals, "subject": subject, "groups": groups, "project": projName, "scopes": scopes}) + logCtx := log.WithField("claims", claims).WithField("rval", rvals) logCtx.Debug("enforce failed") return false } diff --git a/server/repository/repository.go b/server/repository/repository.go index 7787228ceb052..fa6a8e93c5277 100644 --- a/server/repository/repository.go +++ b/server/repository/repository.go @@ -294,7 +294,7 @@ func (s *Server) GetAppDetails(ctx context.Context, q *repositorypkg.RepoAppDeta if err := s.enf.EnforceErr(claims, rbacpolicy.ResourceRepositories, rbacpolicy.ActionGet, createRBACObject(repo.Project, repo.Repo)); err != nil { return nil, err } - appName, appNs := argo.ParseFromQualifiedName(q.AppName, s.settings.GetNamespace()) + appName, appNs := argo.ParseAppQualifiedName(q.AppName, s.settings.GetNamespace()) app, err := s.appLister.Applications(appNs).Get(appName) appRBACObj := createRBACObject(q.AppProject, q.AppName) // ensure caller has read privileges to app diff --git a/server/server.go b/server/server.go index 4dff6de3621b4..eb273f2d07e5b 100644 --- a/server/server.go +++ b/server/server.go @@ -2,6 +2,7 @@ package server import ( "context" + netCtx "context" "crypto/tls" "errors" "fmt" @@ -62,6 +63,7 @@ import ( "github.com/argoproj/argo-cd/v2/pkg/apiclient" accountpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/account" applicationpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/application" + applicationsetpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/applicationset" certificatepkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/certificate" clusterpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/cluster" @@ -102,6 +104,7 @@ import ( "github.com/argoproj/argo-cd/v2/util/assets" cacheutil "github.com/argoproj/argo-cd/v2/util/cache" "github.com/argoproj/argo-cd/v2/util/db" + "github.com/argoproj/argo-cd/v2/util/dex" dexutil "github.com/argoproj/argo-cd/v2/util/dex" "github.com/argoproj/argo-cd/v2/util/env" errorsutil "github.com/argoproj/argo-cd/v2/util/errors" @@ -160,7 +163,7 @@ func init() { if replicasCount > 0 { maxConcurrentLoginRequestsCount = maxConcurrentLoginRequestsCount / replicasCount } - enableGRPCTimeHistogram = env.ParseBoolFromEnv(common.EnvEnableGRPCTimeHistogramEnv, false) + enableGRPCTimeHistogram = os.Getenv(common.EnvEnableGRPCTimeHistogramEnv) == "true" } // ArgoCDServer is the API server for Argo CD @@ -201,12 +204,10 @@ type ArgoCDServerOpts struct { Insecure bool StaticAssetsDir string ListenPort int - ListenHost string MetricsPort int - MetricsHost string Namespace string DexServerAddr string - DexTLSConfig *dexutil.DexTLSConfig + DexTLSConfig *dex.DexTLSConfig BaseHRef string RootPath string KubeClientset kubernetes.Interface @@ -217,6 +218,7 @@ type ArgoCDServerOpts struct { TLSConfigCustomizer tlsutil.ConfigCustomizer XFrameOptions string ContentSecurityPolicy string + ListenHost string ApplicationNamespaces []string EnableProxyExtension bool } @@ -434,8 +436,8 @@ func (a *ArgoCDServer) Listen() (*Listeners, error) { var dOpts []grpc.DialOption dOpts = append(dOpts, grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(apiclient.MaxGRPCMessageSize))) dOpts = append(dOpts, grpc.WithUserAgent(fmt.Sprintf("%s/%s", common.ArgoCDUserAgentName, common.GetVersion().Version))) - dOpts = append(dOpts, grpc.WithUnaryInterceptor(grpc_util.OTELUnaryClientInterceptor())) - dOpts = append(dOpts, grpc.WithStreamInterceptor(grpc_util.OTELStreamClientInterceptor())) + dOpts = append(dOpts, grpc.WithUnaryInterceptor(otelgrpc.UnaryClientInterceptor())) + dOpts = append(dOpts, grpc.WithStreamInterceptor(otelgrpc.StreamClientInterceptor())) if a.useTLS() { // The following sets up the dial Options for grpc-gateway to talk to gRPC server over TLS. // grpc-gateway is just translating HTTP/HTTPS requests as gRPC requests over localhost, @@ -498,7 +500,7 @@ func (a *ArgoCDServer) Run(ctx context.Context, listeners *Listeners) { httpsS.Handler = &bug21955Workaround{handler: httpsS.Handler} } - metricsServ := metrics.NewMetricsServer(a.MetricsHost, a.MetricsPort) + metricsServ := metrics.NewMetricsServer(a.ListenHost, a.MetricsPort) if a.RedisClient != nil { cacheutil.CollectMetrics(a.RedisClient, metricsServ) } @@ -609,7 +611,7 @@ func (a *ArgoCDServer) watchSettings() { prevURL := a.settings.URL prevOIDCConfig := a.settings.OIDCConfig() - prevDexCfgBytes, err := dexutil.GenerateDexConfigYAML(a.settings, a.DexTLSConfig == nil || a.DexTLSConfig.DisableTLS) + prevDexCfgBytes, err := dex.GenerateDexConfigYAML(a.settings, a.DexTLSConfig == nil || a.DexTLSConfig.DisableTLS) errorsutil.CheckError(err) prevGitHubSecret := a.settings.WebhookGitHubSecret prevGitLabSecret := a.settings.WebhookGitLabSecret @@ -624,7 +626,7 @@ func (a *ArgoCDServer) watchSettings() { for { newSettings := <-updateCh a.settings = newSettings - newDexCfgBytes, err := dexutil.GenerateDexConfigYAML(a.settings, a.DexTLSConfig == nil || a.DexTLSConfig.DisableTLS) + newDexCfgBytes, err := dex.GenerateDexConfigYAML(a.settings, a.DexTLSConfig == nil || a.DexTLSConfig.DisableTLS) errorsutil.CheckError(err) if string(newDexCfgBytes) != string(prevDexCfgBytes) { log.Infof("dex config modified. restarting") @@ -742,7 +744,7 @@ func (a *ArgoCDServer) newGRPCServer() (*grpc.Server, application.AppResourceTre grpc_prometheus.StreamServerInterceptor, grpc_auth.StreamServerInterceptor(a.Authenticate), grpc_util.UserAgentStreamServerInterceptor(common.ArgoCDUserAgentName, clientConstraint), - grpc_util.PayloadStreamServerInterceptor(a.log, true, func(ctx context.Context, fullMethodName string, servingObject interface{}) bool { + grpc_util.PayloadStreamServerInterceptor(a.log, true, func(ctx netCtx.Context, fullMethodName string, servingObject interface{}) bool { return !sensitiveMethods[fullMethodName] }), grpc_util.ErrorCodeK8sStreamServerInterceptor(), @@ -756,7 +758,7 @@ func (a *ArgoCDServer) newGRPCServer() (*grpc.Server, application.AppResourceTre grpc_prometheus.UnaryServerInterceptor, grpc_auth.UnaryServerInterceptor(a.Authenticate), grpc_util.UserAgentUnaryServerInterceptor(common.ArgoCDUserAgentName, clientConstraint), - grpc_util.PayloadUnaryServerInterceptor(a.log, true, func(ctx context.Context, fullMethodName string, servingObject interface{}) bool { + grpc_util.PayloadUnaryServerInterceptor(a.log, true, func(ctx netCtx.Context, fullMethodName string, servingObject interface{}) bool { return !sensitiveMethods[fullMethodName] }), grpc_util.ErrorCodeK8sUnaryServerInterceptor(), @@ -830,21 +832,7 @@ func newArgoCDServiceSet(a *ArgoCDServer) *ArgoCDServiceSet { a.projInformer, a.ApplicationNamespaces) - applicationSetService := applicationset.NewServer( - a.db, - a.KubeClientset, - a.enf, - a.Cache, - a.AppClientset, - a.appLister, - a.appsetInformer, - a.appsetLister, - a.projLister, - a.settingsMgr, - a.Namespace, - projectLock, - a.ApplicationNamespaces) - + applicationSetService := applicationset.NewServer(a.db, a.KubeClientset, a.enf, a.Cache, a.AppClientset, a.appLister, a.appsetInformer, a.appsetLister, a.projLister, a.settingsMgr, a.Namespace, projectLock) projectService := project.NewServer(a.Namespace, a.KubeClientset, a.AppClientset, a.enf, projectLock, a.sessionMgr, a.policyEnforcer, a.projInformer, a.settingsMgr, a.db) appsInAnyNamespaceEnabled := len(a.ArgoCDServerOpts.ApplicationNamespaces) > 0 settingsService := settings.NewServer(a.settingsMgr, a.RepoClientset, a, a.DisableAuth, appsInAnyNamespaceEnabled) diff --git a/server/server_test.go b/server/server_test.go index b304313bc1bc6..649b6ca9bf174 100644 --- a/server/server_test.go +++ b/server/server_test.go @@ -11,6 +11,7 @@ import ( "testing" "time" + "github.com/ghodss/yaml" "github.com/golang-jwt/jwt/v4" log "github.com/sirupsen/logrus" "github.com/stretchr/testify/assert" @@ -18,7 +19,6 @@ import ( "google.golang.org/grpc/metadata" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes/fake" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apiclient" @@ -1255,7 +1255,7 @@ func TestReplaceBaseHRef(t *testing.T) { @@ -1279,7 +1279,7 @@ func TestReplaceBaseHRef(t *testing.T) { @@ -1307,7 +1307,7 @@ func TestReplaceBaseHRef(t *testing.T) { @@ -1331,7 +1331,7 @@ func TestReplaceBaseHRef(t *testing.T) { diff --git a/server/settings/settings.go b/server/settings/settings.go index 2f797d552f4ce..5f67eff7c8614 100644 --- a/server/settings/settings.go +++ b/server/settings/settings.go @@ -4,8 +4,8 @@ import ( "context" "fmt" + "github.com/ghodss/yaml" "github.com/golang/protobuf/ptypes/empty" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/reposerver/apiclient" ioutil "github.com/argoproj/argo-cd/v2/util/io" @@ -62,6 +62,10 @@ func (s *Server) Get(ctx context.Context, q *settingspkg.SettingsQuery) (*settin if err != nil { return nil, err } + plugins, err := s.plugins(ctx, false) + if err != nil { + return nil, err + } userLoginsDisabled := true accounts, err := s.mgr.GetAccounts() if err != nil { @@ -106,6 +110,7 @@ func (s *Server) Get(ctx context.Context, q *settingspkg.SettingsQuery) (*settin ChatText: help.ChatText, BinaryUrls: help.BinaryURLs, }, + Plugins: plugins, UserLoginsDisabled: userLoginsDisabled, KustomizeVersions: kustomizeVersions, UiCssURL: argoCDSettings.UiCssURL, @@ -116,6 +121,15 @@ func (s *Server) Get(ctx context.Context, q *settingspkg.SettingsQuery) (*settin } if sessionmgr.LoggedIn(ctx) || s.disableAuth { + configManagementPlugins, err := s.mgr.GetConfigManagementPlugins() + if err != nil { + return nil, err + } + tools := make([]*v1alpha1.ConfigManagementPlugin, len(configManagementPlugins)) + for i := range configManagementPlugins { + tools[i] = &configManagementPlugins[i] + } + set.ConfigManagementPlugins = tools set.UiBannerContent = argoCDSettings.UiBannerContent set.UiBannerURL = argoCDSettings.UiBannerURL set.UiBannerPermanent = argoCDSettings.UiBannerPermanent @@ -146,29 +160,39 @@ func (s *Server) Get(ctx context.Context, q *settingspkg.SettingsQuery) (*settin // GetPlugins returns a list of plugins func (s *Server) GetPlugins(ctx context.Context, q *settingspkg.SettingsQuery) (*settingspkg.SettingsPluginsResponse, error) { - plugins, err := s.plugins(ctx) + plugins, err := s.plugins(ctx, true) if err != nil { return nil, err } return &settingspkg.SettingsPluginsResponse{Plugins: plugins}, nil } -func (s *Server) plugins(ctx context.Context) ([]*settingspkg.Plugin, error) { - closer, client, err := s.repoClient.NewRepoServerClient() +func (s *Server) plugins(ctx context.Context, includeV2Plugins bool) ([]*settingspkg.Plugin, error) { + in, err := s.mgr.GetConfigManagementPlugins() if err != nil { - return nil, fmt.Errorf("error creating repo server client: %w", err) + return nil, err } - defer ioutil.Close(closer) - - pluginList, err := client.ListPlugins(ctx, &empty.Empty{}) - if err != nil { - return nil, fmt.Errorf("failed to list sidecar plugins from reposerver: %w", err) + var out []*settingspkg.Plugin + for _, p := range in { + out = append(out, &settingspkg.Plugin{Name: p.Name}) } - var out []*settingspkg.Plugin - if pluginList != nil && len(pluginList.Items) > 0 { - for _, p := range pluginList.Items { - out = append(out, &settingspkg.Plugin{Name: p.Name}) + if includeV2Plugins { + closer, client, err := s.repoClient.NewRepoServerClient() + if err != nil { + return nil, fmt.Errorf("error creating repo server client: %w", err) + } + defer ioutil.Close(closer) + + pluginList, err := client.ListPlugins(ctx, &empty.Empty{}) + if err != nil { + return nil, fmt.Errorf("failed to list sidecar plugins from reposerver: %w", err) + } + + if pluginList != nil && len(pluginList.Items) > 0 { + for _, p := range pluginList.Items { + out = append(out, &settingspkg.Plugin{Name: p.Name}) + } } } diff --git a/server/settings/settings.proto b/server/settings/settings.proto index 9f95c9433b545..932da5269d2d4 100644 --- a/server/settings/settings.proto +++ b/server/settings/settings.proto @@ -28,7 +28,6 @@ message Settings { Help help = 9; repeated Plugin plugins = 10; bool userLoginsDisabled = 11; - // Deprecated: use sidecar plugins instead. repeated github.com.argoproj.argo_cd.v2.pkg.apis.application.v1alpha1.ConfigManagementPlugin configManagementPlugins = 12; repeated string kustomizeVersions = 13; string uiCssURL = 14; diff --git a/server/version/version.go b/server/version/version.go index cc4eeb24152a6..e899a7ab590d5 100644 --- a/server/version/version.go +++ b/server/version/version.go @@ -2,7 +2,6 @@ package version import ( "context" - "github.com/golang/protobuf/ptypes/empty" "github.com/google/go-jsonnet" @@ -68,7 +67,6 @@ func (s *Server) Version(ctx context.Context, _ *empty.Empty) (*version.VersionM HelmVersion: s.helmVersion, JsonnetVersion: s.jsonnetVersion, KubectlVersion: vers.KubectlVersion, - ExtraBuildInfo: vers.ExtraBuildInfo, }, nil } diff --git a/server/version/version.proto b/server/version/version.proto index f5b887aa29f00..a2bc1d685661f 100644 --- a/server/version/version.proto +++ b/server/version/version.proto @@ -23,7 +23,6 @@ message VersionMessage { string HelmVersion = 11; string KubectlVersion = 12; string JsonnetVersion = 13; - string ExtraBuildInfo = 14; } // VersionService returns the version of the API server. diff --git a/test/container/Dockerfile b/test/container/Dockerfile index 52e98524ea86e..9eb18ec0e46da 100644 --- a/test/container/Dockerfile +++ b/test/container/Dockerfile @@ -6,13 +6,13 @@ FROM docker.io/library/redis:7.0.11@sha256:f50031a49f41e493087fb95f96fdb3523bb25 RUN ln -s /usr/lib/$(uname -m)-linux-gnu /usr/lib/linux-gnu # Please make sure to also check the contained yarn version and update the references below when upgrading this image's version -FROM docker.io/library/node:20.4.0@sha256:b3ca7d32f0c12291df6e45a914d4ee60011a3fce4a978df5e609e356a4a2cb88 as node +FROM docker.io/library/node:18.15.0@sha256:8d9a875ee427897ef245302e31e2319385b092f1c3368b497e89790f240368f5 as node -FROM docker.io/library/golang:1.21.0@sha256:ec457a2fcd235259273428a24e09900c496d0c52207266f96a330062a01e3622 as golang +FROM docker.io/library/golang:1.19.10@sha256:83f9f840072d05ad4d90ce4ac7cb2427632d6b89d5ffc558f18f9577ec8188c0 as golang FROM docker.io/library/registry:2.8@sha256:41f413c22d6156587e2a51f3e80c09808b8c70e82be149b82b5e0196a88d49b4 as registry -FROM docker.io/bitnami/kubectl:1.27@sha256:670fe3f50d45c0511bb0f2af018e2fc082ac8cdfaea02dba4e32866296036926 as kubectl +FROM docker.io/bitnami/kubectl:1.26@sha256:90d54ce960bf00b6d06cf1c69075a120d88e9f3237096b237c0a5efcacd5ed0b as kubectl FROM docker.io/library/ubuntu:22.04@sha256:0bced47fffa3361afa981854fcabcd4577cd43cebbb808cea2b1f33a3dd7f508 diff --git a/test/container/Procfile b/test/container/Procfile index ef5100e71bab3..04c9eb045a253 100644 --- a/test/container/Procfile +++ b/test/container/Procfile @@ -10,5 +10,5 @@ fcgiwrap: sudo sh -c "test $ARGOCD_E2E_TEST = true && (fcgiwrap -s unix:/var/run nginx: sudo sh -c "test $ARGOCD_E2E_TEST = true && nginx -g 'daemon off;' -c $(pwd)/test/fixture/testrepos/nginx.conf" helm-registry: sudo sh -c "registry serve /etc/docker/registry/config.yml" dev-mounter: test "$ARGOCD_E2E_TEST" != "true" && go run hack/dev-mounter/main.go --configmap argocd-ssh-known-hosts-cm=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} --configmap argocd-tls-certs-cm=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} --configmap argocd-gpg-keys-cm=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source} -applicationset-controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-applicationset-controller $COMMAND --loglevel debug --metrics-addr localhost:12345 --probe-addr localhost:12346 --argocd-repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081}" +applicationset-controller: [ "$BIN_MODE" = 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_ASK_PASS_SOCK=/tmp/applicationset-ask-pass.sock ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-applicationset-controller $COMMAND --loglevel debug --metrics-addr localhost:12345 --probe-addr localhost:12346 --argocd-repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081}" notification: sh -c "FORCE_LOG_COLORS=4 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_BINARY_NAME=argocd-notifications go run ./cmd/main.go --loglevel debug" diff --git a/test/e2e/accounts_test.go b/test/e2e/accounts_test.go index 54eba790af2c5..f794dce7a56e9 100644 --- a/test/e2e/accounts_test.go +++ b/test/e2e/accounts_test.go @@ -14,6 +14,7 @@ import ( "github.com/argoproj/argo-cd/v2/cmd/argocd/commands/headless" "github.com/argoproj/argo-cd/v2/pkg/apiclient/account" "github.com/argoproj/argo-cd/v2/pkg/apiclient/session" + "github.com/argoproj/argo-cd/v2/test/e2e/fixture" . "github.com/argoproj/argo-cd/v2/test/e2e/fixture" accountFixture "github.com/argoproj/argo-cd/v2/test/e2e/fixture/account" "github.com/argoproj/argo-cd/v2/util/io" @@ -76,7 +77,7 @@ func TestCanIGetLogsAllowSwitchOn(t *testing.T) { When(). Create(). Login(). - SetPermissions([]ACL{ + SetPermissions([]fixture.ACL{ { Resource: "logs", Action: "get", diff --git a/test/e2e/app_management_ns_test.go b/test/e2e/app_management_ns_test.go index 15cbd43534025..a6065aa8c195a 100644 --- a/test/e2e/app_management_ns_test.go +++ b/test/e2e/app_management_ns_test.go @@ -1179,7 +1179,7 @@ func TestNamespacedPermissions(t *testing.T) { Create() sourceError := fmt.Sprintf("application repo %s is not permitted in project 'argo-project'", RepoURL(RepoURLTypeFile)) - destinationError := fmt.Sprintf("application destination server '%s' and namespace '%s' do not match any of the allowed destinations in project 'argo-project'", KubernetesInternalAPIServerAddr, DeploymentNamespace()) + destinationError := fmt.Sprintf("application destination {%s %s} is not permitted in project 'argo-project'", KubernetesInternalAPIServerAddr, DeploymentNamespace()) appCtx. Path("guestbook-logs"). diff --git a/test/e2e/app_management_test.go b/test/e2e/app_management_test.go index 00c5cbf549661..b584df4723f86 100644 --- a/test/e2e/app_management_test.go +++ b/test/e2e/app_management_test.go @@ -50,7 +50,6 @@ const ( guestbookPathLocal = "./testdata/guestbook_local" globalWithNoNameSpace = "global-with-no-namespace" guestbookWithNamespace = "guestbook-with-namespace" - resourceActions = "resource-actions" appLogsRetryCount = 5 ) @@ -1013,7 +1012,7 @@ definitions: obj.metadata.labels.sample = 'test' return obj` -func TestOldStyleResourceAction(t *testing.T) { +func TestResourceAction(t *testing.T) { Given(t). Path(guestbookPath). ResourceOverrides(map[string]ResourceOverride{"apps/Deployment": {Actions: actionsConfig}}). @@ -1055,224 +1054,6 @@ func TestOldStyleResourceAction(t *testing.T) { }) } -const newStyleActionsConfig = `discovery.lua: return { sample = {} } -definitions: -- name: sample - action.lua: | - local os = require("os") - - function deepCopy(object) - local lookup_table = {} - local function _copy(obj) - if type(obj) ~= "table" then - return obj - elseif lookup_table[obj] then - return lookup_table[obj] - elseif next(obj) == nil then - return nil - else - local new_table = {} - lookup_table[obj] = new_table - for key, value in pairs(obj) do - new_table[_copy(key)] = _copy(value) - end - return setmetatable(new_table, getmetatable(obj)) - end - end - return _copy(object) - end - - job = {} - job.apiVersion = "batch/v1" - job.kind = "Job" - - job.metadata = {} - job.metadata.name = obj.metadata.name .. "-123" - job.metadata.namespace = obj.metadata.namespace - - ownerRef = {} - ownerRef.apiVersion = obj.apiVersion - ownerRef.kind = obj.kind - ownerRef.name = obj.metadata.name - ownerRef.uid = obj.metadata.uid - job.metadata.ownerReferences = {} - job.metadata.ownerReferences[1] = ownerRef - - job.spec = {} - job.spec.suspend = false - job.spec.template = {} - job.spec.template.spec = deepCopy(obj.spec.jobTemplate.spec.template.spec) - - impactedResource = {} - impactedResource.operation = "create" - impactedResource.resource = job - result = {} - result[1] = impactedResource - - return result` - -func TestNewStyleResourceActionPermitted(t *testing.T) { - Given(t). - Path(resourceActions). - ResourceOverrides(map[string]ResourceOverride{"batch/CronJob": {Actions: newStyleActionsConfig}}). - ProjectSpec(AppProjectSpec{ - SourceRepos: []string{"*"}, - Destinations: []ApplicationDestination{{Namespace: "*", Server: "*"}}, - NamespaceResourceWhitelist: []metav1.GroupKind{ - {Group: "batch", Kind: "Job"}, - {Group: "batch", Kind: "CronJob"}, - }}). - When(). - CreateApp(). - Sync(). - Then(). - And(func(app *Application) { - - closer, client, err := ArgoCDClientset.NewApplicationClient() - assert.NoError(t, err) - defer io.Close(closer) - - actions, err := client.ListResourceActions(context.Background(), &applicationpkg.ApplicationResourceRequest{ - Name: &app.Name, - Group: pointer.String("batch"), - Kind: pointer.String("CronJob"), - Version: pointer.String("v1"), - Namespace: pointer.String(DeploymentNamespace()), - ResourceName: pointer.String("hello"), - }) - assert.NoError(t, err) - assert.Equal(t, []*ResourceAction{{Name: "sample", Disabled: false}}, actions.Actions) - - _, err = client.RunResourceAction(context.Background(), &applicationpkg.ResourceActionRunRequest{Name: &app.Name, - Group: pointer.String("batch"), - Kind: pointer.String("CronJob"), - Version: pointer.String("v1"), - Namespace: pointer.String(DeploymentNamespace()), - ResourceName: pointer.String("hello"), - Action: pointer.String("sample"), - }) - assert.NoError(t, err) - - _, err = KubeClientset.BatchV1().Jobs(DeploymentNamespace()).Get(context.Background(), "hello-123", metav1.GetOptions{}) - assert.NoError(t, err) - }) -} - -const newStyleActionsConfigMixedOk = `discovery.lua: return { sample = {} } -definitions: -- name: sample - action.lua: | - local os = require("os") - - function deepCopy(object) - local lookup_table = {} - local function _copy(obj) - if type(obj) ~= "table" then - return obj - elseif lookup_table[obj] then - return lookup_table[obj] - elseif next(obj) == nil then - return nil - else - local new_table = {} - lookup_table[obj] = new_table - for key, value in pairs(obj) do - new_table[_copy(key)] = _copy(value) - end - return setmetatable(new_table, getmetatable(obj)) - end - end - return _copy(object) - end - - job = {} - job.apiVersion = "batch/v1" - job.kind = "Job" - - job.metadata = {} - job.metadata.name = obj.metadata.name .. "-123" - job.metadata.namespace = obj.metadata.namespace - - ownerRef = {} - ownerRef.apiVersion = obj.apiVersion - ownerRef.kind = obj.kind - ownerRef.name = obj.metadata.name - ownerRef.uid = obj.metadata.uid - job.metadata.ownerReferences = {} - job.metadata.ownerReferences[1] = ownerRef - - job.spec = {} - job.spec.suspend = false - job.spec.template = {} - job.spec.template.spec = deepCopy(obj.spec.jobTemplate.spec.template.spec) - - impactedResource1 = {} - impactedResource1.operation = "create" - impactedResource1.resource = job - result = {} - result[1] = impactedResource1 - - obj.metadata.labels["aKey"] = 'aValue' - impactedResource2 = {} - impactedResource2.operation = "patch" - impactedResource2.resource = obj - - result[2] = impactedResource2 - - return result` - -func TestNewStyleResourceActionMixedOk(t *testing.T) { - Given(t). - Path(resourceActions). - ResourceOverrides(map[string]ResourceOverride{"batch/CronJob": {Actions: newStyleActionsConfigMixedOk}}). - ProjectSpec(AppProjectSpec{ - SourceRepos: []string{"*"}, - Destinations: []ApplicationDestination{{Namespace: "*", Server: "*"}}, - NamespaceResourceWhitelist: []metav1.GroupKind{ - {Group: "batch", Kind: "Job"}, - {Group: "batch", Kind: "CronJob"}, - }}). - When(). - CreateApp(). - Sync(). - Then(). - And(func(app *Application) { - - closer, client, err := ArgoCDClientset.NewApplicationClient() - assert.NoError(t, err) - defer io.Close(closer) - - actions, err := client.ListResourceActions(context.Background(), &applicationpkg.ApplicationResourceRequest{ - Name: &app.Name, - Group: pointer.String("batch"), - Kind: pointer.String("CronJob"), - Version: pointer.String("v1"), - Namespace: pointer.String(DeploymentNamespace()), - ResourceName: pointer.String("hello"), - }) - assert.NoError(t, err) - assert.Equal(t, []*ResourceAction{{Name: "sample", Disabled: false}}, actions.Actions) - - _, err = client.RunResourceAction(context.Background(), &applicationpkg.ResourceActionRunRequest{Name: &app.Name, - Group: pointer.String("batch"), - Kind: pointer.String("CronJob"), - Version: pointer.String("v1"), - Namespace: pointer.String(DeploymentNamespace()), - ResourceName: pointer.String("hello"), - Action: pointer.String("sample"), - }) - assert.NoError(t, err) - - // Assert new Job was created - _, err = KubeClientset.BatchV1().Jobs(DeploymentNamespace()).Get(context.Background(), "hello-123", metav1.GetOptions{}) - assert.NoError(t, err) - // Assert the original CronJob was patched - cronJob, err := KubeClientset.BatchV1().CronJobs(DeploymentNamespace()).Get(context.Background(), "hello", metav1.GetOptions{}) - assert.Equal(t, "aValue", cronJob.Labels["aKey"]) - assert.NoError(t, err) - }) -} - func TestSyncResourceByLabel(t *testing.T) { Given(t). Path(guestbookPath). @@ -1490,7 +1271,7 @@ func TestPermissions(t *testing.T) { Create() sourceError := fmt.Sprintf("application repo %s is not permitted in project 'argo-project'", RepoURL(RepoURLTypeFile)) - destinationError := fmt.Sprintf("application destination server '%s' and namespace '%s' do not match any of the allowed destinations in project 'argo-project'", KubernetesInternalAPIServerAddr, DeploymentNamespace()) + destinationError := fmt.Sprintf("application destination {%s %s} is not permitted in project 'argo-project'", KubernetesInternalAPIServerAddr, DeploymentNamespace()) appCtx. Path("guestbook-logs"). @@ -1532,7 +1313,7 @@ func TestPermissions(t *testing.T) { And(func(app *Application) { closer, cdClient := ArgoCDClientset.NewApplicationClientOrDie() defer io.Close(closer) - appName, appNs := argo.ParseFromQualifiedName(app.Name, "") + appName, appNs := argo.ParseAppQualifiedName(app.Name, "") fmt.Printf("APP NAME: %s\n", appName) tree, err := cdClient.ResourceTree(context.Background(), &applicationpkg.ResourcesQuery{ApplicationName: &appName, AppNamespace: &appNs}) require.NoError(t, err) @@ -1646,7 +1427,7 @@ func TestPermissionDeniedWithNegatedNamespace(t *testing.T) { IgnoreErrors(). CreateApp(). Then(). - Expect(Error("", "do not match any of the allowed destinations in project")) + Expect(Error("", "is not permitted in project")) } func TestPermissionDeniedWithNegatedServer(t *testing.T) { @@ -1673,7 +1454,7 @@ func TestPermissionDeniedWithNegatedServer(t *testing.T) { IgnoreErrors(). CreateApp(). Then(). - Expect(Error("", "do not match any of the allowed destinations in project")) + Expect(Error("", "is not permitted in project")) } // make sure that if we deleted a resource from the app, it is not pruned if annotated with Prune=false diff --git a/test/e2e/applicationset_test.go b/test/e2e/applicationset_test.go index 27c5fd33b42c9..c0413c8084c7b 100644 --- a/test/e2e/applicationset_test.go +++ b/test/e2e/applicationset_test.go @@ -1,9 +1,7 @@ package e2e import ( - "fmt" "io" - "net" "net/http" "net/http/httptest" "strings" @@ -13,554 +11,51 @@ import ( corev1 "k8s.io/api/core/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/test/e2e/fixture" + . "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets" + "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets/utils" + . "github.com/argoproj/argo-cd/v2/util/errors" - . "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets" - "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets/utils" - . "github.com/argoproj/argo-cd/v2/util/errors" - "github.com/stretchr/testify/assert" - - "github.com/argoproj/argo-cd/v2/pkg/apis/application" -) - -var ( - ExpectedConditions = []v1alpha1.ApplicationSetCondition{ - { - Type: v1alpha1.ApplicationSetConditionErrorOccurred, - Status: v1alpha1.ApplicationSetConditionStatusFalse, - Message: "Successfully generated parameters for all Applications", - Reason: v1alpha1.ApplicationSetReasonApplicationSetUpToDate, - }, - { - Type: v1alpha1.ApplicationSetConditionParametersGenerated, - Status: v1alpha1.ApplicationSetConditionStatusTrue, - Message: "Successfully generated parameters for all Applications", - Reason: v1alpha1.ApplicationSetReasonParametersGenerated, - }, - { - Type: v1alpha1.ApplicationSetConditionResourcesUpToDate, - Status: v1alpha1.ApplicationSetConditionStatusTrue, - Message: "ApplicationSet up to date", - Reason: v1alpha1.ApplicationSetReasonApplicationSetUpToDate, - }, - } - LabelKeyAppSetInstance = "argocd.argoproj.io/application-set-name" -) - -func TestSimpleListGeneratorExternalNamespace(t *testing.T) { - - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: "Application", - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "my-cluster-guestbook", - Namespace: utils.ArgoCDExternalNamespace, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-list-generator-external", - }, - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook", - }, - }, - } - var expectedAppNewNamespace *argov1alpha1.Application - var expectedAppNewMetadata *argov1alpha1.Application - - Given(t). - // Create a ListGenerator-based ApplicationSet - When(). - SwitchToExternalNamespace(). - CreateNamespace(utils.ArgoCDExternalNamespace).Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "simple-list-generator-external", - Namespace: utils.ArgoCDExternalNamespace, - }, - Spec: v1alpha1.ApplicationSetSpec{ - GoTemplate: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{.cluster}}-guestbook"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "{{.url}}", - Namespace: "guestbook", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{{ - Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc"}`), - }}, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})). - - // Update the ApplicationSet template namespace, and verify it updates the Applications - When(). - And(func() { - expectedAppNewNamespace = expectedApp.DeepCopy() - expectedAppNewNamespace.Spec.Destination.Namespace = "guestbook2" - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Spec.Destination.Namespace = "guestbook2" - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - - // Update the metadata fields in the appset template, and make sure it propagates to the apps - When(). - And(func() { - expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() - expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "simple-list-generator-external", - } - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} - appset.Spec.Template.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "simple-list-generator-external", - } - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). - - // verify the ApplicationSet status conditions were set correctly - Expect(ApplicationSetHasConditions("simple-list-generator-external", ExpectedConditions)). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewMetadata})) - -} - -func TestSimpleListGenerator(t *testing.T) { - - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: application.ApplicationKind, - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "my-cluster-guestbook", - Namespace: fixture.TestNamespace(), - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-list-generator", - }, - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook", - }, - }, - } - var expectedAppNewNamespace *argov1alpha1.Application - var expectedAppNewMetadata *argov1alpha1.Application - - Given(t). - // Create a ListGenerator-based ApplicationSet - When().Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "simple-list-generator", - }, - Spec: v1alpha1.ApplicationSetSpec{ - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{cluster}}-guestbook"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "{{url}}", - Namespace: "guestbook", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{{ - Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc"}`), - }}, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})). - - // Update the ApplicationSet template namespace, and verify it updates the Applications - When(). - And(func() { - expectedAppNewNamespace = expectedApp.DeepCopy() - expectedAppNewNamespace.Spec.Destination.Namespace = "guestbook2" - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Spec.Destination.Namespace = "guestbook2" - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - - // Update the metadata fields in the appset template, and make sure it propagates to the apps - When(). - And(func() { - expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() - expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "simple-list-generator", - "label-key": "label-value", - } - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} - appset.Spec.Template.Labels = map[string]string{"label-key": "label-value"} - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). - - // verify the ApplicationSet status conditions were set correctly - Expect(ApplicationSetHasConditions("simple-list-generator", ExpectedConditions)). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewMetadata})) - -} - -func TestSimpleListGeneratorGoTemplate(t *testing.T) { - - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: application.ApplicationKind, - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "my-cluster-guestbook", - Namespace: fixture.TestNamespace(), - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-list-generator", - }, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook", - }, - }, - } - var expectedAppNewNamespace *argov1alpha1.Application - var expectedAppNewMetadata *argov1alpha1.Application - - Given(t). - // Create a ListGenerator-based ApplicationSet - When().Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "simple-list-generator", - }, - Spec: v1alpha1.ApplicationSetSpec{ - GoTemplate: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{.cluster}}-guestbook"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "{{.url}}", - Namespace: "guestbook", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{{ - Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc"}`), - }}, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})). - - // Update the ApplicationSet template namespace, and verify it updates the Applications - When(). - And(func() { - expectedAppNewNamespace = expectedApp.DeepCopy() - expectedAppNewNamespace.Spec.Destination.Namespace = "guestbook2" - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Spec.Destination.Namespace = "guestbook2" - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - - // Update the metadata fields in the appset template, and make sure it propagates to the apps - When(). - And(func() { - expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() - expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "simple-list-generator", - "label-key": "label-value", - } - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} - appset.Spec.Template.Labels = map[string]string{"label-key": "label-value"} - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). - - // verify the ApplicationSet status conditions were set correctly - Expect(ApplicationSetHasConditions("simple-list-generator", ExpectedConditions)). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewMetadata})) - -} - -func TestRenderHelmValuesObject(t *testing.T) { - - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: application.ApplicationKind, - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "my-cluster-guestbook", - Namespace: fixture.TestNamespace(), - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "test-values-object", - }, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "helm-guestbook", - Helm: &argov1alpha1.ApplicationSourceHelm{ - ValuesObject: &runtime.RawExtension{ - // This will always be converted as yaml - Raw: []byte(`{"some":{"string":"Hello world"}}`), - }, - }, - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook", - }, - }, - } - - Given(t). - // Create a ListGenerator-based ApplicationSet - When().Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "test-values-object", - }, - Spec: v1alpha1.ApplicationSetSpec{ - GoTemplate: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{.cluster}}-guestbook"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "helm-guestbook", - Helm: &argov1alpha1.ApplicationSourceHelm{ - ValuesObject: &runtime.RawExtension{ - Raw: []byte(`{"some":{"string":"{{.test}}"}}`), - }, - }, - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "{{.url}}", - Namespace: "guestbook", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{{ - Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc", "test": "Hello world"}`), - }}, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})). - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{expectedApp})) - -} - -func TestSyncPolicyCreateUpdate(t *testing.T) { - - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: "Application", - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "my-cluster-guestbook-sync-policy-create-update", - Namespace: utils.ArgoCDNamespace, - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "sync-policy-create-update", - }, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook", - }, - }, - } - var expectedAppNewNamespace *argov1alpha1.Application - var expectedAppNewMetadata *argov1alpha1.Application - - Given(t). - // Create a ListGenerator-based ApplicationSet - When().Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "sync-policy-create-update", - }, - Spec: v1alpha1.ApplicationSetSpec{ - GoTemplate: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{.cluster}}-guestbook-sync-policy-create-update"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "{{.url}}", - Namespace: "guestbook", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{{ - Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc"}`), - }}, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})). - - // Update the ApplicationSet template namespace, and verify it updates the Applications - When(). - And(func() { - expectedAppNewNamespace = expectedApp.DeepCopy() - expectedAppNewNamespace.Spec.Destination.Namespace = "guestbook2" - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Spec.Destination.Namespace = "guestbook2" - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - - // Update the metadata fields in the appset template - // Update as well the policy - // As policy is create-update, updates must reflected - When(). - And(func() { - expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() - expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "sync-policy-create-update", - "label-key": "label-value", - } - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} - appset.Spec.Template.Labels = map[string]string{ - LabelKeyAppSetInstance: "sync-policy-create-update", - "label-key": "label-value", - } - applicationsSyncPolicy := argov1alpha1.ApplicationsSyncPolicyCreateUpdate - appset.Spec.SyncPolicy = &argov1alpha1.ApplicationSetSyncPolicy{ - ApplicationsSync: &applicationsSyncPolicy, - } - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). - - // Update the list and remove element - // As policy is create-update, app deletion must not be reflected - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Generators = []v1alpha1.ApplicationSetGenerator{} - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). - - // verify the ApplicationSet status conditions were set correctly - Expect(ApplicationSetHasConditions("sync-policy-create-update", ExpectedConditions)). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewMetadata})) + "github.com/argoproj/argo-cd/v2/pkg/apis/application" +) -} +var ( + ExpectedConditions = []v1alpha1.ApplicationSetCondition{ + { + Type: v1alpha1.ApplicationSetConditionErrorOccurred, + Status: v1alpha1.ApplicationSetConditionStatusFalse, + Message: "Successfully generated parameters for all Applications", + Reason: v1alpha1.ApplicationSetReasonApplicationSetUpToDate, + }, + { + Type: v1alpha1.ApplicationSetConditionParametersGenerated, + Status: v1alpha1.ApplicationSetConditionStatusTrue, + Message: "Successfully generated parameters for all Applications", + Reason: v1alpha1.ApplicationSetReasonParametersGenerated, + }, + { + Type: v1alpha1.ApplicationSetConditionResourcesUpToDate, + Status: v1alpha1.ApplicationSetConditionStatusTrue, + Message: "ApplicationSet up to date", + Reason: v1alpha1.ApplicationSetReasonApplicationSetUpToDate, + }, + } +) -func TestSyncPolicyCreateDelete(t *testing.T) { +func TestSimpleListGenerator(t *testing.T) { expectedApp := argov1alpha1.Application{ TypeMeta: metav1.TypeMeta{ - Kind: "Application", + Kind: application.ApplicationKind, APIVersion: "argoproj.io/v1alpha1", }, ObjectMeta: metav1.ObjectMeta{ - Name: "my-cluster-guestbook-sync-policy-create-delete", - Namespace: utils.ArgoCDNamespace, + Name: "my-cluster-guestbook", + Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "sync-policy-create-delete", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -576,16 +71,16 @@ func TestSyncPolicyCreateDelete(t *testing.T) { }, } var expectedAppNewNamespace *argov1alpha1.Application + var expectedAppNewMetadata *argov1alpha1.Application Given(t). // Create a ListGenerator-based ApplicationSet When().Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "sync-policy-create-delete", + Name: "simple-list-generator", }, Spec: v1alpha1.ApplicationSetSpec{ - GoTemplate: true, Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{.cluster}}-guestbook-sync-policy-create-delete"}, + ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{cluster}}-guestbook"}, Spec: argov1alpha1.ApplicationSpec{ Project: "default", Source: &argov1alpha1.ApplicationSource{ @@ -594,7 +89,7 @@ func TestSyncPolicyCreateDelete(t *testing.T) { Path: "guestbook", }, Destination: argov1alpha1.ApplicationDestination{ - Server: "{{.url}}", + Server: "{{url}}", Namespace: "guestbook", }, }, @@ -621,49 +116,38 @@ func TestSyncPolicyCreateDelete(t *testing.T) { appset.Spec.Template.Spec.Destination.Namespace = "guestbook2" }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - // Update the metadata fields in the appset template - // Update as well the policy - // As policy is create-delete, updates must not be reflected + // Update the metadata fields in the appset template, and make sure it propagates to the apps When(). + And(func() { + expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() + expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} + }). Update(func(appset *v1alpha1.ApplicationSet) { appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} appset.Spec.Template.Labels = map[string]string{"label-key": "label-value"} - applicationsSyncPolicy := argov1alpha1.ApplicationsSyncPolicyCreateDelete - appset.Spec.SyncPolicy = &argov1alpha1.ApplicationSetSyncPolicy{ - ApplicationsSync: &applicationsSyncPolicy, - } - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - - // Update the list and remove element - // As policy is create-delete, app deletion must be reflected - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Generators = []v1alpha1.ApplicationSetGenerator{} - }).Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewNamespace})). + }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). // verify the ApplicationSet status conditions were set correctly - Expect(ApplicationSetHasConditions("sync-policy-create-delete", ExpectedConditions)). + Expect(ApplicationSetHasConditions("simple-list-generator", ExpectedConditions)). - // Delete the ApplicationSet + // Delete the ApplicationSet, and verify it deletes the Applications When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewNamespace})) + Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewMetadata})) } -func TestSyncPolicyCreateOnly(t *testing.T) { +func TestSimpleListGeneratorGoTemplate(t *testing.T) { expectedApp := argov1alpha1.Application{ TypeMeta: metav1.TypeMeta{ - Kind: "Application", + Kind: application.ApplicationKind, APIVersion: "argoproj.io/v1alpha1", }, ObjectMeta: metav1.ObjectMeta{ - Name: "my-cluster-guestbook-sync-policy-create-only", - Namespace: utils.ArgoCDNamespace, + Name: "my-cluster-guestbook", + Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "sync-policy-create-only", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -679,16 +163,17 @@ func TestSyncPolicyCreateOnly(t *testing.T) { }, } var expectedAppNewNamespace *argov1alpha1.Application + var expectedAppNewMetadata *argov1alpha1.Application Given(t). // Create a ListGenerator-based ApplicationSet When().Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "sync-policy-create-only", + Name: "simple-list-generator", }, Spec: v1alpha1.ApplicationSetSpec{ GoTemplate: true, Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{.cluster}}-guestbook-sync-policy-create-only"}, + ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{.cluster}}-guestbook"}, Spec: argov1alpha1.ApplicationSpec{ Project: "default", Source: &argov1alpha1.ApplicationSource{ @@ -724,32 +209,24 @@ func TestSyncPolicyCreateOnly(t *testing.T) { appset.Spec.Template.Spec.Destination.Namespace = "guestbook2" }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - // Update the metadata fields in the appset template - // Update as well the policy - // As policy is create-only, updates must not be reflected + // Update the metadata fields in the appset template, and make sure it propagates to the apps When(). + And(func() { + expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() + expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} + }). Update(func(appset *v1alpha1.ApplicationSet) { appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} appset.Spec.Template.Labels = map[string]string{"label-key": "label-value"} - applicationsSyncPolicy := argov1alpha1.ApplicationsSyncPolicyCreateOnly - appset.Spec.SyncPolicy = &argov1alpha1.ApplicationSetSyncPolicy{ - ApplicationsSync: &applicationsSyncPolicy, - } - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - - // Update the list and remove element - // As policy is create-only, app deletion must not be reflected - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Generators = []v1alpha1.ApplicationSetGenerator{} - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). + }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). // verify the ApplicationSet status conditions were set correctly - Expect(ApplicationSetHasConditions("sync-policy-create-only", ExpectedConditions)). + Expect(ApplicationSetHasConditions("simple-list-generator", ExpectedConditions)). // Delete the ApplicationSet, and verify it deletes the Applications When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewNamespace})) + Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewMetadata})) } @@ -764,9 +241,6 @@ func TestSimpleGitDirectoryGenerator(t *testing.T) { Name: name, Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -848,10 +322,7 @@ func TestSimpleGitDirectoryGenerator(t *testing.T) { for _, expectedApp := range expectedAppsNewNamespace { expectedAppNewMetadata := expectedApp.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator", - "label-key": "label-value", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} expectedAppsNewMetadata = append(expectedAppsNewMetadata, *expectedAppNewMetadata) } }). @@ -879,9 +350,6 @@ func TestSimpleGitDirectoryGeneratorGoTemplate(t *testing.T) { Name: name, Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -964,10 +432,7 @@ func TestSimpleGitDirectoryGeneratorGoTemplate(t *testing.T) { for _, expectedApp := range expectedAppsNewNamespace { expectedAppNewMetadata := expectedApp.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator", - "label-key": "label-value", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} expectedAppsNewMetadata = append(expectedAppsNewMetadata, *expectedAppNewMetadata) } }). @@ -996,9 +461,6 @@ func TestSimpleGitFilesGenerator(t *testing.T) { Name: name, Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -1079,10 +541,7 @@ func TestSimpleGitFilesGenerator(t *testing.T) { for _, expectedApp := range expectedAppsNewNamespace { expectedAppNewMetadata := expectedApp.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator", - "label-key": "label-value", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} expectedAppsNewMetadata = append(expectedAppsNewMetadata, *expectedAppNewMetadata) } }). @@ -1111,9 +570,6 @@ func TestSimpleGitFilesGeneratorGoTemplate(t *testing.T) { Name: name, Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -1195,10 +651,7 @@ func TestSimpleGitFilesGeneratorGoTemplate(t *testing.T) { for _, expectedApp := range expectedAppsNewNamespace { expectedAppNewMetadata := expectedApp.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator", - "label-key": "label-value", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} expectedAppsNewMetadata = append(expectedAppsNewMetadata, *expectedAppNewMetadata) } }). @@ -1219,7 +672,7 @@ func TestSimpleGitFilesPreserveResourcesOnDeletion(t *testing.T) { Given(t). When(). - CreateNamespace(utils.ApplicationsResourcesNamespace). + CreateNamespace(). // Create a GitGenerator-based ApplicationSet Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ Name: "simple-git-generator", @@ -1236,7 +689,7 @@ func TestSimpleGitFilesPreserveResourcesOnDeletion(t *testing.T) { }, Destination: argov1alpha1.ApplicationDestination{ Server: "https://kubernetes.default.svc", - Namespace: utils.ApplicationsResourcesNamespace, + Namespace: utils.ApplicationSetNamespace, }, // Automatically create resources @@ -1279,7 +732,7 @@ func TestSimpleGitFilesPreserveResourcesOnDeletionGoTemplate(t *testing.T) { Given(t). When(). - CreateNamespace(utils.ApplicationsResourcesNamespace). + CreateNamespace(). // Create a GitGenerator-based ApplicationSet Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ Name: "simple-git-generator", @@ -1297,7 +750,7 @@ func TestSimpleGitFilesPreserveResourcesOnDeletionGoTemplate(t *testing.T) { }, Destination: argov1alpha1.ApplicationDestination{ Server: "https://kubernetes.default.svc", - Namespace: utils.ApplicationsResourcesNamespace, + Namespace: utils.ApplicationSetNamespace, }, // Automatically create resources @@ -1525,28 +978,11 @@ func githubSCMMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request) } } -func testServerWithPort(t *testing.T, port int, handler http.Handler) *httptest.Server { - // Use mocked API response to avoid rate-limiting. - l, err := net.Listen("tcp", fmt.Sprintf("127.0.0.1:%d", port)) - if err != nil { - t.Error(fmt.Errorf("Unable to start server %w", err)) - } - - ts := httptest.NewUnstartedServer(handler) - - ts.Listener.Close() - ts.Listener = l - - return ts -} - func TestSimpleSCMProviderGenerator(t *testing.T) { - - ts := testServerWithPort(t, 8341, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // Use mocked API response to avoid rate-limiting. + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { githubSCMMockHandler(t)(w, r) })) - ts.Start() - defer ts.Close() expectedApp := argov1alpha1.Application{ TypeMeta: metav1.TypeMeta{ @@ -1557,9 +993,6 @@ func TestSimpleSCMProviderGenerator(t *testing.T) { Name: "argo-cd-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-scm-provider-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -1619,11 +1052,10 @@ func TestSimpleSCMProviderGenerator(t *testing.T) { } func TestSimpleSCMProviderGeneratorGoTemplate(t *testing.T) { - ts := testServerWithPort(t, 8342, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // Use mocked API response to avoid rate-limiting. + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { githubSCMMockHandler(t)(w, r) })) - ts.Start() - defer ts.Close() expectedApp := argov1alpha1.Application{ TypeMeta: metav1.TypeMeta{ @@ -1634,9 +1066,6 @@ func TestSimpleSCMProviderGeneratorGoTemplate(t *testing.T) { Name: "argo-cd-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-scm-provider-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -1696,84 +1125,6 @@ func TestSimpleSCMProviderGeneratorGoTemplate(t *testing.T) { }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})) } -func TestSCMProviderGeneratorSCMProviderNotAllowed(t *testing.T) { - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: application.ApplicationKind, - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "argo-cd-guestbook", - Namespace: fixture.TestNamespace(), - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-scm-provider-generator", - }, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "git@github.com:argoproj/argo-cd.git", - TargetRevision: "master", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook", - }, - }, - } - - // Because you can't &"". - repoMatch := "argo-cd" - - Given(t). - // Create an SCMProviderGenerator-based ApplicationSet - When().Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "scm-provider-generator-scm-provider-not-allowed", - }, - Spec: v1alpha1.ApplicationSetSpec{ - GoTemplate: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{ .repository }}-guestbook"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "{{ .url }}", - TargetRevision: "{{ .branch }}", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - SCMProvider: &v1alpha1.SCMProviderGenerator{ - Github: &v1alpha1.SCMProviderGeneratorGithub{ - Organization: "argoproj", - API: "http://myservice.mynamespace.svc.cluster.local", - }, - Filters: []v1alpha1.SCMProviderGeneratorFilter{ - { - RepositoryMatch: &repoMatch, - }, - }, - }, - }, - }, - }, - }).Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{expectedApp})). - And(func() { - // app should be listed - output, err := fixture.RunCli("appset", "get", "scm-provider-generator-scm-provider-not-allowed") - assert.NoError(t, err) - assert.Contains(t, output, "scm provider not allowed: http://myservice.mynamespace.svc.cluster.local") - }) -} - func TestCustomApplicationFinalizers(t *testing.T) { expectedApp := argov1alpha1.Application{ TypeMeta: metav1.TypeMeta{ @@ -1784,9 +1135,6 @@ func TestCustomApplicationFinalizers(t *testing.T) { Name: "my-cluster-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io/background"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-list-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -1853,9 +1201,6 @@ func TestCustomApplicationFinalizersGoTemplate(t *testing.T) { Name: "my-cluster-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io/background"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-list-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -1926,10 +1271,6 @@ func githubPullMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request "name": "preview" } ], - "base": { - "ref": "master", - "sha": "7a4a5c987fdfb2b0629e9dbf5f31636c69ba4775" - }, "head": { "ref": "pull-request", "sha": "824a5c987fdfb2b0629e9dbf5f31636c69ba4772" @@ -1946,14 +1287,11 @@ func githubPullMockHandler(t *testing.T) func(http.ResponseWriter, *http.Request } func TestSimplePullRequestGenerator(t *testing.T) { - - ts := testServerWithPort(t, 8343, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // Use mocked API response to avoid rate-limiting. + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { githubPullMockHandler(t)(w, r) })) - ts.Start() - defer ts.Close() - expectedApp := argov1alpha1.Application{ TypeMeta: metav1.TypeMeta{ Kind: application.ApplicationKind, @@ -1963,9 +1301,6 @@ func TestSimplePullRequestGenerator(t *testing.T) { Name: "guestbook-1", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-pull-request-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -2027,13 +1362,11 @@ func TestSimplePullRequestGenerator(t *testing.T) { } func TestSimplePullRequestGeneratorGoTemplate(t *testing.T) { - ts := testServerWithPort(t, 8344, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + // Use mocked API response to avoid rate-limiting. + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { githubPullMockHandler(t)(w, r) })) - ts.Start() - defer ts.Close() - expectedApp := argov1alpha1.Application{ TypeMeta: metav1.TypeMeta{ Kind: application.ApplicationKind, @@ -2043,10 +1376,7 @@ func TestSimplePullRequestGeneratorGoTemplate(t *testing.T) { Name: "guestbook-1", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - "app": "preview", - LabelKeyAppSetInstance: "simple-pull-request-generator", - }, + Labels: map[string]string{"app": "preview"}, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -2110,90 +1440,6 @@ func TestSimplePullRequestGeneratorGoTemplate(t *testing.T) { }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})) } -func TestPullRequestGeneratorNotAllowedSCMProvider(t *testing.T) { - - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: application.ApplicationKind, - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "guestbook-1", - Namespace: fixture.TestNamespace(), - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - "app": "preview", - LabelKeyAppSetInstance: "simple-pull-request-generator", - }, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "git@github.com:applicationset-test-org/argocd-example-apps.git", - TargetRevision: "824a5c987fdfb2b0629e9dbf5f31636c69ba4772", - Path: "kustomize-guestbook", - Kustomize: &argov1alpha1.ApplicationSourceKustomize{ - NamePrefix: "guestbook-1", - }, - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook-pull-request", - }, - }, - } - - Given(t). - // Create an PullRequestGenerator-based ApplicationSet - When().Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "pull-request-generator-not-allowed-scm", - }, - Spec: v1alpha1.ApplicationSetSpec{ - GoTemplate: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{ - Name: "guestbook-{{ .number }}", - Labels: map[string]string{"app": "{{index .labels 0}}"}}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "git@github.com:applicationset-test-org/argocd-example-apps.git", - TargetRevision: "{{ .head_sha }}", - Path: "kustomize-guestbook", - Kustomize: &argov1alpha1.ApplicationSourceKustomize{ - NamePrefix: "guestbook-{{ .number }}", - }, - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "guestbook-{{ .branch }}", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - PullRequest: &v1alpha1.PullRequestGenerator{ - Github: &v1alpha1.PullRequestGeneratorGithub{ - API: "http://myservice.mynamespace.svc.cluster.local", - Owner: "applicationset-test-org", - Repo: "argocd-example-apps", - Labels: []string{ - "preview", - }, - }, - }, - }, - }, - }, - }).Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{expectedApp})). - And(func() { - // app should be listed - output, err := fixture.RunCli("appset", "get", "pull-request-generator-not-allowed-scm") - assert.NoError(t, err) - assert.Contains(t, output, "failed to select pull request service provider: scm provider not allowed: http://myservice.mynamespace.svc.cluster.local") - }) -} - func TestGitGeneratorPrivateRepo(t *testing.T) { FailOnErr(fixture.RunCli("repo", "add", fixture.RepoURL(fixture.RepoURLTypeHTTPS), "--username", fixture.GitUsername, "--password", fixture.GitPassword, "--insecure-skip-server-verification")) generateExpectedApp := func(name string) argov1alpha1.Application { @@ -2206,9 +1452,6 @@ func TestGitGeneratorPrivateRepo(t *testing.T) { Name: name, Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator-private", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -2284,9 +1527,6 @@ func TestGitGeneratorPrivateRepoGoTemplate(t *testing.T) { Name: name, Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-git-generator-private", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", diff --git a/test/e2e/cluster_generator_test.go b/test/e2e/cluster_generator_test.go index 9b744241adf75..260f85c9e8ab0 100644 --- a/test/e2e/cluster_generator_test.go +++ b/test/e2e/cluster_generator_test.go @@ -11,116 +11,10 @@ import ( "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" . "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets" - "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets/utils" "github.com/argoproj/argo-cd/v2/pkg/apis/application" ) -func TestSimpleClusterGeneratorExternalNamespace(t *testing.T) { - - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: "Application", - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "cluster1-guestbook", - Namespace: utils.ArgoCDExternalNamespace, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Name: "cluster1", - Namespace: "guestbook", - }, - }, - } - - var expectedAppNewNamespace *argov1alpha1.Application - var expectedAppNewMetadata *argov1alpha1.Application - - Given(t). - // Create a ClusterGenerator-based ApplicationSet - When(). - CreateClusterSecret("my-secret", "cluster1", "https://kubernetes.default.svc"). - SwitchToExternalNamespace(). - CreateNamespace(utils.ArgoCDExternalNamespace). - Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "simple-cluster-generator", - }, - Spec: v1alpha1.ApplicationSetSpec{ - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{name}}-guestbook"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Name: "{{name}}", - // Server: "{{server}}", - Namespace: "guestbook", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Clusters: &v1alpha1.ClusterGenerator{ - Selector: metav1.LabelSelector{ - MatchLabels: map[string]string{ - "argocd.argoproj.io/secret-type": "cluster", - }, - }, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})). - - // Update the ApplicationSet template namespace, and verify it updates the Applications - When(). - And(func() { - expectedAppNewNamespace = expectedApp.DeepCopy() - expectedAppNewNamespace.Spec.Destination.Namespace = "guestbook2" - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Spec.Destination.Namespace = "guestbook2" - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - - // Update the metadata fields in the appset template, and make sure it propagates to the apps - When(). - And(func() { - expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() - expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "simple-cluster-generator", - } - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} - appset.Spec.Template.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "simple-cluster-generator", - } - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewNamespace})) -} - func TestSimpleClusterGenerator(t *testing.T) { expectedApp := argov1alpha1.Application{ @@ -132,9 +26,6 @@ func TestSimpleClusterGenerator(t *testing.T) { Name: "cluster1-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -206,10 +97,7 @@ func TestSimpleClusterGenerator(t *testing.T) { And(func() { expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - "label-key": "label-value", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} }). Update(func(appset *v1alpha1.ApplicationSet) { appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} @@ -231,9 +119,6 @@ func TestClusterGeneratorWithLocalCluster(t *testing.T) { Name: "in-cluster-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "in-cluster-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -326,10 +211,7 @@ func TestClusterGeneratorWithLocalCluster(t *testing.T) { And(func() { expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "in-cluster-generator", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} }). Update(func(appset *v1alpha1.ApplicationSet) { appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} @@ -354,9 +236,6 @@ func TestSimpleClusterGeneratorAddingCluster(t *testing.T) { Name: "{{name}}-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -439,9 +318,6 @@ func TestSimpleClusterGeneratorDeletingCluster(t *testing.T) { Name: "{{name}}-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", diff --git a/test/e2e/clusterdecisiongenerator_e2e_test.go b/test/e2e/clusterdecisiongenerator_e2e_test.go index 94081d705fd77..6ead361e9429b 100644 --- a/test/e2e/clusterdecisiongenerator_e2e_test.go +++ b/test/e2e/clusterdecisiongenerator_e2e_test.go @@ -10,126 +10,12 @@ import ( "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" argov1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" . "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets" - "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets/utils" "github.com/argoproj/argo-cd/v2/pkg/apis/application" ) var tenSec = int64(10) -func TestSimpleClusterDecisionResourceGeneratorExternalNamespace(t *testing.T) { - - expectedApp := argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: "Application", - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: "cluster1-guestbook", - Namespace: utils.ArgoCDExternalNamespace, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Name: "cluster1", - Namespace: "guestbook", - }, - }, - } - - var expectedAppNewNamespace *argov1alpha1.Application - var expectedAppNewMetadata *argov1alpha1.Application - - clusterList := []interface{}{ - map[string]interface{}{ - "clusterName": "cluster1", - "reason": "argotest", - }, - } - - Given(t). - // Create a ClusterGenerator-based ApplicationSet - When(). - CreateClusterSecret("my-secret", "cluster1", "https://kubernetes.default.svc"). - CreatePlacementRoleAndRoleBinding(). - CreatePlacementDecisionConfigMap("my-configmap"). - CreatePlacementDecision("my-placementdecision"). - StatusUpdatePlacementDecision("my-placementdecision", clusterList). - CreateNamespace(utils.ArgoCDExternalNamespace). - SwitchToExternalNamespace(). - Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "simple-cluster-generator", - }, - Spec: v1alpha1.ApplicationSetSpec{ - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{name}}-guestbook"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "guestbook", - }, - Destination: argov1alpha1.ApplicationDestination{ - Name: "{{clusterName}}", - // Server: "{{server}}", - Namespace: "guestbook", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - ClusterDecisionResource: &v1alpha1.DuckTypeGenerator{ - ConfigMapRef: "my-configmap", - Name: "my-placementdecision", - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{expectedApp})). - - // Update the ApplicationSet template namespace, and verify it updates the Applications - When(). - And(func() { - expectedAppNewNamespace = expectedApp.DeepCopy() - expectedAppNewNamespace.Spec.Destination.Namespace = "guestbook2" - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Spec.Destination.Namespace = "guestbook2" - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewNamespace})). - - // Update the metadata fields in the appset template, and make sure it propagates to the apps - When(). - And(func() { - expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() - expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "simple-cluster-generator", - } - }). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} - appset.Spec.Template.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "simple-cluster-generator", - } - }).Then().Expect(ApplicationsExist([]argov1alpha1.Application{*expectedAppNewMetadata})). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist([]argov1alpha1.Application{*expectedAppNewNamespace})) -} - func TestSimpleClusterDecisionResourceGenerator(t *testing.T) { expectedApp := argov1alpha1.Application{ @@ -141,9 +27,6 @@ func TestSimpleClusterDecisionResourceGenerator(t *testing.T) { Name: "cluster1-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -223,10 +106,7 @@ func TestSimpleClusterDecisionResourceGenerator(t *testing.T) { And(func() { expectedAppNewMetadata = expectedAppNewNamespace.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - "label-key": "label-value", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} }). Update(func(appset *v1alpha1.ApplicationSet) { appset.Spec.Template.Annotations = map[string]string{"annotation-key": "annotation-value"} @@ -249,9 +129,6 @@ func TestSimpleClusterDecisionResourceGeneratorAddingCluster(t *testing.T) { Name: "{{name}}-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -347,9 +224,6 @@ func TestSimpleClusterDecisionResourceGeneratorDeletingClusterSecret(t *testing. Name: "{{name}}-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -447,9 +321,6 @@ func TestSimpleClusterDecisionResourceGeneratorDeletingClusterFromResource(t *te Name: "{{name}}-guestbook", Namespace: fixture.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "simple-cluster-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", diff --git a/test/e2e/custom_tool_test.go b/test/e2e/custom_tool_test.go index 4469931795332..f99129e2bee2f 100644 --- a/test/e2e/custom_tool_test.go +++ b/test/e2e/custom_tool_test.go @@ -2,7 +2,6 @@ package e2e import ( "os" - "path/filepath" "sort" "strings" "testing" @@ -23,16 +22,21 @@ import ( func TestCustomToolWithGitCreds(t *testing.T) { ctx := Given(t) ctx. - And(func() { - go startCMPServer(t, "./testdata/cmp-gitcreds") - time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") - }). + // path does not matter, we ignore it + ConfigManagementPlugin( + ConfigManagementPlugin{ + Name: Name(), + Generate: Command{ + Command: []string{"sh", "-c"}, + Args: []string{`echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"GitAskpass\": \"$GIT_ASKPASS\"}}}"`}, + }, + }, + ). CustomCACertAdded(). // add the private repo with credentials HTTPSRepoURLAdded(true). RepoURLType(RepoURLTypeHTTPS). - Path("cmp-gitcreds"). + Path("https-kustomize-base"). When(). CreateApp(). Sync(). @@ -51,18 +55,23 @@ func TestCustomToolWithGitCreds(t *testing.T) { func TestCustomToolWithGitCredsTemplate(t *testing.T) { ctx := Given(t) ctx. - And(func() { - go startCMPServer(t, "./testdata/cmp-gitcredstemplate") - time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") - }). + // path does not matter, we ignore it + ConfigManagementPlugin( + ConfigManagementPlugin{ + Name: Name(), + Generate: Command{ + Command: []string{"sh", "-c"}, + Args: []string{`echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"GitAskpass\": \"$GIT_ASKPASS\", \"GitUsername\": \"$GIT_USERNAME\", \"GitPassword\": \"$GIT_PASSWORD\"}}}"`}, + }, + }, + ). CustomCACertAdded(). // add the git creds template HTTPSCredentialsUserPassAdded(). // add the private repo without credentials HTTPSRepoURLAdded(false). RepoURLType(RepoURLTypeHTTPS). - Path("cmp-gitcredstemplate"). + Path("https-kustomize-base"). When(). CreateApp(). Sync(). @@ -91,21 +100,24 @@ func TestCustomToolWithGitCredsTemplate(t *testing.T) { func TestCustomToolWithEnv(t *testing.T) { ctx := Given(t) ctx. - And(func() { - go startCMPServer(t, "./testdata/cmp-fileName") - time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") - }). + // path does not matter, we ignore it + ConfigManagementPlugin( + ConfigManagementPlugin{ + Name: Name(), + Generate: Command{ + Command: []string{"sh", "-c"}, + Args: []string{`echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}"`}, + }, + }, + ). // does not matter what the path is - Path("cmp-fileName"). + Path("guestbook"). When(). CreateFromFile(func(app *Application) { - app.Spec.Source.Plugin = &ApplicationSourcePlugin{ - Env: Env{{ - Name: "FOO", - Value: "bar", - }}, - } + app.Spec.GetSource().Plugin.Env = Env{{ + Name: "FOO", + Value: "bar", + }} }). Sync(). Then(). @@ -147,21 +159,23 @@ func TestCustomToolWithEnv(t *testing.T) { // make sure we can sync and diff with --local func TestCustomToolSyncAndDiffLocal(t *testing.T) { - testdataPath, err := filepath.Abs("testdata") - require.NoError(t, err) ctx := Given(t) - appPath := filepath.Join(testdataPath, "guestbook") ctx. - And(func() { - go startCMPServer(t, "./testdata/cmp-kustomize") - time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") - }). + // path does not matter, we ignore it + ConfigManagementPlugin( + ConfigManagementPlugin{ + Name: Name(), + Generate: Command{ + Command: []string{"sh", "-c"}, + Args: []string{`echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}"`}, + }, + }, + ). // does not matter what the path is Path("guestbook"). When(). - CreateApp("--config-management-plugin", "cmp-kustomize-v1.0"). - Sync("--local", appPath, "--local-repo-root", testdataPath). + CreateApp("--config-management-plugin", ctx.AppName()). + Sync("--local", "testdata/guestbook"). Then(). Expect(OperationPhaseIs(OperationSucceeded)). Expect(SyncStatusIs(SyncStatusCodeSynced)). @@ -170,22 +184,22 @@ func TestCustomToolSyncAndDiffLocal(t *testing.T) { time.Sleep(1 * time.Second) }). And(func(app *Application) { - FailOnErr(RunCli("app", "sync", ctx.AppName(), "--local", appPath, "--local-repo-root", testdataPath)) + FailOnErr(RunCli("app", "sync", ctx.AppName(), "--local", "testdata/guestbook")) }). And(func(app *Application) { - FailOnErr(RunCli("app", "diff", ctx.AppName(), "--local", appPath, "--local-repo-root", testdataPath)) + FailOnErr(RunCli("app", "diff", ctx.AppName(), "--local", "testdata/guestbook")) }) } -func startCMPServer(t *testing.T, configFile string) { +func startCMPServer(configFile string) { pluginSockFilePath := TmpDir + PluginSockFilePath - t.Setenv("ARGOCD_BINARY_NAME", "argocd-cmp-server") + os.Setenv("ARGOCD_BINARY_NAME", "argocd-cmp-server") // ARGOCD_PLUGINSOCKFILEPATH should be set as the same value as repo server env var - t.Setenv("ARGOCD_PLUGINSOCKFILEPATH", pluginSockFilePath) + os.Setenv("ARGOCD_PLUGINSOCKFILEPATH", pluginSockFilePath) if _, err := os.Stat(pluginSockFilePath); os.IsNotExist(err) { // path/to/whatever does not exist err := os.Mkdir(pluginSockFilePath, 0700) - require.NoError(t, err) + CheckError(err) } FailOnErr(RunWithStdin("", "", "../../dist/argocd", "--config-dir-path", configFile)) } @@ -195,9 +209,9 @@ func TestCMPDiscoverWithFileName(t *testing.T) { pluginName := "cmp-fileName" Given(t). And(func() { - go startCMPServer(t, "./testdata/cmp-fileName") + go startCMPServer("./testdata/cmp-fileName") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path(pluginName + "/subdir"). When(). @@ -213,9 +227,9 @@ func TestCMPDiscoverWithFileName(t *testing.T) { func TestCMPDiscoverWithFindGlob(t *testing.T) { Given(t). And(func() { - go startCMPServer(t, "./testdata/cmp-find-glob") + go startCMPServer("./testdata/cmp-find-glob") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path("guestbook"). When(). @@ -231,9 +245,9 @@ func TestCMPDiscoverWithFindGlob(t *testing.T) { func TestCMPDiscoverWithPluginName(t *testing.T) { Given(t). And(func() { - go startCMPServer(t, "./testdata/cmp-find-glob") + go startCMPServer("./testdata/cmp-find-glob") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path("guestbook"). When(). @@ -254,9 +268,9 @@ func TestCMPDiscoverWithFindCommandWithEnv(t *testing.T) { ctx := Given(t) ctx. And(func() { - go startCMPServer(t, "./testdata/cmp-find-command") + go startCMPServer("./testdata/cmp-find-command") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path(pluginName). When(). @@ -297,9 +311,9 @@ func TestCMPDiscoverWithFindCommandWithEnv(t *testing.T) { func TestPruneResourceFromCMP(t *testing.T) { Given(t). And(func() { - go startCMPServer(t, "./testdata/cmp-find-glob") + go startCMPServer("./testdata/cmp-find-glob") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path("guestbook"). When(). @@ -320,9 +334,9 @@ func TestPruneResourceFromCMP(t *testing.T) { func TestPreserveFileModeForCMP(t *testing.T) { Given(t). And(func() { - go startCMPServer(t, "./testdata/cmp-preserve-file-mode") + go startCMPServer("./testdata/cmp-preserve-file-mode") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path("cmp-preserve-file-mode"). When(). @@ -340,9 +354,9 @@ func TestPreserveFileModeForCMP(t *testing.T) { func TestCMPWithSymlinkPartialFiles(t *testing.T) { Given(t, WithTestData("testdata2")). And(func() { - go startCMPServer(t, "./testdata2/cmp-symlink") + go startCMPServer("./testdata2/cmp-symlink") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path("guestbook-partial-symlink-files"). When(). @@ -357,9 +371,9 @@ func TestCMPWithSymlinkPartialFiles(t *testing.T) { func TestCMPWithSymlinkFiles(t *testing.T) { Given(t, WithTestData("testdata2")). And(func() { - go startCMPServer(t, "./testdata2/cmp-symlink") + go startCMPServer("./testdata2/cmp-symlink") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path("guestbook-symlink-files"). When(). @@ -374,9 +388,9 @@ func TestCMPWithSymlinkFiles(t *testing.T) { func TestCMPWithSymlinkFolder(t *testing.T) { Given(t, WithTestData("testdata2")). And(func() { - go startCMPServer(t, "./testdata2/cmp-symlink") + go startCMPServer("./testdata2/cmp-symlink") time.Sleep(1 * time.Second) - t.Setenv("ARGOCD_BINARY_NAME", "argocd") + os.Setenv("ARGOCD_BINARY_NAME", "argocd") }). Path("guestbook-symlink-folder"). When(). diff --git a/test/e2e/deployment_test.go b/test/e2e/deployment_test.go index 20e79c2aff56c..085ecee244ba2 100644 --- a/test/e2e/deployment_test.go +++ b/test/e2e/deployment_test.go @@ -1,22 +1,12 @@ package e2e import ( - "context" - "encoding/json" "fmt" - "os" "testing" - "time" "github.com/stretchr/testify/assert" - corev1 "k8s.io/api/core/v1" - rbacv1 "k8s.io/api/rbac/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/client-go/tools/clientcmd" - "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/util/argo" - "github.com/argoproj/argo-cd/v2/util/clusterauth" "github.com/argoproj/gitops-engine/pkg/health" . "github.com/argoproj/gitops-engine/pkg/sync/common" @@ -118,304 +108,3 @@ func TestDeploymentWithoutTrackingMode(t *testing.T) { `, ctx.AppName())) }) } - -// This test verifies that Argo CD can: -// A) Deploy to a cluster where the URL of the cluster contains a query parameter: e.g. https://(kubernetes-url):443/?context=some-val -// and -// B) Multiple users can deploy to the same K8s cluster, using above mechanism (but with different Argo CD Cluster Secrets, and different ServiceAccounts) -func TestDeployToKubernetesAPIURLWithQueryParameter(t *testing.T) { - - // We test with both a cluster-scoped, and a non-cluster scoped, Argo CD Cluster Secret. - clusterScopedParam := []bool{false, true} - for _, clusterScoped := range clusterScopedParam { - - EnsureCleanState(t) - - // Simulate two users, each with their own Argo CD cluster secret that can only deploy to their Namespace - users := []string{E2ETestPrefix + "user1", E2ETestPrefix + "user2"} - - for _, username := range users { - createNamespaceScopedUser(t, username, clusterScoped) - - GivenWithSameState(t). - Name("e2e-test-app-"+username). - Path("deployment"). - When(). - CreateWithNoNameSpace("--dest-namespace", username). - Sync(). - Then(). - Expect(OperationPhaseIs(OperationSucceeded)). - Expect(SyncStatusIs(SyncStatusCodeSynced)). - Expect(HealthIs(health.HealthStatusHealthy)) - } - - } - -} - -// This test verifies that Argo CD can: -// When multiple Argo CD cluster secrets used to deploy to the same cluster (using query parameters), that the ServiceAccount RBAC -// fully enforces user boundary. -// Our simulated user's ServiceAccounts should not be able to deploy into a namespace that is outside that SA's RBAC. -func TestArgoCDSupportsMultipleServiceAccountsWithDifferingRBACOnSameCluster(t *testing.T) { - - // We test with both a cluster-scoped, and a non-cluster scoped, Argo CD Cluster Secret. - clusterScopedParam := []bool{ /*false,*/ true} - - for _, clusterScoped := range clusterScopedParam { - - EnsureCleanState(t) - - // Simulate two users, each with their own Argo CD cluster secret that can only deploy to their Namespace - users := []string{E2ETestPrefix + "user1", E2ETestPrefix + "user2"} - - for _, username := range users { - createNamespaceScopedUser(t, username, clusterScoped) - } - - for idx, username := range users { - - // we should use user-a's serviceaccount to deploy to user-b's namespace, and vice versa - // - If everything as working as expected, this should fail. - otherUser := users[(idx+1)%len(users)] - - // e.g. Attempt to deploy to user1's namespace, with user2's cluster Secret. This should fail, as user2's cluster Secret does not have the requisite permissions. - consequences := GivenWithSameState(t). - Name("e2e-test-app-"+username). - DestName(E2ETestPrefix+"cluster-"+otherUser). - Path("deployment"). - When(). - CreateWithNoNameSpace("--dest-namespace", username).IgnoreErrors(). - Sync().Then() - - // The error message differs based on whether the Argo CD Cluster Secret is namespace-scoped or cluster-scoped, but the idea is the same: - // - Even when deploying to the same cluster using 2 separate ServiceAccounts, the RBAC of those ServiceAccounts should continue to fully enforce RBAC boundaries. - - if !clusterScoped { - consequences.Expect(Condition(ApplicationConditionComparisonError, "Namespace \""+username+"\" for Deployment \"nginx-deployment\" is not managed")) - } else { - consequences.Expect(OperationMessageContains("User \"system:serviceaccount:" + otherUser + ":" + otherUser + "-serviceaccount\" cannot create resource \"deployments\" in API group \"apps\" in the namespace \"" + username + "\"")) - } - } - - } -} - -// generateReadOnlyClusterRoleandBindingForServiceAccount creates a ClusterRole/Binding that allows a ServiceAccount in a given namespace to read all resources on a cluster. -// - This allows the ServiceAccount to be used within a cluster-scoped Argo CD Cluster Secret -func generateReadOnlyClusterRoleandBindingForServiceAccount(roleSuffix string, serviceAccountNS string) (rbacv1.ClusterRole, rbacv1.ClusterRoleBinding) { - - clusterRole := rbacv1.ClusterRole{ - ObjectMeta: metav1.ObjectMeta{ - Name: E2ETestPrefix + "read-all-" + roleSuffix, - }, - Rules: []rbacv1.PolicyRule{{ - Verbs: []string{"get", "list", "watch"}, - Resources: []string{"*"}, - APIGroups: []string{"*"}, - }}, - } - - clusterRoleBinding := rbacv1.ClusterRoleBinding{ - ObjectMeta: metav1.ObjectMeta{ - Name: E2ETestPrefix + "read-all-" + roleSuffix, - }, - Subjects: []rbacv1.Subject{{ - Kind: rbacv1.ServiceAccountKind, - Namespace: serviceAccountNS, - Name: roleSuffix + "-serviceaccount", - }}, - RoleRef: rbacv1.RoleRef{ - APIGroup: "rbac.authorization.k8s.io", - Kind: "ClusterRole", - Name: clusterRole.Name, - }, - } - - return clusterRole, clusterRoleBinding -} - -// buildArgoCDClusterSecret build (but does not create) an Argo CD Cluster Secret object with the given values -func buildArgoCDClusterSecret(secretName, secretNamespace, clusterName, clusterServer, clusterConfigJSON, clusterResources, clusterNamespaces string) corev1.Secret { - res := corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: secretName, - Namespace: secretNamespace, - Labels: map[string]string{ - common.LabelKeySecretType: common.LabelValueSecretTypeCluster, - }, - }, - Data: map[string][]byte{ - "name": ([]byte)(clusterName), - "server": ([]byte)(clusterServer), - "config": ([]byte)(string(clusterConfigJSON)), - }, - } - - if clusterResources != "" { - res.Data["clusterResources"] = ([]byte)(clusterResources) - } - - if clusterNamespaces != "" { - res.Data["namespaces"] = ([]byte)(clusterNamespaces) - } - - return res -} - -// createNamespaceScopedUser -// - username = name of Namespace the simulated user is able to deploy to -// - clusterScopedSecrets = whether the Service Account is namespace-scoped or cluster-scoped. -func createNamespaceScopedUser(t *testing.T, username string, clusterScopedSecrets bool) { - - // Create a new Namespace for our simulated user - ns := corev1.Namespace{ - ObjectMeta: metav1.ObjectMeta{ - Name: username, - }, - } - _, err := KubeClientset.CoreV1().Namespaces().Create(context.Background(), &ns, metav1.CreateOptions{}) - assert.Nil(t, err) - - // Create a ServiceAccount in that Namespace, which will be used for the Argo CD Cluster SEcret - serviceAccountName := username + "-serviceaccount" - err = clusterauth.CreateServiceAccount(KubeClientset, serviceAccountName, ns.Name) - assert.Nil(t, err) - - // Create a Role that allows the ServiceAccount to read/write all within the Namespace - role := rbacv1.Role{ - ObjectMeta: metav1.ObjectMeta{ - Name: E2ETestPrefix + "allow-all", - Namespace: ns.Name, - }, - Rules: []rbacv1.PolicyRule{{ - Verbs: []string{"*"}, - Resources: []string{"*"}, - APIGroups: []string{"*"}, - }}, - } - _, err = KubeClientset.RbacV1().Roles(role.Namespace).Create(context.Background(), &role, metav1.CreateOptions{}) - assert.Nil(t, err) - - // Bind the Role with the ServiceAccount in the Namespace - roleBinding := rbacv1.RoleBinding{ - ObjectMeta: metav1.ObjectMeta{ - Name: E2ETestPrefix + "allow-all-binding", - Namespace: ns.Name, - }, - Subjects: []rbacv1.Subject{{ - Kind: rbacv1.ServiceAccountKind, - Name: serviceAccountName, - Namespace: ns.Name, - }}, - RoleRef: rbacv1.RoleRef{ - APIGroup: "rbac.authorization.k8s.io", - Kind: "Role", - Name: role.Name, - }, - } - _, err = KubeClientset.RbacV1().RoleBindings(roleBinding.Namespace).Create(context.Background(), &roleBinding, metav1.CreateOptions{}) - assert.Nil(t, err) - - // Retrieve the bearer token from the ServiceAccount - token, err := clusterauth.GetServiceAccountBearerToken(KubeClientset, ns.Name, serviceAccountName, time.Second*60) - assert.Nil(t, err) - assert.NotEmpty(t, token) - - // In order to test a cluster-scoped Argo CD Cluster Secret, we may optionally grant the ServiceAccount read-all permissions at cluster scope. - if clusterScopedSecrets { - clusterRole, clusterRoleBinding := generateReadOnlyClusterRoleandBindingForServiceAccount(username, username) - - _, err := KubeClientset.RbacV1().ClusterRoles().Create(context.Background(), &clusterRole, metav1.CreateOptions{}) - assert.Nil(t, err) - - _, err = KubeClientset.RbacV1().ClusterRoleBindings().Create(context.Background(), &clusterRoleBinding, metav1.CreateOptions{}) - assert.Nil(t, err) - - } - - // Build the Argo CD Cluster Secret by using the service account token, and extracting needed values from kube config - clusterSecretConfigJSON := ClusterConfig{ - BearerToken: token, - TLSClientConfig: TLSClientConfig{ - Insecure: true, - }, - } - - jsonStringBytes, err := json.Marshal(clusterSecretConfigJSON) - assert.Nil(t, err) - - _, apiURL, err := extractKubeConfigValues() - assert.Nil(t, err) - - clusterResourcesField := "" - namespacesField := "" - - if !clusterScopedSecrets { - clusterResourcesField = "false" - namespacesField = ns.Name - } - - // We create an Argo CD cluster Secret declaratively, using the K8s client, rather than via CLI, as the CLI doesn't currently - // support Kubernetes API server URLs with query parameters. - - secret := buildArgoCDClusterSecret("test-"+username, ArgoCDNamespace, E2ETestPrefix+"cluster-"+username, apiURL+"?user="+username, - string(jsonStringBytes), clusterResourcesField, namespacesField) - - // Finally, create the Cluster secret in the Argo CD E2E namespace - _, err = KubeClientset.CoreV1().Secrets(secret.Namespace).Create(context.Background(), &secret, metav1.CreateOptions{}) - assert.Nil(t, err) -} - -// extractKubeConfigValues returns contents of the local environment's kubeconfig, using standard path resolution mechanism. -// Returns: -// - contents of kubeconfig -// - server name (within the kubeconfig) -// - error -func extractKubeConfigValues() (string, string, error) { - - loadingRules := clientcmd.NewDefaultClientConfigLoadingRules() - - config, err := loadingRules.Load() - if err != nil { - return "", "", err - } - - context, ok := config.Contexts[config.CurrentContext] - if !ok || context == nil { - return "", "", fmt.Errorf("no context") - } - - cluster, ok := config.Clusters[context.Cluster] - if !ok || cluster == nil { - return "", "", fmt.Errorf("no cluster") - } - - var kubeConfigDefault string - - paths := loadingRules.Precedence - { - - // For all the kubeconfig paths, look for one that exists - for _, path := range paths { - _, err = os.Stat(path) - if err == nil { - // Success - kubeConfigDefault = path - break - } // Otherwise, continue. - - } - - if kubeConfigDefault == "" { - return "", "", fmt.Errorf("unable to retrieve kube config path") - } - } - - kubeConfigContents, err := os.ReadFile(kubeConfigDefault) - if err != nil { - return "", "", err - } - - return string(kubeConfigContents), cluster.Server, nil -} diff --git a/test/e2e/fixture/app/actions.go b/test/e2e/fixture/app/actions.go index f4fd167db1024..021b6904219fa 100644 --- a/test/e2e/fixture/app/actions.go +++ b/test/e2e/fixture/app/actions.go @@ -78,12 +78,6 @@ func (a *Actions) AddTag(name string) *Actions { return a } -func (a *Actions) RemoveSubmodule() *Actions { - a.context.t.Helper() - fixture.RemoveSubmodule() - return a -} - func (a *Actions) CreateFromPartialFile(data string, flags ...string) *Actions { a.context.t.Helper() tmpFile, err := os.CreateTemp("", "") @@ -366,10 +360,6 @@ func (a *Actions) Sync(args ...string) *Actions { args = append(args, "--force") } - if a.context.applyOutOfSyncOnly { - args = append(args, "--apply-out-of-sync-only") - } - if a.context.replace { args = append(args, "--replace") } diff --git a/test/e2e/fixture/app/context.go b/test/e2e/fixture/app/context.go index aa961f30d15fa..f0befbe456c27 100644 --- a/test/e2e/fixture/app/context.go +++ b/test/e2e/fixture/app/context.go @@ -38,7 +38,6 @@ type Context struct { project string revision string force bool - applyOutOfSyncOnly bool directoryRecurse bool replace bool helmPassCredentials bool @@ -301,6 +300,13 @@ func (c *Context) ResourceFilter(filter settings.ResourcesFilter) *Context { return c } +// this both configures the plugin, but forces use of it +func (c *Context) ConfigManagementPlugin(plugin v1alpha1.ConfigManagementPlugin) *Context { + fixture.SetConfigManagementPlugins(plugin) + c.configManagementPlugin = plugin.Name + return c +} + func (c *Context) And(block func()) *Context { block() return c @@ -342,11 +348,6 @@ func (c *Context) Force() *Context { return c } -func (c *Context) ApplyOutOfSyncOnly() *Context { - c.applyOutOfSyncOnly = true - return c -} - func (c *Context) HelmPassCredentials() *Context { c.helmPassCredentials = true return c diff --git a/test/e2e/fixture/applicationsets/actions.go b/test/e2e/fixture/applicationsets/actions.go index ee9a857988f99..956d62ad86707 100644 --- a/test/e2e/fixture/applicationsets/actions.go +++ b/test/e2e/fixture/applicationsets/actions.go @@ -15,7 +15,6 @@ import ( "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/wait" - "k8s.io/client-go/dynamic" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" @@ -63,18 +62,6 @@ func (a *Actions) Then() *Consequences { return &Consequences{a.context, a} } -func (a *Actions) SwitchToExternalNamespace() *Actions { - a.context.useExternalNamespace = true - log.Infof("switched to external namespace: %s", utils.ArgoCDExternalNamespace) - return a -} - -func (a *Actions) SwitchToArgoCDNamespace() *Actions { - a.context.useExternalNamespace = false - log.Infof("switched to argocd namespace: %s", utils.ArgoCDNamespace) - return a -} - // CreateClusterSecret creates a faux cluster secret, with the given cluster server and cluster name (this cluster // will not actually be used by the Argo CD controller, but that's not needed for our E2E tests) func (a *Actions) CreateClusterSecret(secretName string, clusterName string, clusterServer string) *Actions { @@ -189,15 +176,15 @@ func (a *Actions) DeletePlacementDecision(placementDecisionName string) *Actions // Create a temporary namespace, from utils.ApplicationSet, for use by the test. // This namespace will be deleted on subsequent tests. -func (a *Actions) CreateNamespace(namespace string) *Actions { +func (a *Actions) CreateNamespace() *Actions { a.context.t.Helper() fixtureClient := utils.GetE2EFixtureK8sClient() _, err := fixtureClient.KubeClientset.CoreV1().Namespaces().Create(context.Background(), - &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: namespace}}, metav1.CreateOptions{}) + &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: utils.ApplicationSetNamespace}}, metav1.CreateOptions{}) - a.describeAction = fmt.Sprintf("creating namespace '%s'", namespace) + a.describeAction = fmt.Sprintf("creating namespace '%s'", utils.ApplicationSetNamespace) a.lastOutput, a.lastError = "", err a.verifyAction() @@ -208,27 +195,17 @@ func (a *Actions) CreateNamespace(namespace string) *Actions { func (a *Actions) Create(appSet v1alpha1.ApplicationSet) *Actions { a.context.t.Helper() - fixtureClient := utils.GetE2EFixtureK8sClient() - appSet.APIVersion = "argoproj.io/v1alpha1" appSet.Kind = "ApplicationSet" - var appSetClientSet dynamic.ResourceInterface - - if a.context.useExternalNamespace { - appSetClientSet = fixtureClient.ExternalAppSetClientset - } else { - appSetClientSet = fixtureClient.AppSetClientset - } - - newResource, err := appSetClientSet.Create(context.Background(), utils.MustToUnstructured(&appSet), metav1.CreateOptions{}) + fixtureClient := utils.GetE2EFixtureK8sClient() + newResource, err := fixtureClient.AppSetClientset.Create(context.Background(), utils.MustToUnstructured(&appSet), metav1.CreateOptions{}) if err == nil { a.context.name = newResource.GetName() - a.context.namespace = newResource.GetNamespace() } - a.describeAction = fmt.Sprintf("creating ApplicationSet '%s/%s'", appSet.Namespace, appSet.Name) + a.describeAction = fmt.Sprintf("creating ApplicationSet '%s'", appSet.Name) a.lastOutput, a.lastError = "", err a.verifyAction() @@ -387,17 +364,9 @@ func (a *Actions) Delete() *Actions { fixtureClient := utils.GetE2EFixtureK8sClient() - var appSetClientSet dynamic.ResourceInterface - - if a.context.useExternalNamespace { - appSetClientSet = fixtureClient.ExternalAppSetClientset - } else { - appSetClientSet = fixtureClient.AppSetClientset - } - deleteProp := metav1.DeletePropagationForeground - err := appSetClientSet.Delete(context.Background(), a.context.name, metav1.DeleteOptions{PropagationPolicy: &deleteProp}) - a.describeAction = fmt.Sprintf("Deleting ApplicationSet '%s/%s' %v", a.context.namespace, a.context.name, err) + err := fixtureClient.AppSetClientset.Delete(context.Background(), a.context.name, metav1.DeleteOptions{PropagationPolicy: &deleteProp}) + a.describeAction = fmt.Sprintf("Deleting ApplicationSet '%s' %v", a.context.name, err) a.lastOutput, a.lastError = "", err a.verifyAction() @@ -409,16 +378,7 @@ func (a *Actions) get() (*v1alpha1.ApplicationSet, error) { appSet := v1alpha1.ApplicationSet{} fixtureClient := utils.GetE2EFixtureK8sClient() - - var appSetClientSet dynamic.ResourceInterface - - if a.context.useExternalNamespace { - appSetClientSet = fixtureClient.ExternalAppSetClientset - } else { - appSetClientSet = fixtureClient.AppSetClientset - } - - newResource, err := appSetClientSet.Get(context.Background(), a.context.name, metav1.GetOptions{}) + newResource, err := fixtureClient.AppSetClientset.Get(context.Background(), a.context.name, metav1.GetOptions{}) if err != nil { return nil, err } @@ -453,19 +413,10 @@ func (a *Actions) Update(toUpdate func(*v1alpha1.ApplicationSet)) *Actions { if err == nil { // Keep trying to update until it succeeds, or the test times out toUpdate(appSet) - a.describeAction = fmt.Sprintf("updating ApplicationSet '%s/%s'", appSet.Namespace, appSet.Name) + a.describeAction = fmt.Sprintf("updating ApplicationSet '%s'", appSet.Name) fixtureClient := utils.GetE2EFixtureK8sClient() - - var appSetClientSet dynamic.ResourceInterface - - if a.context.useExternalNamespace { - appSetClientSet = fixtureClient.ExternalAppSetClientset - } else { - appSetClientSet = fixtureClient.AppSetClientset - } - - _, err = appSetClientSet.Update(context.Background(), utils.MustToUnstructured(&appSet), metav1.UpdateOptions{}) + _, err = fixtureClient.AppSetClientset.Update(context.Background(), utils.MustToUnstructured(&appSet), metav1.UpdateOptions{}) if err != nil { mostRecentError = err diff --git a/test/e2e/fixture/applicationsets/consequences.go b/test/e2e/fixture/applicationsets/consequences.go index 2672b58fe9317..305a06a4d7174 100644 --- a/test/e2e/fixture/applicationsets/consequences.go +++ b/test/e2e/fixture/applicationsets/consequences.go @@ -3,14 +3,12 @@ package applicationsets import ( "context" "encoding/json" - "time" - "github.com/argoproj/argo-cd/v2/test/e2e/fixture" + "time" "github.com/argoproj/pkg/errors" log "github.com/sirupsen/logrus" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/client-go/dynamic" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/test/e2e/fixture/applicationsets/utils" @@ -76,15 +74,8 @@ func (c *Consequences) app(name string) *v1alpha1.Application { func (c *Consequences) apps() []v1alpha1.Application { - var namespace string - if c.context.useExternalNamespace { - namespace = utils.ArgoCDExternalNamespace - } else { - namespace = fixture.TestNamespace() - } - fixtureClient := utils.GetE2EFixtureK8sClient() - list, err := fixtureClient.AppClientset.ArgoprojV1alpha1().Applications(namespace).List(context.Background(), metav1.ListOptions{}) + list, err := fixtureClient.AppClientset.ArgoprojV1alpha1().Applications(fixture.TestNamespace()).List(context.Background(), metav1.ListOptions{}) errors.CheckError(err) if list == nil { @@ -97,16 +88,7 @@ func (c *Consequences) apps() []v1alpha1.Application { func (c *Consequences) applicationSet(applicationSetName string) *v1alpha1.ApplicationSet { fixtureClient := utils.GetE2EFixtureK8sClient() - - var appSetClientSet dynamic.ResourceInterface - - if c.context.useExternalNamespace { - appSetClientSet = fixtureClient.ExternalAppSetClientset - } else { - appSetClientSet = fixtureClient.AppSetClientset - } - - list, err := appSetClientSet.Get(context.Background(), c.actions.context.name, metav1.GetOptions{}) + list, err := fixtureClient.AppSetClientset.Get(context.Background(), c.actions.context.name, metav1.GetOptions{}) errors.CheckError(err) var appSet v1alpha1.ApplicationSet diff --git a/test/e2e/fixture/applicationsets/context.go b/test/e2e/fixture/applicationsets/context.go index d2a0479a62aee..c6269c4b36b61 100644 --- a/test/e2e/fixture/applicationsets/context.go +++ b/test/e2e/fixture/applicationsets/context.go @@ -12,9 +12,7 @@ type Context struct { t *testing.T // name is the ApplicationSet's name, created by a Create action - name string - namespace string - useExternalNamespace bool + name string } func Given(t *testing.T) *Context { diff --git a/test/e2e/fixture/applicationsets/expectation.go b/test/e2e/fixture/applicationsets/expectation.go index 990ad5f33dbfb..fce722b70c9e3 100644 --- a/test/e2e/fixture/applicationsets/expectation.go +++ b/test/e2e/fixture/applicationsets/expectation.go @@ -63,7 +63,7 @@ func ApplicationsExist(expectedApps []v1alpha1.Application) Expectation { for _, expectedApp := range expectedApps { foundApp := c.app(expectedApp.Name) if foundApp == nil { - return pending, fmt.Sprintf("missing app '%s'", expectedApp.QualifiedName()) + return pending, fmt.Sprintf("missing app '%s'", expectedApp.Name) } if !appsAreEqual(expectedApp, *foundApp) { @@ -73,7 +73,7 @@ func ApplicationsExist(expectedApps []v1alpha1.Application) Expectation { return failed, err.Error() } - return pending, fmt.Sprintf("apps are not equal: '%s', diff: %s\n", expectedApp.QualifiedName(), diff) + return pending, fmt.Sprintf("apps are not equal: '%s', diff: %s\n", expectedApp.Name, diff) } @@ -112,7 +112,7 @@ func ApplicationsDoNotExist(expectedApps []v1alpha1.Application) Expectation { for _, expectedApp := range expectedApps { foundApp := c.app(expectedApp.Name) if foundApp != nil { - return pending, fmt.Sprintf("app '%s' should no longer exist", expectedApp.QualifiedName()) + return pending, fmt.Sprintf("app '%s' should no longer exist", expectedApp.Name) } } @@ -123,7 +123,7 @@ func ApplicationsDoNotExist(expectedApps []v1alpha1.Application) Expectation { // Pod checks whether a specified condition is true for any of the pods in the namespace func Pod(predicate func(p corev1.Pod) bool) Expectation { return func(c *Consequences) (state, string) { - pods, err := pods(utils.ApplicationsResourcesNamespace) + pods, err := pods(utils.ApplicationSetNamespace) if err != nil { return failed, err.Error() } diff --git a/test/e2e/fixture/applicationsets/utils/fixture.go b/test/e2e/fixture/applicationsets/utils/fixture.go index 6cf984f99afc7..1f782f5fc3ea4 100644 --- a/test/e2e/fixture/applicationsets/utils/fixture.go +++ b/test/e2e/fixture/applicationsets/utils/fixture.go @@ -32,13 +32,10 @@ const ( // and in which Application resources should be created. ArgoCDNamespace = "argocd-e2e" - // ArgoCDExternalNamespace is an external namespace to test additional namespaces - ArgoCDExternalNamespace = "argocd-e2e-external" - - // ApplicationsResourcesNamespace is the namespace into which temporary resources (such as Deployments/Pods/etc) + // ApplicationSetNamespace is the namespace into which temporary resources (such as Deployments/Pods/etc) // can be deployed, such as using it as the target namespace in an Application resource. // Note: this is NOT the namespace the ApplicationSet controller is deployed to; see ArgoCDNamespace. - ApplicationsResourcesNamespace = "applicationset-e2e" + ApplicationSetNamespace = "applicationset-e2e" TmpDir = "/tmp/applicationset-e2e" TestingLabel = "e2e.argoproj.io" @@ -54,11 +51,10 @@ var ( // E2EFixtureK8sClient contains Kubernetes clients initialized from local k8s configuration type E2EFixtureK8sClient struct { - KubeClientset kubernetes.Interface - DynamicClientset dynamic.Interface - AppClientset appclientset.Interface - AppSetClientset dynamic.ResourceInterface - ExternalAppSetClientset dynamic.ResourceInterface + KubeClientset kubernetes.Interface + DynamicClientset dynamic.Interface + AppClientset appclientset.Interface + AppSetClientset dynamic.ResourceInterface } func GetEnvWithDefault(envName, defaultValue string) string { @@ -78,6 +74,7 @@ func TestNamespace() string { // GetE2EFixtureK8sClient initializes the Kubernetes clients (if needed), and returns the most recently initalized value. // Note: this requires a local Kubernetes configuration (for example, while running the E2E tests). func GetE2EFixtureK8sClient() *E2EFixtureK8sClient { + // Initialize the Kubernetes clients only on first use clientInitialized.Do(func() { @@ -91,7 +88,7 @@ func GetE2EFixtureK8sClient() *E2EFixtureK8sClient { } internalClientVars.AppSetClientset = internalClientVars.DynamicClientset.Resource(v1alpha1.SchemeGroupVersion.WithResource("applicationsets")).Namespace(TestNamespace()) - internalClientVars.ExternalAppSetClientset = internalClientVars.DynamicClientset.Resource(v1alpha1.SchemeGroupVersion.WithResource("applicationsets")).Namespace(ArgoCDExternalNamespace) + }) return internalClientVars } @@ -106,17 +103,11 @@ func EnsureCleanState(t *testing.T) { policy := v1.DeletePropagationForeground // Delete the applicationset-e2e namespace, if it exists - err := fixtureClient.KubeClientset.CoreV1().Namespaces().Delete(context.Background(), ApplicationsResourcesNamespace, v1.DeleteOptions{PropagationPolicy: &policy}) + err := fixtureClient.KubeClientset.CoreV1().Namespaces().Delete(context.Background(), ApplicationSetNamespace, v1.DeleteOptions{PropagationPolicy: &policy}) if err != nil && !strings.Contains(err.Error(), "not found") { // 'not found' error is expected CheckError(err) } - // Delete the argocd-e2e-external namespace, if it exists - err2 := fixtureClient.KubeClientset.CoreV1().Namespaces().Delete(context.Background(), ArgoCDExternalNamespace, v1.DeleteOptions{PropagationPolicy: &policy}) - if err2 != nil && !strings.Contains(err2.Error(), "not found") { // 'not found' error is expected - CheckError(err) - } - // delete resources // kubectl delete applicationsets --all CheckError(fixtureClient.AppSetClientset.DeleteCollection(context.Background(), v1.DeleteOptions{PropagationPolicy: &policy}, v1.ListOptions{})) @@ -208,37 +199,12 @@ func waitForExpectedClusterState() error { // Wait up to 120 seconds for namespace to not exist if err := waitForSuccess(func() error { - _, err := fixtureClient.KubeClientset.CoreV1().Namespaces().Get(context.Background(), ApplicationsResourcesNamespace, v1.GetOptions{}) - - msg := "" - - if err == nil { - msg = fmt.Sprintf("namespace '%s' still exists, after delete", ApplicationsResourcesNamespace) - } - - if msg == "" && err != nil && strings.Contains(err.Error(), "not found") { - // Success is an error containing 'applicationset-e2e' not found. - return nil - } - - if msg == "" { - msg = err.Error() - } - - return fmt.Errorf(msg) - - }, time.Now().Add(120*time.Second)); err != nil { - return err - } - - // Wait up to 120 seconds for namespace to not exist - if err := waitForSuccess(func() error { - _, err := fixtureClient.KubeClientset.CoreV1().Namespaces().Get(context.Background(), ArgoCDExternalNamespace, v1.GetOptions{}) + _, err := fixtureClient.KubeClientset.CoreV1().Namespaces().Get(context.Background(), ApplicationSetNamespace, v1.GetOptions{}) msg := "" if err == nil { - msg = fmt.Sprintf("namespace '%s' still exists, after delete", ArgoCDExternalNamespace) + msg = fmt.Sprintf("namespace '%s' still exists, after delete", ApplicationSetNamespace) } if msg == "" && err != nil && strings.Contains(err.Error(), "not found") { diff --git a/test/e2e/fixture/cluster/actions.go b/test/e2e/fixture/cluster/actions.go index 0613c9a22cf15..3f047e8f9b03e 100644 --- a/test/e2e/fixture/cluster/actions.go +++ b/test/e2e/fixture/cluster/actions.go @@ -45,10 +45,10 @@ func (a *Actions) Create(args ...string) *Actions { Cluster: &v1alpha1.Cluster{ Server: a.context.server, Name: a.context.name, - Config: v1alpha1.ClusterConfig{BearerToken: a.context.bearerToken}, + Config: v1alpha1.ClusterConfig{}, ConnectionState: v1alpha1.ConnectionState{}, ServerVersion: "", - Namespaces: a.context.namespaces, + Namespaces: nil, RefreshRequestedAt: nil, Info: v1alpha1.ClusterInfo{}, Shard: nil, diff --git a/test/e2e/fixture/cluster/context.go b/test/e2e/fixture/cluster/context.go index bd0102f891d71..236be6a3a3913 100644 --- a/test/e2e/fixture/cluster/context.go +++ b/test/e2e/fixture/cluster/context.go @@ -12,13 +12,12 @@ import ( type Context struct { t *testing.T // seconds - timeout int - name string - project string - server string - upsert bool - namespaces []string - bearerToken string + timeout int + name string + project string + server string + upsert bool + namespaces []string } func Given(t *testing.T) *Context { @@ -68,11 +67,6 @@ func (c *Context) Project(project string) *Context { return c } -func (c *Context) BearerToken(bearerToken string) *Context { - c.bearerToken = bearerToken - return c -} - func (c *Context) Upsert(upsert bool) *Context { c.upsert = upsert return c diff --git a/test/e2e/fixture/fixture.go b/test/e2e/fixture/fixture.go index 8778e74dd68cf..008bc37bd952f 100644 --- a/test/e2e/fixture/fixture.go +++ b/test/e2e/fixture/fixture.go @@ -15,6 +15,7 @@ import ( "github.com/argoproj/pkg/errors" jsonpatch "github.com/evanphx/json-patch" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -22,14 +23,12 @@ import ( "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apiclient" sessionpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/session" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" appclientset "github.com/argoproj/argo-cd/v2/pkg/client/clientset/versioned" - "github.com/argoproj/argo-cd/v2/util/env" . "github.com/argoproj/argo-cd/v2/util/errors" grpcutil "github.com/argoproj/argo-cd/v2/util/grpc" "github.com/argoproj/argo-cd/v2/util/io" @@ -58,40 +57,28 @@ const ( // cmp plugin sock file path PluginSockFilePath = "/app/config/plugin" - - E2ETestPrefix = "e2e-test-" ) const ( - EnvAdminUsername = "ARGOCD_E2E_ADMIN_USERNAME" - EnvAdminPassword = "ARGOCD_E2E_ADMIN_PASSWORD" - EnvArgoCDServerName = "ARGOCD_E2E_SERVER_NAME" - EnvArgoCDRedisHAProxyName = "ARGOCD_E2E_REDIS_HAPROXY_NAME" - EnvArgoCDRedisName = "ARGOCD_E2E_REDIS_NAME" - EnvArgoCDRepoServerName = "ARGOCD_E2E_REPO_SERVER_NAME" - EnvArgoCDAppControllerName = "ARGOCD_E2E_APPLICATION_CONTROLLER_NAME" + EnvAdminUsername = "ARGOCD_E2E_ADMIN_USERNAME" + EnvAdminPassword = "ARGOCD_E2E_ADMIN_PASSWORD" ) var ( - id string - deploymentNamespace string - name string - KubeClientset kubernetes.Interface - KubeConfig *rest.Config - DynamicClientset dynamic.Interface - AppClientset appclientset.Interface - ArgoCDClientset apiclient.Client - adminUsername string - AdminPassword string - apiServerAddress string - token string - plainText bool - testsRun map[string]bool - argoCDServerName string - argoCDRedisHAProxyName string - argoCDRedisName string - argoCDRepoServerName string - argoCDAppControllerName string + id string + deploymentNamespace string + name string + KubeClientset kubernetes.Interface + KubeConfig *rest.Config + DynamicClientset dynamic.Interface + AppClientset appclientset.Interface + ArgoCDClientset apiclient.Client + adminUsername string + AdminPassword string + apiServerAddress string + token string + plainText bool + testsRun map[string]bool ) type RepoURLType string @@ -155,7 +142,8 @@ func GetEnvWithDefault(envName, defaultValue string) string { // IsRemote returns true when the tests are being run against a workload that // is running in a remote cluster. func IsRemote() bool { - return env.ParseBoolFromEnv("ARGOCD_E2E_REMOTE", false) + r := os.Getenv("ARGOCD_E2E_REMOTE") + return r == "true" } // IsLocal returns when the tests are being run against a local workload @@ -179,26 +167,11 @@ func init() { adminUsername = GetEnvWithDefault(EnvAdminUsername, defaultAdminUsername) AdminPassword = GetEnvWithDefault(EnvAdminPassword, defaultAdminPassword) - argoCDServerName = GetEnvWithDefault(EnvArgoCDServerName, common.DefaultServerName) - argoCDRedisHAProxyName = GetEnvWithDefault(EnvArgoCDRedisHAProxyName, common.DefaultRedisHaProxyName) - argoCDRedisName = GetEnvWithDefault(EnvArgoCDRedisName, common.DefaultRedisName) - argoCDRepoServerName = GetEnvWithDefault(EnvArgoCDRepoServerName, common.DefaultRepoServerName) - argoCDAppControllerName = GetEnvWithDefault(EnvArgoCDAppControllerName, common.DefaultApplicationControllerName) - dialTime := 30 * time.Second tlsTestResult, err := grpcutil.TestTLS(apiServerAddress, dialTime) CheckError(err) - ArgoCDClientset, err = apiclient.NewClient(&apiclient.ClientOptions{ - Insecure: true, - ServerAddr: apiServerAddress, - PlainText: !tlsTestResult.TLS, - ServerName: argoCDServerName, - RedisHaProxyName: argoCDRedisHAProxyName, - RedisName: argoCDRedisName, - RepoServerName: argoCDRepoServerName, - AppControllerName: argoCDAppControllerName, - }) + ArgoCDClientset, err = apiclient.NewClient(&apiclient.ClientOptions{Insecure: true, ServerAddr: apiServerAddress, PlainText: !tlsTestResult.TLS}) CheckError(err) plainText = !tlsTestResult.TLS @@ -244,15 +217,10 @@ func loginAs(username, password string) { token = sessionResponse.Token ArgoCDClientset, err = apiclient.NewClient(&apiclient.ClientOptions{ - Insecure: true, - ServerAddr: apiServerAddress, - AuthToken: token, - PlainText: plainText, - ServerName: argoCDServerName, - RedisHaProxyName: argoCDRedisHAProxyName, - RedisName: argoCDRedisName, - RepoServerName: argoCDRepoServerName, - AppControllerName: argoCDAppControllerName, + Insecure: true, + ServerAddr: apiServerAddress, + AuthToken: token, + PlainText: plainText, }) CheckError(err) } @@ -482,6 +450,17 @@ func SetPermissions(permissions []ACL, username string, roleName string) { }) } +func SetConfigManagementPlugins(plugin ...v1alpha1.ConfigManagementPlugin) { + updateSettingConfigMap(func(cm *corev1.ConfigMap) error { + yamlBytes, err := yaml.Marshal(plugin) + if err != nil { + return err + } + cm.Data["configManagementPlugins"] = string(yamlBytes) + return nil + }) +} + func SetResourceFilter(filters settings.ResourcesFilter) { updateSettingConfigMap(func(cm *corev1.ConfigMap) error { exclusions, err := yaml.Marshal(filters.ResourceExclusions) @@ -698,33 +677,6 @@ func EnsureCleanState(t *testing.T, opts ...TestOption) { FailOnErr(Run("", "kubectl", "create", "ns", DeploymentNamespace())) FailOnErr(Run("", "kubectl", "label", "ns", DeploymentNamespace(), TestingLabel+"=true")) - // delete old namespaces used by E2E tests - namespaces, err := KubeClientset.CoreV1().Namespaces().List(context.Background(), v1.ListOptions{}) - CheckError(err) - for _, namespace := range namespaces.Items { - if strings.HasPrefix(namespace.Name, E2ETestPrefix) { - FailOnErr(Run("", "kubectl", "delete", "ns", namespace.Name)) - } - } - - // delete old ClusterRoles that begin with "e2e-test-" prefix (E2ETestPrefix), which were created by tests - clusterRoles, err := KubeClientset.RbacV1().ClusterRoles().List(context.Background(), v1.ListOptions{}) - CheckError(err) - for _, clusterRole := range clusterRoles.Items { - if strings.HasPrefix(clusterRole.Name, E2ETestPrefix) { - FailOnErr(Run("", "kubectl", "delete", "clusterrole", clusterRole.Name)) - } - } - - // delete old ClusterRoleBindings that begin with "e2e-test-prefix", which were created by E2E tests - clusterRoleBindings, err := KubeClientset.RbacV1().ClusterRoleBindings().List(context.Background(), v1.ListOptions{}) - CheckError(err) - for _, clusterRoleBinding := range clusterRoleBindings.Items { - if strings.HasPrefix(clusterRoleBinding.Name, E2ETestPrefix) { - FailOnErr(Run("", "kubectl", "delete", "clusterrolebinding", clusterRoleBinding.Name)) - } - } - log.WithFields(log.Fields{"duration": time.Since(start), "name": t.Name(), "id": id, "username": "admin", "password": "password"}).Info("clean state") } @@ -910,18 +862,6 @@ func CreateSubmoduleRepos(repoType string) { CheckError(os.Setenv("GIT_ALLOW_PROTOCOL", oldEnv)) } -func RemoveSubmodule() { - log.Info("removing submodule") - - FailOnErr(Run(submoduleParentDirectory(), "git", "rm", "submodule/test")) - FailOnErr(Run(submoduleParentDirectory(), "touch", "submodule/.gitkeep")) - FailOnErr(Run(submoduleParentDirectory(), "git", "add", "submodule/.gitkeep")) - FailOnErr(Run(submoduleParentDirectory(), "git", "commit", "-m", "remove submodule")) - if IsRemote() { - FailOnErr(Run(submoduleParentDirectory(), "git", "push", "-f", "origin", "master")) - } -} - // RestartRepoServer performs a restart of the repo server deployment and waits // until the rollout has completed. func RestartRepoServer() { diff --git a/test/e2e/git_submodule_test.go b/test/e2e/git_submodule_test.go index 525c13d4b35ef..27476db84a1ed 100644 --- a/test/e2e/git_submodule_test.go +++ b/test/e2e/git_submodule_test.go @@ -40,25 +40,3 @@ func TestGitSubmoduleHTTPSSupport(t *testing.T) { Expect(SyncStatusIs(SyncStatusCodeSynced)). Expect(Pod(func(p v1.Pod) bool { return p.Name == "pod-in-submodule" })) } - -func TestGitSubmoduleRemovalSupport(t *testing.T) { - Given(t). - RepoURLType(fixture.RepoURLTypeSSHSubmoduleParent). - Path("submodule"). - Recurse(). - CustomSSHKnownHostsAdded(). - SubmoduleSSHRepoURLAdded(true). - When(). - CreateFromFile(func(app *Application) {}). - Sync(). - Then(). - Expect(SyncStatusIs(SyncStatusCodeSynced)). - Expect(Pod(func(p v1.Pod) bool { return p.Name == "pod-in-submodule" })). - When(). - RemoveSubmodule(). - Refresh(RefreshTypeNormal). - Sync(). - Then(). - Expect(SyncStatusIs(SyncStatusCodeSynced)). - Expect(NotPod(func(p v1.Pod) bool { return p.Name == "pod-in-submodule" })) -} diff --git a/test/e2e/helm_test.go b/test/e2e/helm_test.go index 5fd774ea0c46d..a723d3a90bb30 100644 --- a/test/e2e/helm_test.go +++ b/test/e2e/helm_test.go @@ -6,7 +6,6 @@ import ( "net" "net/http" "os" - "strings" "testing" "github.com/argoproj/gitops-engine/pkg/health" @@ -20,7 +19,6 @@ import ( "github.com/argoproj/argo-cd/v2/test/e2e/fixture" . "github.com/argoproj/argo-cd/v2/test/e2e/fixture" . "github.com/argoproj/argo-cd/v2/test/e2e/fixture/app" - projectFixture "github.com/argoproj/argo-cd/v2/test/e2e/fixture/project" "github.com/argoproj/argo-cd/v2/test/e2e/fixture/repos" . "github.com/argoproj/argo-cd/v2/util/errors" "github.com/argoproj/argo-cd/v2/util/settings" @@ -202,7 +200,7 @@ func TestHelmValuesLiteralFileLocal(t *testing.T) { if err != nil { panic(err) } - assert.Equal(t, strings.TrimSuffix(string(data), "\n"), app.Spec.GetSource().Helm.ValuesString()) + assert.Equal(t, string(data), app.Spec.GetSource().Helm.Values) }). When(). AppUnSet("--values-literal"). @@ -244,7 +242,7 @@ func TestHelmValuesLiteralFileRemote(t *testing.T) { AppSet("--values-literal-file", "http://"+address). Then(). And(func(app *Application) { - assert.Equal(t, "a: b", app.Spec.GetSource().Helm.ValuesString()) + assert.Equal(t, "a: b", app.Spec.GetSource().Helm.Values) }). When(). AppUnSet("--values-literal"). @@ -401,45 +399,6 @@ func TestHelmWithMultipleDependencies(t *testing.T) { Expect(SyncStatusIs(SyncStatusCodeSynced)) } -func TestHelmDependenciesPermissionDenied(t *testing.T) { - SkipOnEnv(t, "HELM") - - projName := "argo-helm-project-denied" - projectFixture. - Given(t). - Name(projName). - Destination("*,*"). - When(). - Create(). - AddSource(RepoURL(RepoURLTypeFile)) - - expectedErr := fmt.Sprintf("helm repos localhost:5000/myrepo are not permitted in project '%s'", projName) - GivenWithSameState(t). - Project(projName). - Path("helm-oci-with-dependencies"). - CustomCACertAdded(). - HelmHTTPSCredentialsUserPassAdded(). - HelmPassCredentials(). - When(). - IgnoreErrors(). - CreateApp(). - Then(). - Expect(Error("", expectedErr)) - - expectedErr = fmt.Sprintf("helm repos https://localhost:9443/argo-e2e/testdata.git/helm-repo/local, https://localhost:9443/argo-e2e/testdata.git/helm-repo/local2 are not permitted in project '%s'", projName) - GivenWithSameState(t). - Project(projName). - Path("helm-with-multiple-dependencies-permission-denied"). - CustomCACertAdded(). - HelmHTTPSCredentialsUserPassAdded(). - HelmPassCredentials(). - When(). - IgnoreErrors(). - CreateApp(). - Then(). - Expect(Error("", expectedErr)) -} - func TestHelmWithDependenciesLegacyRepo(t *testing.T) { SkipOnEnv(t, "HELM") testHelmWithDependencies(t, "helm-with-dependencies", true) diff --git a/test/e2e/jsonnet_test.go b/test/e2e/jsonnet_test.go index cad88f34a0048..7cc50d2bccab5 100644 --- a/test/e2e/jsonnet_test.go +++ b/test/e2e/jsonnet_test.go @@ -102,7 +102,7 @@ func TestJsonnetExtVarEnv(t *testing.T) { }) } -// Jsonnet file located in nested sub directory uses import +//Jsonnet file located in nested sub directory uses import func TestJsonnetNestedDirWithImports(t *testing.T) { Given(t). Path("jsonnet-nested-dir-with-imports/apps"). diff --git a/test/e2e/matrix_e2e_test.go b/test/e2e/matrix_e2e_test.go index d61c5ec680e1f..02e9b60c7a6b2 100644 --- a/test/e2e/matrix_e2e_test.go +++ b/test/e2e/matrix_e2e_test.go @@ -26,9 +26,6 @@ func TestListMatrixGenerator(t *testing.T) { Name: fmt.Sprintf("%s-%s", cluster, name), Namespace: utils.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "matrix-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -128,10 +125,7 @@ func TestListMatrixGenerator(t *testing.T) { for _, expectedApp := range expectedAppsNewNamespace { expectedAppNewMetadata := expectedApp.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "matrix-generator", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} expectedAppsNewMetadata = append(expectedAppsNewMetadata, *expectedAppNewMetadata) } }). @@ -156,9 +150,6 @@ func TestClusterMatrixGenerator(t *testing.T) { Name: fmt.Sprintf("%s-%s", cluster, name), Namespace: utils.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "matrix-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -261,10 +252,7 @@ func TestClusterMatrixGenerator(t *testing.T) { for _, expectedApp := range expectedAppsNewNamespace { expectedAppNewMetadata := expectedApp.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "matrix-generator", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} expectedAppsNewMetadata = append(expectedAppsNewMetadata, *expectedAppNewMetadata) } }). @@ -277,310 +265,3 @@ func TestClusterMatrixGenerator(t *testing.T) { When(). Delete().Then().Expect(ApplicationsDoNotExist(expectedAppsNewNamespace)) } - -func TestMatrixTerminalMatrixGeneratorSelector(t *testing.T) { - generateExpectedApp := func(cluster, name string) argov1alpha1.Application { - return argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: application.ApplicationKind, - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf("%s-%s", cluster, name), - Namespace: utils.TestNamespace(), - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "matrix-generator-nested-matrix", - }, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: name, - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: name, - }, - }, - } - } - - expectedApps1 := []argov1alpha1.Application{ - generateExpectedApp("cluster1", "kustomize-guestbook"), - generateExpectedApp("cluster1", "helm-guestbook"), - generateExpectedApp("cluster1", "ksonnet-guestbook"), - } - expectedApps2 := []argov1alpha1.Application{ - generateExpectedApp("cluster2", "kustomize-guestbook"), - generateExpectedApp("cluster2", "helm-guestbook"), - generateExpectedApp("cluster2", "ksonnet-guestbook"), - } - - Given(t). - // Create ApplicationSet with LabelSelector on an ApplicationSetTerminalGenerator - When(). - Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "matrix-generator-nested-matrix", - }, - Spec: v1alpha1.ApplicationSetSpec{ - ApplyNestedSelectors: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{values.name}}-{{path.basename}}"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "{{path}}", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "{{path.basename}}", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Matrix: &v1alpha1.MatrixGenerator{ - Generators: []v1alpha1.ApplicationSetNestedGenerator{ - { - Matrix: toAPIExtensionsJSON(t, &v1alpha1.NestedMatrixGenerator{ - Generators: []v1alpha1.ApplicationSetTerminalGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc", "values": {"name": "cluster1"}}`)}, - {Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc", "values": {"name": "cluster2"}}`)}, - }, - }, - Selector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "values.name": "cluster1", - }, - }, - }, - { - Git: &v1alpha1.GitGenerator{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { - Path: "*guestbook*", - }, - }, - }, - }, - }, - }), - }, - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{}`)}, - }, - }, - }, - }, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist(expectedApps1)).Expect(ApplicationsDoNotExist(expectedApps2)). - - // Update the ApplicationSetTerminalGenerator LabelSelector, and verify the Applications are deleted and created - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.Generators[0].Matrix.Generators[0].Matrix = toAPIExtensionsJSON(t, &v1alpha1.NestedMatrixGenerator{ - Generators: []v1alpha1.ApplicationSetTerminalGenerator{ - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc", "values": {"name": "cluster1"}}`)}, - {Raw: []byte(`{"cluster": "my-cluster","url": "https://kubernetes.default.svc", "values": {"name": "cluster2"}}`)}, - }, - }, - Selector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "values.name": "cluster2", - }, - }, - }, - { - Git: &v1alpha1.GitGenerator{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { - Path: "*guestbook*", - }, - }, - }, - }, - }, - }) - }).Then().Expect(ApplicationsExist(expectedApps2)).Expect(ApplicationsDoNotExist(expectedApps1)). - - // Set ApplyNestedSelector to false and verify all Applications are created - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.ApplyNestedSelectors = false - }).Then().Expect(ApplicationsExist(expectedApps1)).Expect(ApplicationsExist(expectedApps2)). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist(expectedApps1)).Expect(ApplicationsDoNotExist(expectedApps2)) -} - -func TestMatrixTerminalMergeGeneratorSelector(t *testing.T) { - generateExpectedApp := func(name, nameSuffix string) argov1alpha1.Application { - return argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: application.ApplicationKind, - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf("%s-%s", name, nameSuffix), - Namespace: utils.TestNamespace(), - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "matrix-generator-nested-merge", - }, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: name, - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: name, - }, - }, - } - } - - expectedApps1 := []argov1alpha1.Application{ - generateExpectedApp("kustomize-guestbook", "1"), - } - expectedApps2 := []argov1alpha1.Application{ - generateExpectedApp("helm-guestbook", "2"), - } - - Given(t). - // Create ApplicationSet with LabelSelector on an ApplicationSetTerminalGenerator - When(). - Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "matrix-generator-nested-merge", - }, - Spec: v1alpha1.ApplicationSetSpec{ - ApplyNestedSelectors: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{path.basename}}-{{name-suffix}}"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "{{path}}", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "{{path.basename}}", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Matrix: &v1alpha1.MatrixGenerator{ - Generators: []v1alpha1.ApplicationSetNestedGenerator{ - { - Merge: toAPIExtensionsJSON(t, &v1alpha1.NestedMergeGenerator{ - MergeKeys: []string{"path.basename"}, - Generators: []v1alpha1.ApplicationSetTerminalGenerator{ - { - Git: &v1alpha1.GitGenerator{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { - Path: "*guestbook*", - }, - }, - }, - Selector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "path.basename": "kustomize-guestbook", - }, - }, - }, - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{"path.basename": "kustomize-guestbook", "name-suffix": "1"}`)}, - {Raw: []byte(`{"path.basename": "helm-guestbook", "name-suffix": "2"}`)}, - }, - }, - }, - }, - }), - }, - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{}`)}, - }, - }, - }, - }, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist(expectedApps1)).Expect(ApplicationsDoNotExist(expectedApps2)). - - // Update the ApplicationSetTerminalGenerator LabelSelector, and verify the Applications are deleted and created - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - - appset.Spec.Generators[0].Matrix.Generators[0].Merge = toAPIExtensionsJSON(t, &v1alpha1.NestedMergeGenerator{ - MergeKeys: []string{"path.basename"}, - Generators: []v1alpha1.ApplicationSetTerminalGenerator{ - { - Git: &v1alpha1.GitGenerator{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { - Path: "*guestbook*", - }, - }, - }, - Selector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "path.basename": "helm-guestbook", - }, - }, - }, - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{"path.basename": "kustomize-guestbook", "name-suffix": "1"}`)}, - {Raw: []byte(`{"path.basename": "helm-guestbook", "name-suffix": "2"}`)}, - }, - }, - }, - }, - }) - }).Then().Expect(ApplicationsExist(expectedApps2)).Expect(ApplicationsDoNotExist(expectedApps1)). - - // Set ApplyNestedSelector to false and verify all Applications are created - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.ApplyNestedSelectors = false - }).Then().Expect(ApplicationsExist(expectedApps1)).Expect(ApplicationsExist(expectedApps2)). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist(expectedApps1)).Expect(ApplicationsDoNotExist(expectedApps2)) -} diff --git a/test/e2e/merge_e2e_test.go b/test/e2e/merge_e2e_test.go index 065e3f73c474b..e2a695bea7be0 100644 --- a/test/e2e/merge_e2e_test.go +++ b/test/e2e/merge_e2e_test.go @@ -27,9 +27,6 @@ func TestListMergeGenerator(t *testing.T) { Name: fmt.Sprintf("%s-%s", name, nameSuffix), Namespace: utils.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "merge-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -125,10 +122,7 @@ func TestListMergeGenerator(t *testing.T) { for _, expectedApp := range expectedAppsNewNamespace { expectedAppNewMetadata := expectedApp.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "merge-generator", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} expectedAppsNewMetadata = append(expectedAppsNewMetadata, *expectedAppNewMetadata) } }). @@ -153,9 +147,6 @@ func TestClusterMergeGenerator(t *testing.T) { Name: fmt.Sprintf("%s-%s-%s", cluster, name, nameSuffix), Namespace: utils.TestNamespace(), Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "merge-generator", - }, }, Spec: argov1alpha1.ApplicationSpec{ Project: "default", @@ -276,10 +267,7 @@ func TestClusterMergeGenerator(t *testing.T) { for _, expectedApp := range expectedAppsNewNamespace { expectedAppNewMetadata := expectedApp.DeepCopy() expectedAppNewMetadata.ObjectMeta.Annotations = map[string]string{"annotation-key": "annotation-value"} - expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{ - "label-key": "label-value", - LabelKeyAppSetInstance: "merge-generator", - } + expectedAppNewMetadata.ObjectMeta.Labels = map[string]string{"label-key": "label-value"} expectedAppsNewMetadata = append(expectedAppsNewMetadata, *expectedAppNewMetadata) } }). @@ -293,160 +281,6 @@ func TestClusterMergeGenerator(t *testing.T) { Delete().Then().Expect(ApplicationsDoNotExist(expectedAppsNewNamespace)) } -func TestMergeTerminalMergeGeneratorSelector(t *testing.T) { - generateExpectedApp := func(name, nameSuffix string) argov1alpha1.Application { - return argov1alpha1.Application{ - TypeMeta: metav1.TypeMeta{ - Kind: application.ApplicationKind, - APIVersion: "argoproj.io/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf("%s-%s", name, nameSuffix), - Namespace: utils.TestNamespace(), - Finalizers: []string{"resources-finalizer.argocd.argoproj.io"}, - Labels: map[string]string{ - LabelKeyAppSetInstance: "merge-generator-nested-merge", - }, - }, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: name, - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: name, - }, - }, - } - } - - expectedApps1 := []argov1alpha1.Application{ - generateExpectedApp("kustomize-guestbook", "1"), - } - expectedApps2 := []argov1alpha1.Application{ - generateExpectedApp("helm-guestbook", "2"), - } - - Given(t). - // Create ApplicationSet with LabelSelector on an ApplicationSetTerminalGenerator - When(). - Create(v1alpha1.ApplicationSet{ObjectMeta: metav1.ObjectMeta{ - Name: "merge-generator-nested-merge", - }, - Spec: v1alpha1.ApplicationSetSpec{ - ApplyNestedSelectors: true, - Template: v1alpha1.ApplicationSetTemplate{ - ApplicationSetTemplateMeta: v1alpha1.ApplicationSetTemplateMeta{Name: "{{path.basename}}-{{name-suffix}}"}, - Spec: argov1alpha1.ApplicationSpec{ - Project: "default", - Source: &argov1alpha1.ApplicationSource{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - TargetRevision: "HEAD", - Path: "{{path}}", - }, - Destination: argov1alpha1.ApplicationDestination{ - Server: "https://kubernetes.default.svc", - Namespace: "{{path.basename}}", - }, - }, - }, - Generators: []v1alpha1.ApplicationSetGenerator{ - { - Merge: &v1alpha1.MergeGenerator{ - MergeKeys: []string{"path.basename"}, - Generators: []v1alpha1.ApplicationSetNestedGenerator{ - { - Merge: toAPIExtensionsJSON(t, &v1alpha1.NestedMergeGenerator{ - MergeKeys: []string{"path.basename"}, - Generators: []v1alpha1.ApplicationSetTerminalGenerator{ - { - Git: &v1alpha1.GitGenerator{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { - Path: "*guestbook*", - }, - }, - }, - Selector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "path.basename": "kustomize-guestbook", - }, - }, - }, - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{"path.basename": "kustomize-guestbook", "name-suffix": "1"}`)}, - {Raw: []byte(`{"path.basename": "helm-guestbook", "name-suffix": "2"}`)}, - }, - }, - }, - }, - }), - }, - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{}`)}, - }, - }, - }, - }, - }, - }, - }, - }, - }).Then().Expect(ApplicationsExist(expectedApps1)).Expect(ApplicationsDoNotExist(expectedApps2)). - - // Update the ApplicationSetTerminalGenerator LabelSelector, and verify the Applications are deleted and created - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - - appset.Spec.Generators[0].Merge.Generators[0].Merge = toAPIExtensionsJSON(t, &v1alpha1.NestedMergeGenerator{ - MergeKeys: []string{"path.basename"}, - Generators: []v1alpha1.ApplicationSetTerminalGenerator{ - { - Git: &v1alpha1.GitGenerator{ - RepoURL: "https://github.com/argoproj/argocd-example-apps.git", - Directories: []v1alpha1.GitDirectoryGeneratorItem{ - { - Path: "*guestbook*", - }, - }, - }, - Selector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "path.basename": "helm-guestbook", - }, - }, - }, - { - List: &v1alpha1.ListGenerator{ - Elements: []apiextensionsv1.JSON{ - {Raw: []byte(`{"path.basename": "kustomize-guestbook", "name-suffix": "1"}`)}, - {Raw: []byte(`{"path.basename": "helm-guestbook", "name-suffix": "2"}`)}, - }, - }, - }, - }, - }) - }).Then().Expect(ApplicationsExist(expectedApps2)).Expect(ApplicationsDoNotExist(expectedApps1)). - - // Set ApplyNestedSelector to false and verify all Applications are created - When(). - Update(func(appset *v1alpha1.ApplicationSet) { - appset.Spec.ApplyNestedSelectors = false - }).Then().Expect(ApplicationsExist(expectedApps1)).Expect(ApplicationsExist(expectedApps2)). - - // Delete the ApplicationSet, and verify it deletes the Applications - When(). - Delete().Then().Expect(ApplicationsDoNotExist(expectedApps1)).Expect(ApplicationsDoNotExist(expectedApps2)) -} - func toAPIExtensionsJSON(t *testing.T, g interface{}) *apiextensionsv1.JSON { resVal, err := json.Marshal(g) diff --git a/test/e2e/multiarch-container/Dockerfile b/test/e2e/multiarch-container/Dockerfile index d4d49adc0d746..31aa01f2d3b46 100644 --- a/test/e2e/multiarch-container/Dockerfile +++ b/test/e2e/multiarch-container/Dockerfile @@ -1,2 +1,2 @@ -FROM docker.io/library/busybox@sha256:2376a0c12759aa1214ba83e771ff252c7b1663216b192fbe5e0fb364e952f85c +FROM docker.io/library/busybox@sha256:7b3ccabffc97de872a30dfd234fd972a66d247c8cfc69b0550f276481852627c CMD exec sh -c "trap : TERM INT; echo 'Hi' && tail -f /dev/null" diff --git a/test/e2e/notification_test.go b/test/e2e/notification_test.go index 363cb87454a0f..ce18f793a9afa 100644 --- a/test/e2e/notification_test.go +++ b/test/e2e/notification_test.go @@ -15,7 +15,7 @@ func TestNotificationsListServices(t *testing.T) { SetParamInNotificationConfigMap("service.webhook.test", "url: https://test.com"). Then().Services(func(services *notification.ServiceList, err error) { assert.Nil(t, err) - assert.Equal(t, []*notification.Service{{Name: pointer.String("test")}}, services.Items) + assert.Equal(t, []*notification.Service{¬ification.Service{Name: pointer.String("test")}}, services.Items) }) } @@ -25,7 +25,7 @@ func TestNotificationsListTemplates(t *testing.T) { SetParamInNotificationConfigMap("template.app-created", "email:\n subject: Application {{.app.metadata.name}} has been created.\nmessage: Application {{.app.metadata.name}} has been created.\nteams:\n title: Application {{.app.metadata.name}} has been created.\n"). Then().Templates(func(templates *notification.TemplateList, err error) { assert.Nil(t, err) - assert.Equal(t, []*notification.Template{{Name: pointer.String("app-created")}}, templates.Items) + assert.Equal(t, []*notification.Template{¬ification.Template{Name: pointer.String("app-created")}}, templates.Items) }) } @@ -35,6 +35,6 @@ func TestNotificationsListTriggers(t *testing.T) { SetParamInNotificationConfigMap("trigger.on-created", "- description: Application is created.\n oncePer: app.metadata.name\n send:\n - app-created\n when: \"true\"\n"). Then().Triggers(func(triggers *notification.TriggerList, err error) { assert.Nil(t, err) - assert.Equal(t, []*notification.Trigger{{Name: pointer.String("on-created")}}, triggers.Items) + assert.Equal(t, []*notification.Trigger{¬ification.Trigger{Name: pointer.String("on-created")}}, triggers.Items) }) } diff --git a/test/e2e/selective_sync_test.go b/test/e2e/selective_sync_test.go index 491914be55184..1738264c509fc 100644 --- a/test/e2e/selective_sync_test.go +++ b/test/e2e/selective_sync_test.go @@ -80,7 +80,7 @@ func TestSelectiveSyncWithoutNamespace(t *testing.T) { Expect(ResourceSyncStatusWithNamespaceIs("Deployment", "guestbook-ui", fixture.DeploymentNamespace(), SyncStatusCodeSynced)) } -// In selectedResource to sync, namespace is provided +//In selectedResource to sync, namespace is provided func TestSelectiveSyncWithNamespace(t *testing.T) { selectedResourceNamespace := getNewNamespace(t) defer func() { diff --git a/test/e2e/sync_options_test.go b/test/e2e/sync_options_test.go index 3eb7140787097..657c8b117705b 100644 --- a/test/e2e/sync_options_test.go +++ b/test/e2e/sync_options_test.go @@ -80,29 +80,6 @@ func TestSyncWithStatusIgnored(t *testing.T) { Expect(SyncStatusIs(SyncStatusCodeSynced)) } -func TestSyncWithApplyOutOfSyncOnly(t *testing.T) { - var ns string - Given(t). - Path(guestbookPath). - ApplyOutOfSyncOnly(). - When(). - CreateFromFile(func(app *Application) { - ns = app.Spec.Destination.Namespace - }). - Then(). - Expect(SyncStatusIs(SyncStatusCodeOutOfSync)). - When(). - Sync(). - Then(). - When(). - PatchFile("guestbook-ui-deployment.yaml", `[{ "op": "replace", "path": "/spec/replicas", "value": 1 }]`). - Sync(). - Then(). - // Only one resource should be in sync result - Expect(ResourceResultNumbering(1)). - Expect(ResourceResultIs(ResourceResult{Group: "apps", Version: "v1", Kind: "Deployment", Namespace: ns, Name: "guestbook-ui", Message: "deployment.apps/guestbook-ui configured", SyncPhase: SyncPhaseSync, HookPhase: OperationRunning, Status: ResultCodeSynced})) -} - func TestSyncWithSkipHook(t *testing.T) { fixture.SkipOnEnv(t, "OPENSHIFT") Given(t). diff --git a/test/e2e/testdata/cmp-fileName/plugin.yaml b/test/e2e/testdata/cmp-fileName/plugin.yaml index b3f8068de2100..766278c79e773 100644 --- a/test/e2e/testdata/cmp-fileName/plugin.yaml +++ b/test/e2e/testdata/cmp-fileName/plugin.yaml @@ -5,6 +5,6 @@ metadata: spec: version: v1.0 generate: - command: [sh, -c, 'echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}"'] + command: [sh, -c, 'echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}"'] discover: fileName: "subdir/s*.yaml" diff --git a/test/e2e/testdata/cmp-gitcreds/plugin.yaml b/test/e2e/testdata/cmp-gitcreds/plugin.yaml deleted file mode 100644 index 024804f495cc9..0000000000000 --- a/test/e2e/testdata/cmp-gitcreds/plugin.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: ConfigManagementPlugin -metadata: - name: cmp-gitcreds -spec: - version: v1.0 - generate: - command: [sh, -c, 'echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"GitAskpass\": \"$GIT_ASKPASS\"}}}"'] - discover: - fileName: "subdir/s*.yaml" diff --git a/test/e2e/testdata/cmp-gitcreds/subdir/special.yaml b/test/e2e/testdata/cmp-gitcreds/subdir/special.yaml deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/test/e2e/testdata/cmp-gitcredstemplate/plugin.yaml b/test/e2e/testdata/cmp-gitcredstemplate/plugin.yaml deleted file mode 100644 index e57ee747bd078..0000000000000 --- a/test/e2e/testdata/cmp-gitcredstemplate/plugin.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: ConfigManagementPlugin -metadata: - name: cmp-gitcredstemplate -spec: - version: v1.0 - generate: - command: [sh, -c, 'echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"GitAskpass\": \"$GIT_ASKPASS\", \"GitUsername\": \"$GIT_USERNAME\", \"GitPassword\": \"$GIT_PASSWORD\"}}}"'] - discover: - fileName: "subdir/s*.yaml" diff --git a/test/e2e/testdata/cmp-gitcredstemplate/subdir/special.yaml b/test/e2e/testdata/cmp-gitcredstemplate/subdir/special.yaml deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/test/e2e/testdata/cmp-kustomize/plugin.yaml b/test/e2e/testdata/cmp-kustomize/plugin.yaml deleted file mode 100644 index 3cdcc6d643758..0000000000000 --- a/test/e2e/testdata/cmp-kustomize/plugin.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: ConfigManagementPlugin -metadata: - name: cmp-kustomize -spec: - version: v1.0 - generate: - command: [kustomize, build, .] - discover: - fileName: "kustomization.yaml" diff --git a/test/e2e/testdata/deprecated-extensions/deployment.yaml b/test/e2e/testdata/deprecated-extensions/deployment.yaml index bc4ef128d8bf4..5593c3157fc57 100644 --- a/test/e2e/testdata/deprecated-extensions/deployment.yaml +++ b/test/e2e/testdata/deprecated-extensions/deployment.yaml @@ -1,4 +1,4 @@ -apiVersion: apps/v1 +apiVersion: extensions/v1beta1 kind: Deployment metadata: name: extensions-deployment diff --git a/test/e2e/testdata/git-submodule/submodule-pod.yaml b/test/e2e/testdata/git-submodule/submodule-pod.yaml index 134107da31cba..fa3b92c2f5875 100644 --- a/test/e2e/testdata/git-submodule/submodule-pod.yaml +++ b/test/e2e/testdata/git-submodule/submodule-pod.yaml @@ -7,4 +7,6 @@ spec: - name: main image: quay.io/argoprojlabs/argocd-e2e-container:0.1 imagePullPolicy: IfNotPresent - terminationGracePeriodSeconds: 0 + command: + - "true" + restartPolicy: Never diff --git a/test/e2e/testdata/helm-with-multiple-dependencies-permission-denied/Chart.yaml b/test/e2e/testdata/helm-with-multiple-dependencies-permission-denied/Chart.yaml deleted file mode 100644 index 72f36221ea482..0000000000000 --- a/test/e2e/testdata/helm-with-multiple-dependencies-permission-denied/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v2 -name: helm-with-multiple-dependencies-permission-denied -version: v1.0.0 -dependencies: - - name: helm - repository: "https://localhost:9443/argo-e2e/testdata.git/helm-repo/local" - version: v1.0.0 - - name: helm - repository: "https://localhost:9443/argo-e2e/testdata.git/helm-repo/local2" - version: v1.0.0 - alias: helm2 \ No newline at end of file diff --git a/test/e2e/testdata/helm-with-multiple-dependencies/Chart.yaml b/test/e2e/testdata/helm-with-multiple-dependencies/Chart.yaml index f7f144d20e123..fc1982761746c 100644 --- a/test/e2e/testdata/helm-with-multiple-dependencies/Chart.yaml +++ b/test/e2e/testdata/helm-with-multiple-dependencies/Chart.yaml @@ -1,11 +1,7 @@ apiVersion: v2 -name: helm-with-multiple-dependencies +name: helm-with-dependencies version: v1.0.0 dependencies: - name: helm repository: "https://localhost:9444/argo-e2e/testdata.git/helm-repo/local" version: v1.0.0 - - name: helm - repository: "https://localhost:9444/argo-e2e/testdata.git/helm-repo/local2" - version: v1.0.0 - alias: helm2 \ No newline at end of file diff --git a/test/e2e/testdata/multi-namespace/deployment-with-namespace.yaml b/test/e2e/testdata/multi-namespace/deployment-with-namespace.yaml index ebd3e77f679e6..474e117ac487c 100644 --- a/test/e2e/testdata/multi-namespace/deployment-with-namespace.yaml +++ b/test/e2e/testdata/multi-namespace/deployment-with-namespace.yaml @@ -1,4 +1,4 @@ -apiVersion: apps/v1 +apiVersion: extensions/v1beta1 kind: Deployment metadata: name: helm-guestbook diff --git a/test/e2e/testdata/multi-namespace/deployment.yaml b/test/e2e/testdata/multi-namespace/deployment.yaml index bd6f69aadd7e8..08d30228fad03 100644 --- a/test/e2e/testdata/multi-namespace/deployment.yaml +++ b/test/e2e/testdata/multi-namespace/deployment.yaml @@ -1,4 +1,4 @@ -apiVersion: apps/v1 +apiVersion: extensions/v1beta1 kind: Deployment metadata: name: helm-guestbook diff --git a/test/e2e/testdata/resource-actions/cron-job.yaml b/test/e2e/testdata/resource-actions/cron-job.yaml deleted file mode 100644 index 3ab1fb9b1cd8a..0000000000000 --- a/test/e2e/testdata/resource-actions/cron-job.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: batch/v1 -kind: CronJob -metadata: - name: hello -spec: - schedule: "* * * * *" - jobTemplate: - spec: - template: - spec: - containers: - - name: hello - image: busybox:1.28 - imagePullPolicy: IfNotPresent - command: - - /bin/sh - - -c - - date; echo Hello from the Kubernetes cluster - restartPolicy: OnFailure \ No newline at end of file diff --git a/test/fixture/testrepos/start-git.sh b/test/fixture/testrepos/start-git.sh index 4a660c29a7575..b36da58a28388 100755 --- a/test/fixture/testrepos/start-git.sh +++ b/test/fixture/testrepos/start-git.sh @@ -2,5 +2,5 @@ docker run --name e2e-git --rm -i \ -p 2222:2222 -p 9080:9080 -p 9443:9443 -p 9444:9444 -p 9445:9445 \ - -w /go/src/github.com/argoproj/argo-cd -v $(pwd):/go/src/github.com/argoproj/argo-cd -v /tmp:/tmp docker.io/argoproj/argo-cd-ci-builder:v1.0.0 \ + -w /go/src/github.com/argoproj/argo-cd -v $(pwd):/go/src/github.com/argoproj/argo-cd -v /tmp:/tmp argoproj/argo-cd-ci-builder:v1.0.0 \ bash -c "goreman -f ./test/fixture/testrepos/Procfile start" diff --git a/test/remote/Dockerfile b/test/remote/Dockerfile index 674c940a4a844..514cb275d25de 100644 --- a/test/remote/Dockerfile +++ b/test/remote/Dockerfile @@ -1,6 +1,6 @@ ARG BASE_IMAGE=docker.io/library/ubuntu:22.04 -FROM docker.io/library/golang:1.21.0@sha256:ec457a2fcd235259273428a24e09900c496d0c52207266f96a330062a01e3622 AS go +FROM docker.io/library/golang:1.19.10@sha256:83f9f840072d05ad4d90ce4ac7cb2427632d6b89d5ffc558f18f9577ec8188c0 AS go RUN go install github.com/mattn/goreman@latest && \ go install github.com/kisielk/godepgraph@latest diff --git a/test/testutil.go b/test/testutil.go index 268d739d7b9f4..bccf0cef23a3f 100644 --- a/test/testutil.go +++ b/test/testutil.go @@ -10,9 +10,9 @@ import ( "testing" "time" + "github.com/ghodss/yaml" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/client-go/tools/cache" - "sigs.k8s.io/yaml" ) // StartInformer is a helper to start an informer, wait for its cache to sync and return a cancel func diff --git a/ui-test/Dockerfile b/ui-test/Dockerfile index 9dae33e7255e1..0bd9d544370e5 100644 --- a/ui-test/Dockerfile +++ b/ui-test/Dockerfile @@ -1,4 +1,4 @@ -FROM docker.io/library/node:20.5.0@sha256:32ec50b65ac9572eda92baa6004a04dbbfc8021ea806fa62d37336183cad04e6 as node +FROM docker.io/library/node:18.15.0@sha256:8d9a875ee427897ef245302e31e2319385b092f1c3368b497e89790f240368f5 AS node RUN apt-get update && apt-get install --no-install-recommends -y \ software-properties-common diff --git a/ui-test/osv-scanner.toml b/ui-test/osv-scanner.toml deleted file mode 100644 index fe1660cf6d497..0000000000000 --- a/ui-test/osv-scanner.toml +++ /dev/null @@ -1,15 +0,0 @@ -[[IgnoredVulns]] -id = "GHSA-93q8-gq69-wqmw" -reason = "CVE-2021-3807 Code is only run client-side in the swagger-ui endpoint. No risk of server-side DoS." - -[[IgnoredVulns]] -id = "GHSA-36fh-84j7-cv5h" -reason = "Used in testing, does not affect a release" - -[[IgnoredVulns]] -id = "GHSA-f8q6-p94x-37v3" -reason = "Used in testing, does not affect a release" - -[[IgnoredVulns]] -id = "GHSA-qrpm-p2h7-hrv2" -reason = "Used in testing, does not affect a release" \ No newline at end of file diff --git a/ui/.nvmrc b/ui/.nvmrc index a79492b06865b..e048c8ca198f9 100644 --- a/ui/.nvmrc +++ b/ui/.nvmrc @@ -1 +1 @@ -v20.4.0 +v18.15.0 diff --git a/ui/embed.go b/ui/embed.go index 8f9c2774fbbca..665621a9c12fd 100644 --- a/ui/embed.go +++ b/ui/embed.go @@ -3,6 +3,5 @@ package ui import "embed" // Embedded contains embedded UI resources -// //go:embed dist/app var Embedded embed.FS diff --git a/ui/osv-scanner.toml b/ui/osv-scanner.toml deleted file mode 100644 index 683f8c5c4b866..0000000000000 --- a/ui/osv-scanner.toml +++ /dev/null @@ -1,3 +0,0 @@ -[[IgnoredVulns]] -id = "GHSA-93q8-gq69-wqmw" -reason = "CVE-2021-3807 Code is only run client-side in the swagger-ui endpoint. No risk of server-side DoS." diff --git a/ui/package.json b/ui/package.json index 5321920ef8e33..f679dd0e9e295 100644 --- a/ui/package.json +++ b/ui/package.json @@ -7,11 +7,9 @@ "docker": "./scripts/build_docker.sh", "build": "find ./dist -type f -not -name gitkeep -delete && webpack --config ./src/app/webpack.config.js --mode production", "lint": "tsc --noEmit --project ./src/app && tslint -p ./src/app", - "lint:fix": "tslint -p ./src/app --fix", "test": "jest" }, "dependencies": { - "@fortawesome/fontawesome-free": "^6.4.0", "@types/react-virtualized": "^9.21.21", "@types/superagent": "^4.1.15", "ansi-to-react": "^6.1.6", @@ -20,11 +18,9 @@ "classnames": "^2.2.5", "color": "^3.2.1", "dagre": "^0.8.5", - "date-fns": "^2.30.0", "deepmerge": "^3.2.0", - "foundation-sites": "^6.7.5", + "foundation-sites": "^6.7.4", "git-url-parse": "^13.1.0", - "history": "^4.7.2", "js-yaml": "^3.14.1", "json-merge-patch": "^0.2.3", "lodash-es": "^4.17.21", @@ -54,7 +50,7 @@ "tsx": "^3.4.0", "unidiff": "^1.0.2", "url": "^0.11.0", - "xterm": "^4.19.0", + "xterm": "^4.18.0", "xterm-addon-fit": "^0.5.0" }, "resolutions": { @@ -77,7 +73,6 @@ "@types/js-yaml": "^3.11.2", "@types/lodash-es": "^4.17.6", "@types/minimatch": "^3.0.3", - "@types/node": "20.4.0", "@types/prop-types": "^15.7.5", "@types/react": "^16.8.5", "@types/react-autocomplete": "^1.8.4", @@ -88,11 +83,10 @@ "@types/react-router": "^4.0.27", "@types/react-router-dom": "^4.2.3", "@types/react-test-renderer": "^16.8.3", - "@types/uuid": "^9.0.1", "add": "^2.0.6", "babel-jest": "^26.6.3", "babel-loader": "^8.0.6", - "codecov": "^3.8.3", + "codecov": "^3.7.2", "copy-webpack-plugin": "^6.1.1", "esbuild-loader": "^2.18.0", "html-webpack-plugin": "^5.5.0", @@ -110,13 +104,13 @@ "source-map-loader": "^0.2.3", "style-loader": "^0.20.1", "ts-jest": "^27.1.3", - "ts-node": "10.9.1", + "ts-node": "^10.7.0", "tslint": "^6.1.3", "tslint-config-prettier": "^1.18.0", "tslint-plugin-prettier": "^2.0.1", "tslint-react": "^5.0.0", - "typescript": "^4.9.5", - "webpack": "^5.84.1", + "typescript": "^4.0.3", + "webpack": "^5.70.0", "webpack-cli": "^4.9.2", "webpack-dev-server": "^4.7.4", "yarn": "^1.22.10" diff --git a/ui/src/app/app.tsx b/ui/src/app/app.tsx index e38e28d91a9db..b474c86b3ca84 100644 --- a/ui/src/app/app.tsx +++ b/ui/src/app/app.tsx @@ -9,7 +9,6 @@ import help from './help'; import login from './login'; import settings from './settings'; import {Layout} from './shared/components/layout/layout'; -import {Page} from './shared/components/page/page'; import {VersionPanel} from './shared/components/version-info/version-info-panel'; import {AuthSettingsCtx, Provider} from './shared/context'; import {services} from './shared/services'; @@ -177,9 +176,7 @@ export class App extends React.Component< {extension.title} - Argo CD - - - + ); extendedRoutes[extension.path] = { diff --git a/ui/src/app/applications/components/application-create-panel/application-create-panel.tsx b/ui/src/app/applications/components/application-create-panel/application-create-panel.tsx index eef8c8ec32103..96d228975a19d 100644 --- a/ui/src/app/applications/components/application-create-panel/application-create-panel.tsx +++ b/ui/src/app/applications/components/application-create-panel/application-create-panel.tsx @@ -219,10 +219,7 @@ export const ApplicationCreatePanel = (props: { qeId='application-create-field-project' field='spec.project' component={AutocompleteField} - componentProps={{ - items: projects, - filterSuggestions: true - }} + componentProps={{items: projects}} />
                                                                                                                                                                                                                              diff --git a/ui/src/app/applications/components/application-deployment-history/revision-metadata-rows.tsx b/ui/src/app/applications/components/application-deployment-history/revision-metadata-rows.tsx index e763723013713..21d7d65133e57 100644 --- a/ui/src/app/applications/components/application-deployment-history/revision-metadata-rows.tsx +++ b/ui/src/app/applications/components/application-deployment-history/revision-metadata-rows.tsx @@ -1,46 +1,22 @@ import {DataLoader} from 'argo-ui'; import * as React from 'react'; import {Timestamp} from '../../../shared/components/timestamp'; -import {ApplicationSource, RevisionMetadata, ChartDetails} from '../../../shared/models'; +import {ApplicationSource, RevisionMetadata} from '../../../shared/models'; import {services} from '../../../shared/services'; export const RevisionMetadataRows = (props: {applicationName: string; applicationNamespace: string; source: ApplicationSource}) => { if (props.source.chart) { return ( - services.applications.revisionChartDetails(input.applicationName, input.applicationNamespace, input.source.targetRevision)}> - {(m: ChartDetails) => ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Helm Chart:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {props.source.chart}  - {m.home && ( - { - e.stopPropagation(); - window.open(m.home); - }}> - - - )} -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {m.description && ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Description:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {m.description}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - )} - {m.maintainers.length > 0 && ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Maintainers:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {m.maintainers.join(', ')}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - )} -
                                                                                                                                                                                                                              - )} -                                                                                                                                                                                                                               +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              Helm Chart
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {props.source.chart}
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              Version
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              v{props.source.targetRevision}
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              ); } return ( diff --git a/ui/src/app/applications/components/application-details/application-details.scss b/ui/src/app/applications/components/application-details/application-details.scss index 32d29a6e2c1ee..9390e4534034b 100644 --- a/ui/src/app/applications/components/application-details/application-details.scss +++ b/ui/src/app/applications/components/application-details/application-details.scss @@ -29,7 +29,7 @@ $header: 120px; overflow-x: auto; overflow-y: auto; margin-top: 150px; - height: calc(100vh - 2 * 70px - 115px); + height: calc(100vh - 2 * 50px - 115px); @media screen and (max-width: map-get($breakpoints, xlarge)) { margin-top: 165px; } @@ -213,7 +213,8 @@ $header: 120px; display: inline-block; background-color: $argo-color-gray-1; box-shadow: 1px 1px 3px $argo-color-gray-5; - position: absolute; + position: fixed; + a { padding: 5px; margin: 2px; @@ -226,6 +227,7 @@ $header: 120px; position: relative; display: inline-block; vertical-align: middle; + font-size: 13px; font-weight: 500; line-height: 1.4; text-align: center; @@ -244,13 +246,9 @@ $header: 120px; &.group-nodes-button-on { color: $argo-color-gray-1; background-color: $argo-color-gray-6; - border: 3px solid $argo-color-teal-4; - font-size: 14px; - outline-style: solid; &:hover { background-color: $argo-color-gray-5; } - } } @@ -262,7 +260,7 @@ $header: 120px; .zoom-value { user-select: none; - margin-top: 5px; + margin-top: 3px; margin-right: 6px; margin-left: 4px; font-size: 14px; @@ -275,97 +273,75 @@ $header: 120px; color: $argo-color-gray-7; } } +} - @media screen and (max-width: map-get($breakpoints, large)) { - .sliding-panel__body { - padding: 4px !important; - } - .sliding-panel--is-middle .sliding-panel__wrapper { - width: 90% !important; - } - .sliding-panel--is-middle .sliding-panel__body { - padding: 18px !important; - } - .sliding-panel__close { - z-index: 2 !important; - } - .top-bar__title { - display: none; - } - - .top-bar__left-side { - white-space: normal !important; - } - .top-bar__left-side > div { - display: block !important; - } - .top-bar__right-side { - justify-content: right !important; - } - .application-status-panel.row { - flex-flow: unset; - } - .application-status-panel__item label { - margin-right: 0; - } - .application-status-panel__item { - padding: 5px 10px; - } - - .white-box, .tabs__content { - padding: 4px !important; - } - .white-box__details-row .columns.small-3 { - overflow-wrap: unset !important; - overflow: scroll; - } - .white-box__details-row .columns.small-9{ - padding-left: 4px; - } - - .resource-details__header h1 { - font-size: 16px; - } - .resource-details__header { - margin-top: 30px; - padding-right: 4px; - } - - .tabs__nav a:first-child, .tabs__nav a { - margin-left: 0 !important; - } - - .editable-panel__buttons { - top: unset; - } - } +@media screen and (max-width: map-get($breakpoints, large)) { +.sliding-panel__body { + padding: 4px !important; +} +.sliding-panel--is-middle .sliding-panel__wrapper { + width: 90% !important; +} +.sliding-panel--is-middle .sliding-panel__body { + padding: 18px !important; +} +.sliding-panel__close { + z-index: 2 !important; +} +.top-bar__title { + display: none; } -.resource-parent-node-info-title { - flex-direction: column; - color: $argo-color-gray-6; +.top-bar__left-side { + white-space: normal !important; +} +.top-bar__left-side > div { + display: block !important; +} +.top-bar__right-side { + justify-content: right !important; +} +.application-status-panel.row { + flex-flow: unset; +} +.application-status-panel__item label { + margin-right: 0; +} +.application-status-panel__item { + padding: 5px 10px; +} - &__label { - display: flex; - margin-bottom: 0.25em; - flex-shrink: 1; - div:first-child { - margin-right: 10px; - width: 60px; - text-align: right; - } - div:last-child { - font-weight: 500; - width: 100%; - white-space: nowrap; - overflow: hidden; - text-overflow: ellipsis; - text-align: left; +.white-box, .tabs__content { + padding: 4px !important; +} +.white-box__details-row .columns.small-3 { + overflow-wrap: unset !important; + overflow: scroll; +} +.white-box__details-row .columns.small-9{ + padding-left: 4px; +} - } - } +.resource-details__header h1 { + font-size: 16px; +} +.resource-details__header { + margin-top: 30px; + padding-right: 4px; } +.tabs__nav a:first-child, .tabs__nav a { + margin-left: 0 !important; +} +.editable-panel__buttons { + top: unset; +} +} +@media screen and (max-width: map-get($breakpoints, medium)) { +.sb-page-wrapper .top-bar.row { + display: none !important; +} +} \ No newline at end of file diff --git a/ui/src/app/applications/components/application-details/application-details.tsx b/ui/src/app/applications/components/application-details/application-details.tsx index 75eabc52b3caa..4fd2985be3572 100644 --- a/ui/src/app/applications/components/application-details/application-details.tsx +++ b/ui/src/app/applications/components/application-details/application-details.tsx @@ -25,7 +25,7 @@ import * as AppUtils from '../utils'; import {ApplicationResourceList} from './application-resource-list'; import {Filters, FiltersProps} from './application-resource-filter'; import {getAppDefaultSource, urlPattern, helpTip} from '../utils'; -import {ChartDetails, ResourceStatus} from '../../../shared/models'; +import {ResourceStatus} from '../../../shared/models'; import {ApplicationsDetailsAppDropdown} from './application-details-app-dropdown'; import {useSidebarTarget} from '../../../sidebar/sidebar'; @@ -87,16 +87,8 @@ export class ApplicationDetails extends React.Component { extensionsMap[ext.title] = ext; }); - this.state = { - page: 0, - groupedResources: [], - slidingPanelPage: 0, - filteredGraph: [], - truncateNameOnRight: false, - collapsedNodes: [], - extensions, - extensionsMap - }; + + this.state = {page: 0, groupedResources: [], slidingPanelPage: 0, filteredGraph: [], truncateNameOnRight: false, collapsedNodes: [], extensions, extensionsMap}; if (typeof this.props.match.params.appnamespace === 'undefined') { this.appNamespace = ''; } else { @@ -293,9 +285,6 @@ export class ApplicationDetails extends React.Component { this.setState({filteredGraph: filterGraph}); }; - const setShowCompactNodes = (showCompactView: boolean) => { - services.viewPreferences.updatePreferences({appDetails: {...pref, groupNodes: showCompactView}}); - }; const toggleNameDirection = () => { this.setState({truncateNameOnRight: !this.state.truncateNameOnRight}); }; @@ -461,15 +450,13 @@ export class ApplicationDetails extends React.Component - - setZoom(0.1)} title='Zoom in'> - - - setZoom(-0.1)} title='Zoom out'> - - -
                                                                                                                                                                                                                              {zoomNum}%
                                                                                                                                                                                                                              -                                                                                                                                                                                                                               + setZoom(0.1)} title='Zoom in'> + + + setZoom(-0.1)} title='Zoom out'> + + +
                                                                                                                                                                                                                              {zoomNum}%
                                                                                                                                                                                                                              this.filterTreeNode(node, treeFilter)} @@ -488,12 +475,10 @@ export class ApplicationDetails extends React.Component openGroupNodeDetails(groupdedNodeIds)} zoom={pref.zoom} - podGroupCount={pref.podGroupCount} appContext={this.appContext} nameDirection={this.state.truncateNameOnRight} filters={pref.resourceFilter} setTreeFilterGraph={setFilterGraph} - setShowCompactNodes={setShowCompactNodes} setNodeExpansion={(node, isExpanded) => this.setNodeExpansion(node, isExpanded)} getNodeExpansion={node => this.getNodeExpansion(node)} /> @@ -548,7 +533,6 @@ export class ApplicationDetails extends React.Component this.getApplicationActionMenu(application, false) ) } - tree={tree} /> )} @@ -577,7 +561,6 @@ export class ApplicationDetails extends React.Component )} @@ -615,101 +598,55 @@ export class ApplicationDetails extends React.Component} this.setState({revision: null})}> - {this.state.revision && - (source.chart ? ( - - services.applications.revisionChartDetails(input.metadata.name, input.metadata.namespace, this.state.revision) - }> - {(m: ChartDetails) => ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Revision:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {this.state.revision}
                                                                                                                                                                                                                              + {this.state.revision && ( + + services.applications.revisionMetadata(application.metadata.name, application.metadata.namespace, this.state.revision) + }> + {metadata => ( +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              SHA:
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Helm Chart:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {source.chart}  - {m.home && ( - { - e.stopPropagation(); - window.open(m.home); - }}> - - - )} -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {m.description && ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Description:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {m.description}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - )} - {m.maintainers.length > 0 && ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Maintainers:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {m.maintainers.join(', ')}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - )}
                                                                                                                                                                                                                              - )} - - ) : ( - - services.applications.revisionMetadata(application.metadata.name, application.metadata.namespace, this.state.revision) - }> - {metadata => ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              SHA:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              Date:
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Date:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Tags:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {((metadata.tags || []).length > 0 && metadata.tags.join(', ')) || 'No tags'} -
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              Tags:
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + {((metadata.tags || []).length > 0 && metadata.tags.join(', ')) || 'No tags'}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Author:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {metadata.author}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              Author:
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {metadata.author}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Message:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {renderCommitMessage(metadata.message)}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              Message:
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {renderCommitMessage(metadata.message)}
                                                                                                                                                                                                                              - )} - - ))} +
                                                                                                                                                                                                                              + )} + + )}
                                                                                                                                                                                                                              @@ -803,7 +740,7 @@ export class ApplicationDetails extends React.Component -1) && (filterInput.kind.length === 0 || filterInput.kind.indexOf(node.kind) > -1) && // include if node's root sync matches filter (syncStatuses.length === 0 || hook || (root.status && syncStatuses.indexOf(root.status) > -1)) && @@ -820,24 +757,6 @@ export class ApplicationDetails extends React.Component '^' + this.escapeRegex(pattern) + '$') - // Replace any escaped * with proper regex - .map(pattern => pattern.replace(/\\\*/g, '.*')) - // Join all filterInputs to a single regular expression - .join('|'), - 'gi' - ); - return regularExpression.test(nodeName); - } - - private escapeRegex(input: string): string { - return input.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'); - } - private loadAppInfo(name: string, appNamespace: string): Observable<{application: appModels.Application; tree: appModels.ApplicationTree}> { return from(services.applications.get(name, appNamespace)) .pipe( diff --git a/ui/src/app/applications/components/application-details/application-resource-list.tsx b/ui/src/app/applications/components/application-details/application-resource-list.tsx index dba61c5135492..27963244153c1 100644 --- a/ui/src/app/applications/components/application-details/application-resource-list.tsx +++ b/ui/src/app/applications/components/application-details/application-resource-list.tsx @@ -1,157 +1,104 @@ import {DropDown} from 'argo-ui'; -import * as React from 'react'; import * as classNames from 'classnames'; +import * as React from 'react'; + import * as models from '../../../shared/models'; import {ResourceIcon} from '../resource-icon'; import {ResourceLabel} from '../resource-label'; import {ComparisonStatusIcon, HealthStatusIcon, nodeKey, createdOrNodeKey} from '../utils'; import {Consumer} from '../../../shared/context'; import * as _ from 'lodash'; -import Moment from 'react-moment'; -import {format} from 'date-fns'; -import {ResourceNode, ResourceRef} from '../../../shared/models'; export const ApplicationResourceList = ({ resources, onNodeClick, - nodeMenu, - tree + nodeMenu }: { resources: models.ResourceStatus[]; onNodeClick?: (fullName: string) => any; nodeMenu?: (node: models.ResourceNode) => React.ReactNode; - tree?: models.ApplicationTree; -}) => { - function getResNode(nodes: ResourceNode[], nodeId: string): models.ResourceNode { - for (const node of nodes) { - if (nodeKey(node) === nodeId) { - return node; - } - } - return null; - } - const parentNode = ((resources || []).length > 0 && (getResNode(tree.nodes, nodeKey(resources[0])) as ResourceNode)?.parentRefs?.[0]) || ({} as ResourceRef); - - return ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {Object.keys(parentNode).length > 0 && ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Parent Node Info
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Name:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {parentNode?.name}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              Kind:
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {parentNode?.kind}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - )} +}) => ( +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              NAME
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              GROUP/KIND
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              SYNC ORDER
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              NAMESPACE
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              CREATED AT
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              STATUS
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + {resources + .sort((first, second) => -createdOrNodeKey(first).localeCompare(createdOrNodeKey(second))) + .map(res => ( +
                                                                                                                                                                                                                              onNodeClick(nodeKey(res))}>
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              NAME
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              GROUP/KIND
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              SYNC ORDER
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              NAMESPACE
                                                                                                                                                                                                                              - {(parentNode.kind === 'Rollout' || parentNode.kind === 'Deployment') &&
                                                                                                                                                                                                                              REVISION
                                                                                                                                                                                                                              } -
                                                                                                                                                                                                                              CREATED AT
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              STATUS
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {resources - .sort((first, second) => -createdOrNodeKey(first).localeCompare(createdOrNodeKey(second))) - .map(res => ( -
                                                                                                                                                                                                                              onNodeClick(nodeKey(res))}> -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {ResourceLabel({kind: res.kind})}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {res.name} - {res.kind === 'Application' && ( - - {ctx => ( - - - - - - )} - - )} -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {[res.group, res.kind].filter(item => !!item).join('/')}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {res.syncWave || '-'}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {res.namespace}
                                                                                                                                                                                                                              - {res.kind === 'ReplicaSet' && - ((getResNode(tree.nodes, nodeKey(res)) as ResourceNode).info || []) - .filter(tag => !tag.name.includes('Node')) - .slice(0, 4) - .map((tag, i) => { - return ( -
                                                                                                                                                                                                                              - {tag?.value?.split(':')[1] || '-'} -
                                                                                                                                                                                                                              - ); - })} - -
                                                                                                                                                                                                                              - {res.createdAt && ( - - - {res.createdAt} - -  ago   {format(new Date(res.createdAt), 'MM/dd/yy')} +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {ResourceLabel({kind: res.kind})}
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + {res.name} + {res.kind === 'Application' && ( + + {ctx => ( + + + + )} -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {res.health && ( - - {res.health.status}   - - )} - {res.status && } - {res.hook && } -
                                                                                                                                                                                                                              - ( - - )}> - {nodeMenu({ - name: res.name, - version: res.version, - kind: res.kind, - namespace: res.namespace, - group: res.group, - info: null, - uid: '', - resourceVersion: null, - parentRefs: [] - })} - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              + + )} +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {[res.group, res.kind].filter(item => !!item).join('/')}
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {res.syncWave || '-'}
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {res.namespace}
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {res.createdAt}
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + {res.health && ( + + {res.health.status}   + + )} + {res.status && } + {res.hook && } +
                                                                                                                                                                                                                              + ( + + )}> + {() => + nodeMenu({ + name: res.name, + version: res.version, + kind: res.kind, + namespace: res.namespace, + group: res.group, + info: null, + uid: '', + resourceVersion: null, + parentRefs: [] + }) + } +
                                                                                                                                                                                                                              - ))} -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - ); -}; +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + ))} +
                                                                                                                                                                                                                              +); diff --git a/ui/src/app/applications/components/application-node-info/application-node-info.scss b/ui/src/app/applications/components/application-node-info/application-node-info.scss index f50e67279cc52..4edf2235eea22 100644 --- a/ui/src/app/applications/components/application-node-info/application-node-info.scss +++ b/ui/src/app/applications/components/application-node-info/application-node-info.scss @@ -39,34 +39,4 @@ color: $argo-color-gray-8; } } - &__err_msg { - padding-right: 2em; - color: $argo-failed-color; - } - &__container { - display: flex; - align-items: center; - flex-direction: row; - line-height: 1.8; - border-bottom: 1px solid rgba(222, 230, 235, 0.7); - - &--name { - width: 15%; - } - &--highlight { - font-style: italic; - } - - &--hint { - text-decoration: underline; - text-decoration-style: dashed; - cursor: pointer; - &:hover { - text-decoration: none; - } - } - &:last-child { - border-bottom: none; - } - } -} \ No newline at end of file +} diff --git a/ui/src/app/applications/components/application-node-info/application-node-info.tsx b/ui/src/app/applications/components/application-node-info/application-node-info.tsx index 18ff44e381c55..8ac1a46d582d2 100644 --- a/ui/src/app/applications/components/application-node-info/application-node-info.tsx +++ b/ui/src/app/applications/components/application-node-info/application-node-info.tsx @@ -1,5 +1,4 @@ import {Checkbox, DataLoader, Tab, Tabs} from 'argo-ui'; -import classNames from 'classnames'; import * as deepMerge from 'deepmerge'; import * as React from 'react'; @@ -13,69 +12,6 @@ import {ComparisonStatusIcon, formatCreationTimestamp, getPodReadinessGatesState import './application-node-info.scss'; import {ReadinessGatesNotPassedWarning} from './readiness-gates-not-passed-warning'; -const RenderContainerState = (props: {container: any}) => { - const state = (props.container.state?.waiting && 'waiting') || (props.container.state?.terminated && 'terminated') || (props.container.state?.running && 'running'); - const status = props.container.state.waiting?.reason || props.container.state.terminated?.reason || props.container.state.running?.reason; - const lastState = props.container.lastState?.terminated; - const msg = props.container.state.waiting?.message || props.container.state.terminated?.message || props.container.state.running?.message; - - return ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {props.container.name}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {state && ( - <> - Container is {state} - {status && ' because of '} - - )} - - {status && ( - - {status} - - )} - - {'.'} - {(props.container.state.terminated?.exitCode === 0 || props.container.state.terminated?.exitCode) && ( - <> - {' '} - It exited with exit code {props.container.state.terminated.exitCode}. - - )} - <> - {' '} - It is {props.container?.started ? 'started' : 'not started'} - {status === 'Completed' ? '.' : props.container?.ready ? ' and ready.' : ' and not ready.'} - -
                                                                                                                                                                                                                              - {lastState && ( - <> - <> - The container last terminated with exit code {lastState?.exitCode} - - {lastState?.reason && ' because of '} - - {lastState?.reason && ( - - {lastState?.reason} - - )} - - {'.'} - - )} -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - ); -}; - export const ApplicationNodeInfo = (props: { application: models.Application; node: models.ResourceNode; @@ -108,26 +44,13 @@ export const ApplicationNodeInfo = (props: { ) }); } - if (props.live) { if (props.node.kind === 'Pod') { - const {reason, message, netContainerStatuses} = getPodStateReason(props.live); + const {reason, message} = getPodStateReason(props.live); attributes.push({title: 'STATE', value: reason}); if (message) { attributes.push({title: 'STATE DETAILS', value: message}); } - if (netContainerStatuses.length > 0) { - attributes.push({ - title: 'CONTAINER STATE', - value: ( -
                                                                                                                                                                                                                              - {netContainerStatuses.map((container, i) => { - return ; - })} -
                                                                                                                                                                                                                              - ) - }); - } } else if (props.node.kind === 'Service') { attributes.push({title: 'TYPE', value: props.live.spec.type}); let hostNames = ''; @@ -178,7 +101,7 @@ export const ApplicationNodeInfo = (props: { } as any); } } - let showLiveState = true; + if (props.links) { attributes.push({ title: 'LINKS', @@ -194,62 +117,35 @@ export const ApplicationNodeInfo = (props: { services.viewPreferences.getPreferences()}> {pref => { const live = deepMerge(props.live, {}) as any; - if (Object.keys(live).length === 0) { - showLiveState = false; - } - if (live?.metadata?.managedFields && pref.appDetails.hideManagedFields) { delete live.metadata.managedFields; } return ( - - {showLiveState ? ( - -
                                                                                                                                                                                                                              - - services.viewPreferences.updatePreferences({ - appDetails: { - ...pref.appDetails, - hideManagedFields: !pref.appDetails.hideManagedFields - } - }) + <> +
                                                                                                                                                                                                                              + + services.viewPreferences.updatePreferences({ + appDetails: { + ...pref.appDetails, + hideManagedFields: !pref.appDetails.hideManagedFields } - /> - -
                                                                                                                                                                                                                              - - services.applications.patchResource( - props.application.metadata.name, - props.application.metadata.namespace, - props.node, - patch, - patchType - ) - } - /> - - ) : ( -
                                                                                                                                                                                                                              - Resource not found in cluster:{' '} - {`${props?.controlled?.state?.targetState?.apiVersion}/${props?.controlled?.state?.targetState?.kind}:${props.node.name}`} -
                                                                                                                                                                                                                              - {props?.controlled?.state?.normalizedLiveState?.apiVersion && ( - - Please update your resource specification to use the latest Kubernetes API resources supported by the target cluster. The - recommended syntax is{' '} - {`${props.controlled.state.normalizedLiveState.apiVersion}/${props?.controlled.state.normalizedLiveState?.kind}:${props.node.name}`} - - )} -
                                                                                                                                                                                                                              - )} - + }) + } + /> + +
                                                                                                                                                                                                                              + + services.applications.patchResource(props.application.metadata.name, props.application.metadata.namespace, props.node, patch, patchType) + } + /> + ); }}                                                                                                                                                                                                                               diff --git a/ui/src/app/applications/components/application-parameters/application-parameters.tsx b/ui/src/app/applications/components/application-parameters/application-parameters.tsx index 27f292ff7d2e8..819f063d31d4a 100644 --- a/ui/src/app/applications/components/application-parameters/application-parameters.tsx +++ b/ui/src/app/applications/components/application-parameters/application-parameters.tsx @@ -24,7 +24,6 @@ import * as kustomize from './kustomize-image'; import {VarsInputField} from './vars-input-field'; import {concatMaps} from '../../../shared/utils'; import {getAppDefaultSource} from '../utils'; -import * as jsYaml from 'js-yaml'; const TextWithMetadataField = ReactFormField((props: {metadata: {value: string}; fieldApi: FieldApi; className: string}) => { const { @@ -126,13 +125,11 @@ export const ApplicationParameters = (props: { save?: (application: models.Application, query: {validate?: boolean}) => Promise; noReadonlyMode?: boolean; }) => { - const app = cloneDeep(props.application); + const app = props.application; const source = getAppDefaultSource(app); const [removedOverrides, setRemovedOverrides] = React.useState(new Array()); let attributes: EditablePanelItem[] = []; - const isValuesObject = source?.helm?.valuesObject; - const helmValues = isValuesObject ? jsYaml.safeDump(source.helm.valuesObject) : source?.helm?.values; const [appParamsDeletedState, setAppParamsDeletedState] = React.useState([]); if (props.details.type === 'Kustomize' && props.details.kustomize) { @@ -219,23 +216,16 @@ export const ApplicationParameters = (props: { title: 'VALUES', view: source.helm && ( - 
                                                                                                                                                                                                                              {helmValues}
                                                                                                                                                                                                                              + 
                                                                                                                                                                                                                              {source.helm.values}
                                                                                                                                                                                                                               ), - edit: (formApi: FormApi) => { - // In case source.helm.valuesObject is set, set source.helm.values to its value - if (source.helm) { - source.helm.values = helmValues; - } - - return ( -
                                                                                                                                                                                                                              - 
                                                                                                                                                                                                                              -                            
-
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - ); - } + edit: (formApi: FormApi) => ( +
                                                                                                                                                                                                                              + 
                                                                                                                                                                                                                              +                        
+
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + ) }); const paramsByName = new Map(); (props.details.helm.parameters || []).forEach(param => paramsByName.set(param.name, param)); @@ -528,10 +518,7 @@ export const ApplicationParameters = (props: { params = params.filter(param => !appParamsDeletedState.includes(param.name)); input.spec.source.plugin.parameters = params; } - if (input.spec.source.helm && input.spec.source.helm.valuesObject) { - input.spec.source.helm.valuesObject = jsYaml.safeLoad(input.spec.source.helm.values); // Deserialize json - input.spec.source.helm.values = ''; - } + await props.save(input, {}); setRemovedOverrides(new Array()); }) @@ -545,11 +532,6 @@ export const ApplicationParameters = (props: { errors[fieldPath] = invalid.length > 0 ? 'All fields must have name' : null; } - if (updatedApp.spec.source.helm && updatedApp.spec.source.helm.values) { - const parsedValues = jsYaml.safeLoad(updatedApp.spec.source.helm.values); - errors['spec.source.helm.values'] = typeof parsedValues === 'object' ? null : 'Values must be a map'; - } - return errors; }} onModeSwitch={ diff --git a/ui/src/app/applications/components/application-resource-tree/application-resource-tree.scss b/ui/src/app/applications/components/application-resource-tree/application-resource-tree.scss index f4c6ba0d0df9f..37dd953f8d60a 100644 --- a/ui/src/app/applications/components/application-resource-tree/application-resource-tree.scss +++ b/ui/src/app/applications/components/application-resource-tree/application-resource-tree.scss @@ -71,7 +71,7 @@ padding-right: 1em; margin: 10px; box-shadow: 1px 1px 1px $argo-color-gray-4; - @include themify($themes) { + @include themify($themes) { background-color: themed('background-2'); color: themed('text-2'); } @@ -83,11 +83,6 @@ font-size: 2em; } - .icon-background - { - color: $argo-color-gray-4; - } - .fa-filter { margin-left: 8px; padding: 2px; @@ -115,13 +110,13 @@ font-size: 0.5em; padding: 2px; box-shadow: 1px 1px 1px $argo-color-gray-4; - @include themify($themes) { + @include themify($themes) { background-color: themed('background-2'); } margin-top: 9px; margin-left: 215px; } - + &--podgroup--expansion { position: absolute; flex-shrink: 0px; @@ -134,14 +129,10 @@ } &--pod { - @include themify($themes) { + @include themify($themes) { background-color: themed('pod-cyan') !important; } } - &--nodegroup{ - padding-left: 3.5em; - padding-top: 25px; - } &--lower-section { left: 8px; @@ -155,7 +146,7 @@ padding: $padding; transition: all 1s linear; position: absolute; - + &__pod-group { $pod-container-width: $pods-per-row * ($pod-size + (2 * $gutter)) + 4 * $gutter; $pod-container-height: $pods-per-column * ($pod-size + (2 * $gutter)) + 4 * $gutter; @@ -177,7 +168,6 @@ width: 100%; background-color: $argo-color-gray-3; border-radius: 3px; - align-items: center; padding: $gutter * 2; margin-right: -1 * $gutter; margin-bottom: -1 * $gutter; @@ -245,7 +235,7 @@ } &__stat-tooltip { text-align: left; - + i { display: inline-block; height: 1em; @@ -253,15 +243,15 @@ border-radius: 5px; } } - + &__stat-icon-app { background-color: $argo-color-teal-7; } - + &__stat-icon-neighbors { background-color: $argo-color-gray-6; } - + &__stat { &__bar { background-color: $argo-color-gray-4; @@ -272,22 +262,22 @@ margin: 0 $gutter * 2; overflow: hidden; cursor: pointer; - + &--fill { position: absolute; background-color: $argo-color-teal-7; width: 100%; bottom: 0; } - + &--neighbors { background-color: $argo-color-gray-6; } - + &:hover > &--fill { background-color: $argo-color-teal-8; } - + &:hover &--neighbors { background-color: $argo-color-gray-7; } @@ -375,7 +365,6 @@ margin-right: 1px; } - &__node-kind { font-size: 0.7em; color: $argo-color-gray-6; @@ -409,11 +398,5 @@ &__direction-right { direction: rtl; } - &__direction-center-left { - overflow: hidden; - padding-top: 15px; - padding-left: 15px; - - } - -} \ No newline at end of file + +} diff --git a/ui/src/app/applications/components/application-resource-tree/application-resource-tree.tsx b/ui/src/app/applications/components/application-resource-tree/application-resource-tree.tsx index b5426ff1de2bf..e58282acada04 100644 --- a/ui/src/app/applications/components/application-resource-tree/application-resource-tree.tsx +++ b/ui/src/app/applications/components/application-resource-tree/application-resource-tree.tsx @@ -1,9 +1,8 @@ -import {DropDown, DropDownMenu, NotificationType, Tooltip} from 'argo-ui'; +import {DropDown, DropDownMenu, Tooltip} from 'argo-ui'; import * as classNames from 'classnames'; import * as dagre from 'dagre'; import * as React from 'react'; import Moment from 'react-moment'; -import * as moment from 'moment'; import * as models from '../../../shared/models'; @@ -26,8 +25,8 @@ import { } from '../utils'; import {NodeUpdateAnimation} from './node-update-animation'; import {PodGroup} from '../application-pod-view/pod-view'; -import './application-resource-tree.scss'; import {ArrowConnector} from './arrow-connector'; +import './application-resource-tree.scss'; function treeNodeKey(node: NodeId & {uid?: string}) { return node.uid || nodeKey(node); @@ -59,9 +58,7 @@ export interface ApplicationResourceTreeProps { appContext?: AppContext; showOrphanedResources: boolean; showCompactNodes: boolean; - setShowCompactNodes: (showCompactNodes: boolean) => void; zoom: number; - podGroupCount: number; filters?: string[]; setTreeFilterGraph?: (filterGraph: any[]) => void; nameDirection: boolean; @@ -90,6 +87,7 @@ const NODE_TYPES = { groupedNodes: 'grouped_nodes', podGroup: 'pod_group' }; + // generate lots of colors with different darkness const TRAFFIC_COLORS = [0, 0.25, 0.4, 0.6] .map(darken => @@ -179,7 +177,7 @@ function groupNodes(nodes: ResourceTreeNode[], graph: dagre.graphlib.Graph) { nodeIds.forEach((nodeId: string) => { const index = nodes.findIndex(node => nodeId === node.uid || nodeId === nodeKey(node)); const graphNode = graph.node(nodeId); - if (!graphNode?.podGroup && index > -1) { + if (!graphNode.podGroup && index > -1) { groupedNodeIds.push(nodeId); } else { podGroupIds.push(nodeId); @@ -293,22 +291,10 @@ function renderGroupedNodes(props: ApplicationResourceTreeProps, node: {count: n
                                                                                                                                                                                                                              {ResourceLabel({kind: node.kind})}
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              props.onGroupdNodeClick && props.onGroupdNodeClick(node.groupedNodeIds)} - title={`Click to see details of ${node.count} collapsed ${node.kind} and doesn't contains any active pods`}> - {node.kind} - - {node.kind === 'ReplicaSet' ? ( - - ) : ( - - )} - +
                                                                                                                                                                                                                              {indicators.map(i => ( @@ -421,47 +407,21 @@ function renderPodGroup(props: ApplicationResourceTreeProps, id: string, node: R const margin = 8; let topExtra = 0; const podGroup = node.podGroup; - const podGroupHealthy = []; - const podGroupDegraded = []; - const podGroupInProgress = []; - - for (const pod of podGroup?.pods || []) { - switch (pod.health) { - case 'Healthy': - podGroupHealthy.push(pod); - break; - case 'Degraded': - podGroupDegraded.push(pod); - break; - case 'Progressing': - podGroupInProgress.push(pod); - } - } - - const showPodGroupByStatus = props.tree.nodes.filter((rNode: ResourceTreeNode) => rNode.kind === 'Pod').length >= props.podGroupCount; - const numberOfRows = showPodGroupByStatus - ? [podGroupHealthy, podGroupDegraded, podGroupInProgress].reduce((total, podGroupByStatus) => total + (podGroupByStatus.filter(pod => pod).length > 0 ? 1 : 0), 0) - : Math.ceil(podGroup?.pods.length / 8); - if (podGroup) { + const numberOfRows = Math.ceil(podGroup.pods.length / 8); topExtra = margin + (POD_NODE_HEIGHT / 2 + 30 * numberOfRows) / 2; } - return (
                                                                                                                                                                                                                              props.onNodeClick && props.onNodeClick(fullName)} className={classNames('application-resource-tree__node', { 'active': fullName === props.selectedNodeFullName, 'application-resource-tree__node--orphaned': node.orphaned })} title={describeNode(node)} - style={{ - left: node.x, - top: node.y - topExtra, - width: node.width, - height: showPodGroupByStatus ? POD_NODE_HEIGHT + 20 * numberOfRows : node.height - }}> + style={{left: node.x, top: node.y - topExtra, width: node.width, height: node.height}}> -
                                                                                                                                                                                                                              props.onNodeClick && props.onNodeClick(fullName)} className={`application-resource-tree__node__top-part`}> +
                                                                                                                                                                                                                              props.onGroupdNodeClick && props.onGroupdNodeClick(node.groupedNodeIds)}> + })}> {node.name} 4 && ( - {(node.info || []).map(i => ( -
                                                                                                                                                                                                                              - {i.name}: {i.value} -
                                                                                                                                                                                                                              - ))} - - } + content={(node.info || []).map(i => ( +
                                                                                                                                                                                                                              + {i.name}: {i.value} +
                                                                                                                                                                                                                              + ))} key={node.uid}> More @@ -547,7 +502,6 @@ function renderPodGroup(props: ApplicationResourceTreeProps, id: string, node: R {props.nodeMenu && (
                                                                                                                                                                                                                              (
                                                                                                                                                                                                                              - {[podGroupHealthy, podGroupDegraded, podGroupInProgress].map((pods, index) => { - return ( -
                                                                                                                                                                                                                              - {renderPodGroupByStatus(props, node, pods, showPodGroupByStatus)} + {podGroup && ( +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + {podGroup.pods.map(pod => ( + ( + + {pod.metadata.name} +
                                                                                                                                                                                                                              Health: {pod.health}
                                                                                                                                                                                                                              + {pod.createdAt && ( + + Created: + + {pod.createdAt} + + ago ({{pod.createdAt}}) + + )} +
                                                                                                                                                                                                                              + } + popperOptions={{ + modifiers: { + preventOverflow: { + enabled: true + }, + hide: { + enabled: false + }, + flip: { + enabled: false + } + } + }} + key={pod.metadata.name}> +
                                                                                                                                                                                                                              + {isYoungerThanXMinutes(pod, 30) && ( + + )} +
                                                                                                                                                                                                                              + +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              + + )} + items={[ + { + title: ( + + Info + + ), + action: () => props.onNodeClick(pod.fullName) + }, + { + title: ( + + Logs + + ), + action: () => { + props.appContext.apis.navigation.goto('.', {node: pod.fullName, tab: 'logs'}, {replace: true}); + } + }, + { + title: ( + + Delete + + ), + action: () => { + deletePodAction(pod, props.appContext, props.app.metadata.name, props.app.metadata.namespace); + } + } + ]} + /> + ))} +
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              PODS
                                                                                                                                                                                                                              - ); - })} -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - ); -} - -function renderPodGroupByStatus(props: ApplicationResourceTreeProps, node: any, pods: models.Pod[], showPodGroupByStatus: boolean) { - return ( -
                                                                                                                                                                                                                              - {pods.length !== 0 && showPodGroupByStatus ? ( - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - - -                                                                                                                                                                                                                               - ) : ( - pods.map(pod => ( - ( - - {pod.metadata.name} -
                                                                                                                                                                                                                              Health: {pod.health}
                                                                                                                                                                                                                              - {pod.createdAt && ( - - Created: - - {pod.createdAt} - - ago ({{pod.createdAt}}) - - )} -
                                                                                                                                                                                                                              - } - popperOptions={{ - modifiers: { - preventOverflow: { - enabled: true - }, - hide: { - enabled: false - }, - flip: { - enabled: false - } - } - }} - key={pod.metadata.name}> -
                                                                                                                                                                                                                              - {isYoungerThanXMinutes(pod, 30) && ( - - )} -
                                                                                                                                                                                                                              - -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              -                                                                                                                                                                                                                               - )} - items={[ - { - title: ( - - Info - - ), - action: () => props.onNodeClick(pod.fullName) - }, - { - title: ( - - Logs - - ), - action: () => { - props.appContext.apis.navigation.goto('.', {node: pod.fullName, tab: 'logs'}, {replace: true}); - } - }, - { - title: ( - - Delete - - ), - action: () => { - deletePodAction(pod, props.appContext, props.app.metadata.name, props.app.metadata.namespace); - } - } - ]} - /> - )) - )} + )} +
                                                                                                                                                                                                                              ); } @@ -683,61 +611,6 @@ function expandCollapse(node: ResourceTreeNode, props: ApplicationResourceTreePr props.setNodeExpansion(node.uid, isExpanded); } -function NodeInfoDetails({tag: tag, kind: kind}: {tag: models.InfoItem; kind: string}) { - if (kind === 'Pod') { - const val = `${tag.name}`; - if (val === 'Status Reason') { - if (`${tag.value}` !== 'ImagePullBackOff') - return ( - - {tag.value} - - ); - else { - return ( - - {tag.value} - - ); - } - } else if (val === 'Containers') { - const arr = `${tag.value}`.split('/'); - const title = `Number of containers in total: ${arr[1]} \nNumber of ready containers: ${arr[0]}`; - return ( - - {tag.value} - - ); - } else if (val === 'Restart Count') { - return ( - - {tag.value} - - ); - } else if (val === 'Revision') { - return ( - - {tag.value} - - ); - } else { - return ( - - {tag.value} - - ); - } - } else { - return ( - - {tag.value} - - ); - } -} - function renderResourceNode(props: ApplicationResourceTreeProps, id: string, node: ResourceTreeNode & dagre.Node, nodesHavingChildren: Map) { const fullName = nodeKey(node); let comparisonStatus: models.SyncStatusCode = null; @@ -812,29 +685,25 @@ function renderResourceNode(props: ApplicationResourceTreeProps, id: string, nod
                                                                                                                                                                                                                              {node.createdAt || rootNode ? ( - - - {node.createdAt || props.app.metadata.creationTimestamp} - - + + {node.createdAt || props.app.metadata.creationTimestamp} + ) : null} {(node.info || []) .filter(tag => !tag.name.includes('Node')) .slice(0, 4) - .map((tag, i) => { - return ; - })} + .map((tag, i) => ( + + {tag.value} + + ))} {(node.info || []).length > 4 && ( - {(node.info || []).map(i => ( -
                                                                                                                                                                                                                              - {i.name}: {i.value} -
                                                                                                                                                                                                                              - ))} - - } + content={(node.info || []).map(i => ( +
                                                                                                                                                                                                                              + {i.name}: {i.value} +
                                                                                                                                                                                                                              + ))} key={node.uid}> More @@ -935,21 +804,6 @@ export const ApplicationResourceTree = (props: ApplicationResourceTreeProps) => } }, [props.filters]); - const podCount = nodes.filter(node => node.kind === 'Pod').length; - React.useEffect(() => { - const {podGroupCount, setShowCompactNodes, appContext} = props; - if (podCount > podGroupCount) { - setShowCompactNodes(true); - appContext.apis.notifications.show({ - content: `Since the number of pods has surpassed the threshold pod count of ${podGroupCount}, you will now be switched to the group node view. - If you prefer the tree view, you can simply click on the Group Nodes toolbar button to deselect the current view.`, - type: NotificationType.Success - }); - } else { - props.setShowCompactNodes(false); - } - }, [podCount]); - function filterGraph(app: models.Application, filteredIndicatorParent: string, graphNodesFilter: dagre.graphlib.Graph, predicate: (node: ResourceTreeNode) => boolean) { const appKey = appNodeKey(app); let filtered = 0; diff --git a/ui/src/app/applications/components/application-resources-diff/application-resources-diff.scss b/ui/src/app/applications/components/application-resources-diff/application-resources-diff.scss index fbf23c95796bf..f8208a36653a3 100644 --- a/ui/src/app/applications/components/application-resources-diff/application-resources-diff.scss +++ b/ui/src/app/applications/components/application-resources-diff/application-resources-diff.scss @@ -6,7 +6,9 @@ text-align: right; label { padding-right: 2em; - color: $argo-color-gray-8; + @include themify($themes) { + color: themed('text-2'); + } } } &__diff { diff --git a/ui/src/app/applications/components/application-status-panel/application-status-panel.scss b/ui/src/app/applications/components/application-status-panel/application-status-panel.scss index 9898db27d2ba6..688be5aa727ea 100644 --- a/ui/src/app/applications/components/application-status-panel/application-status-panel.scss +++ b/ui/src/app/applications/components/application-status-panel/application-status-panel.scss @@ -70,7 +70,6 @@ } display: flex; flex-direction: column; - justify-content: flex-start; flex-shrink: 0; flex-grow: 0; @@ -135,7 +134,7 @@ &__item-value { display: flex; - align-items: center; + align-items: flex-end; margin-bottom: 0.5em; font-weight: 500; .fa { diff --git a/ui/src/app/applications/components/application-status-panel/application-status-panel.tsx b/ui/src/app/applications/components/application-status-panel/application-status-panel.tsx index c82252144849c..542b3706f29a8 100644 --- a/ui/src/app/applications/components/application-status-panel/application-status-panel.tsx +++ b/ui/src/app/applications/components/application-status-panel/application-status-panel.tsx @@ -71,7 +71,7 @@ export const ApplicationStatusPanel = ({application, showDiff, showOperation, sh return (
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              {sectionLabel({title: 'APP HEALTH', helpContent: 'The health status of your app'})}
                                                                                                                                                                                                                              +
                                                                                                                                                                                                                              {sectionLabel({title: 'APP HEALTH', helpContent: 'The health status of your app'})}
                                                                                                                                                                                                                                @@ -87,7 +87,7 @@ export const ApplicationStatusPanel = ({application, showDiff, showOperation, sh helpContent: 'Whether or not the version of your app is up to date with your repo. You may wish to sync your app if it is out-of-sync.' }, hasMultipleSources, - () => showMetadataInfo(application.status.sync ? application.status.sync.revision : '') + source.chart ? null : () => showMetadataInfo(application.status.sync ? application.status.sync.revision : '') )} {appOperationState && (
                                                                                                                                                                                                                              @@ -130,7 +130,7 @@ export const ApplicationStatusPanel = ({application, showDiff, showOperation, sh ' days since last sync. Click for the status of that sync.' }, hasMultipleSources, - () => showMetadataInfo(appOperationState.syncResult ? appOperationState.syncResult.revision : '') + source.chart ? null : () => showMetadataInfo(appOperationState.syncResult ? appOperationState.syncResult.revision : '') )}
                                                                                                                                                                                                                              {AppUtils.formatCreationTimestamp(app.metadata.creationTimestamp)}
                                                                                                                                                                                                                              - {app.status.operationState && ( -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - Last Sync: -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - {AppUtils.formatCreationTimestamp(app.status.operationState.finishedAt || app.status.operationState.startedAt)} -
                                                                                                                                                                                                                              -
                                                                                                                                                                                                                              - )}
                                                                                                                                                                                                                              { - await services.applications.get(app.metadata.name, app.metadata.namespace, params.refreshType).catch(e => { - ctx.notifications.show({ - content: , - type: NotificationType.Error - }); + await services.applications.get(app.metadata.name, app.metadata.namespace, params.refreshType).catch(e => { + ctx.notifications.show({ + content: , + type: NotificationType.Error }); - i++; - setProgress({ - percentage: i / selectedApps.length, - title: `Refreshed ${i} of ${selectedApps.length} applications` - }); - }; - refreshActions.push(refreshAction()); - - if (refreshActions.length >= 20) { - await Promise.all(refreshActions); - refreshActions.length = 0; - } + }); + i++; + setProgress({ + percentage: i / selectedApps.length, + title: `${i} of ${selectedApps.length} apps now refreshing` + }); } - await Promise.all(refreshActions); setProgress({percentage: 100, title: 'Complete'}); }} getApi={setForm}> diff --git a/ui/src/app/applications/components/pod-logs-viewer/fullscreen-button.tsx b/ui/src/app/applications/components/pod-logs-viewer/fullscreen-button.tsx index 30d37c96c506c..654ec669b9093 100644 --- a/ui/src/app/applications/components/pod-logs-viewer/fullscreen-button.tsx +++ b/ui/src/app/applications/components/pod-logs-viewer/fullscreen-button.tsx @@ -18,7 +18,7 @@ export const FullscreenButton = ({ `/applications/${applicationNamespace}/${applicationName}/${namespace}/${containerName}/logs?` + `podName=${podName}&group=${group}&kind=${kind}&name=${name}`; return ( !fullscreen && ( - +
                                                                                                                                                                                                                              ))} diff --git a/ui/src/app/applications/components/utils.tsx b/ui/src/app/applications/components/utils.tsx index 0df581ca0f291..b30ddc87f3d0b 100644 --- a/ui/src/app/applications/components/utils.tsx +++ b/ui/src/app/applications/components/utils.tsx @@ -402,9 +402,8 @@ function getResourceActionsMenuItems(resource: ResourceTreeNode, metadata: model return actions.map( action => ({ - title: action.displayName ?? action.name, + title: action.name, disabled: !!action.disabled, - iconClassName: action.iconClass, action: async () => { try { const confirmed = await apis.popup.confirm(`Execute '${action.name}' action?`, `Are you sure you want to execute '${action.name}' action?`); @@ -437,14 +436,14 @@ function getActionItems( ...((isRoot && [ { title: 'Sync', - iconClassName: 'fa fa-fw fa-sync', + iconClassName: 'fa fa-sync', action: () => showDeploy(nodeKey(resource), null, apis) } ]) || []), { title: 'Delete', - iconClassName: 'fa fa-fw fa-times-circle', + iconClassName: 'fa fa-times-circle', action: async () => { return deletePopup(apis, resource, application, appChanged); } @@ -453,7 +452,7 @@ function getActionItems( if (!isQuickStart) { items.unshift({ title: 'Details', - iconClassName: 'fa fa-fw fa-info-circle', + iconClassName: 'fa fa-info-circle', action: () => apis.navigation.goto('.', {node: nodeKey(resource)}) }); } @@ -461,7 +460,7 @@ function getActionItems( if (findChildPod(resource, tree)) { items.push({ title: 'Logs', - iconClassName: 'fa fa-fw fa-align-left', + iconClassName: 'fa fa-align-left', action: () => apis.navigation.goto('.', {node: nodeKey(resource), tab: 'logs'}, {replace: true}) }); } @@ -478,7 +477,7 @@ function getActionItems( return [ { title: 'Exec', - iconClassName: 'fa fa-fw fa-terminal', + iconClassName: 'fa fa-terminal', action: async () => apis.navigation.goto('.', {node: nodeKey(resource), tab: 'exec'}, {replace: true}) } as MenuItem ]; @@ -496,7 +495,7 @@ function getActionItems( link => ({ title: link.title, - iconClassName: `fa fa-fw ${link.iconClass ? link.iconClass : 'fa-external-link'}`, + iconClassName: `fa ${link.iconClass ? link.iconClass : 'fa-external-link'}`, action: () => window.open(link.url, '_blank'), tooltip: link.description } as MenuItem) @@ -873,7 +872,7 @@ export const OperationState = ({app, quiet}: {app: appModels.Application; quiet? ); }; -export function getPodStateReason(pod: appModels.State): {message: string; reason: string; netContainerStatuses: any[]} { +export function getPodStateReason(pod: appModels.State): {message: string; reason: string} { let reason = pod.status.phase; let message = ''; if (pod.status.reason) { @@ -881,10 +880,6 @@ export function getPodStateReason(pod: appModels.State): {message: string; reaso } let initializing = false; - - let netContainerStatuses = pod.status.initContainerStatuses || []; - netContainerStatuses = netContainerStatuses.concat(pod.status.containerStatuses || []); - for (const container of (pod.status.initContainerStatuses || []).slice().reverse()) { if (container.state.terminated && container.state.terminated.exitCode === 0) { continue; @@ -944,7 +939,7 @@ export function getPodStateReason(pod: appModels.State): {message: string; reaso message = ''; } - return {reason, message, netContainerStatuses}; + return {reason, message}; } export const getPodReadinessGatesState = (pod: appModels.State): {nonExistingConditions: string[]; notPassedConditions: string[]} => { diff --git a/ui/src/app/help/components/help.tsx b/ui/src/app/help/components/help.tsx index 54da9758f7fa6..d27427c089e67 100644 --- a/ui/src/app/help/components/help.tsx +++ b/ui/src/app/help/components/help.tsx @@ -66,7 +66,7 @@ export const Help = () => {
                                                                                                                                                                                                                              diff --git a/ui/src/app/index.tsx b/ui/src/app/index.tsx index 7331e1c6c173a..9ee30c081723d 100644 --- a/ui/src/app/index.tsx +++ b/ui/src/app/index.tsx @@ -1,6 +1,5 @@ import * as React from 'react'; import * as ReactDOM from 'react-dom'; -import * as Moment from 'moment'; import {App} from './app'; ReactDOM.render(, document.getElementById('app')); @@ -15,4 +14,3 @@ if (mdl.hot) { (window as any).React = React; (window as any).ReactDOM = ReactDOM; -(window as any).Moment = Moment; diff --git a/ui/src/app/settings/components/repos-list/repos-list.tsx b/ui/src/app/settings/components/repos-list/repos-list.tsx index 9c0d5970a0e25..fd654ed13aa45 100644 --- a/ui/src/app/settings/components/repos-list/repos-list.tsx +++ b/ui/src/app/settings/components/repos-list/repos-list.tsx @@ -849,15 +849,8 @@ export class ReposList extends React.Component< private async disconnectRepo(repo: string) { const confirmed = await this.appContext.apis.popup.confirm('Disconnect repository', `Are you sure you want to disconnect '${repo}'?`); if (confirmed) { - try { - await services.repos.delete(repo); - this.repoLoader.reload(); - } catch (e) { - this.appContext.apis.notifications.show({ - content: , - type: NotificationType.Error - }); - } + await services.repos.delete(repo); + this.repoLoader.reload(); } } @@ -865,15 +858,8 @@ export class ReposList extends React.Component< private async removeRepoCreds(url: string) { const confirmed = await this.appContext.apis.popup.confirm('Remove repository credentials', `Are you sure you want to remove credentials for URL prefix '${url}'?`); if (confirmed) { - try { - await services.repocreds.delete(url); - this.credsLoader.reload(); - } catch (e) { - this.appContext.apis.notifications.show({ - content: , - type: NotificationType.Error - }); - } + await services.repocreds.delete(url); + this.credsLoader.reload(); } } diff --git a/ui/src/app/shared/components/deep-links.tsx b/ui/src/app/shared/components/deep-links.tsx index 6d9f614ea9661..f7881bff537d9 100644 --- a/ui/src/app/shared/components/deep-links.tsx +++ b/ui/src/app/shared/components/deep-links.tsx @@ -1,5 +1,4 @@ -import React from 'react'; -import {Link} from 'react-router-dom'; +import * as React from 'react'; import {LinkInfo} from '../models'; export const DeepLinks = (props: {links: LinkInfo[]}) => { @@ -8,17 +7,10 @@ export const DeepLinks = (props: {links: LinkInfo[]}) => {
                                                                                                                                                                                                                              {(links || []).map((link: LinkInfo) => (
                                                                                                                                                                                                                              - {link.url.startsWith('http') ? ( - - -
                                                                                                                                                                                                                              {link.title}
                                                                                                                                                                                                                              -                                                                                                                                                                                                                               - ) : ( - - -
                                                                                                                                                                                                                              {link.title}
                                                                                                                                                                                                                              - - )} + + +
                                                                                                                                                                                                                              {link.title}
                                                                                                                                                                                                                              +                                                                                                                                                                                                                               {link.description && <>({link.description})}
                                                                                                                                                                                                                              ))} diff --git a/ui/src/app/shared/components/layout/layout.tsx b/ui/src/app/shared/components/layout/layout.tsx index dcf98dde565eb..840c001a218b7 100644 --- a/ui/src/app/shared/components/layout/layout.tsx +++ b/ui/src/app/shared/components/layout/layout.tsx @@ -12,13 +12,10 @@ export interface LayoutProps { isExtension?: boolean; } -const getBGColor = (theme: string): string => (theme === 'light' ? '#dee6eb' : '#100f0f'); - export const Layout = (props: LayoutProps) => (
                                                                                                                                                                                                                              - {props.pref.theme ? (document.body.style.background = getBGColor(props.pref.theme)) : null}
                                                                                                                                                                                                                              {props.children}
                                                                                                                                                                                                                              diff --git a/ui/src/app/shared/components/monaco-editor.tsx b/ui/src/app/shared/components/monaco-editor.tsx index 817e4c8ae6bcb..255e9a670b03e 100644 --- a/ui/src/app/shared/components/monaco-editor.tsx +++ b/ui/src/app/shared/components/monaco-editor.tsx @@ -25,7 +25,9 @@ const DEFAULT_LINE_HEIGHT = 18; const MonacoEditorLazy = React.lazy(() => import('monaco-editor').then(monaco => { - const Component = (props: MonacoProps) => { + require('monaco-editor/esm/vs/basic-languages/yaml/yaml.contribution.js'); + + const component = (props: MonacoProps) => { const [height, setHeight] = React.useState(0); return ( @@ -75,7 +77,7 @@ const MonacoEditorLazy = React.lazy(() => }; return { - default: Component + default: component }; }) ); diff --git a/ui/src/app/shared/components/page/page.scss b/ui/src/app/shared/components/page/page.scss index 4194f2b00693f..1031a121bedb4 100644 --- a/ui/src/app/shared/components/page/page.scss +++ b/ui/src/app/shared/components/page/page.scss @@ -75,10 +75,10 @@ } .sb-page-wrapper { - padding-left: $sidebar-width - 60px; + padding-left: $sidebar-width; &__sidebar-collapsed { - padding-left: $collapsed-sidebar-width - 60px; + padding-left: $collapsed-sidebar-width; .flex-top-bar { left: $collapsed-sidebar-width; } diff --git a/ui/src/app/shared/components/revision.tsx b/ui/src/app/shared/components/revision.tsx index ccc0e1afe5183..fe9c2046e2c04 100644 --- a/ui/src/app/shared/components/revision.tsx +++ b/ui/src/app/shared/components/revision.tsx @@ -9,7 +9,7 @@ export const Revision = ({repoUrl, revision, path, isForPath, children}: {repoUr revision = revision || ''; const hasPath = path && path !== '.'; let url = revisionUrl(repoUrl, revision, hasPath); - if (url !== null && hasPath) { + if (hasPath) { url += '/' + path; } const content = children || (isSHA(revision) ? revision.substr(0, 7) : revision); diff --git a/ui/src/app/shared/models.ts b/ui/src/app/shared/models.ts index ef0d47331c403..666224b2e3fe8 100644 --- a/ui/src/app/shared/models.ts +++ b/ui/src/app/shared/models.ts @@ -94,12 +94,6 @@ export interface RevisionMetadata { signatureInfo?: string; } -export interface ChartDetails { - description?: string; - maintainers?: string[]; - home?: string; -} - export interface SyncOperationResult { resources: ResourceResult[]; revision: string; @@ -202,7 +196,6 @@ export interface ApplicationSource { export interface ApplicationSourceHelm { valueFiles: string[]; values?: string; - valuesObject?: any; parameters: HelmParameter[]; fileParameters: HelmFileParameter[]; } @@ -772,8 +765,6 @@ export interface ResourceAction { name: string; params: ResourceActionParam[]; disabled: boolean; - iconClass: string; - displayName: string; } export interface SyncWindowsState { diff --git a/ui/src/app/shared/services/applications-service.ts b/ui/src/app/shared/services/applications-service.ts index fb53a7a09c4ee..07d30d66d501d 100644 --- a/ui/src/app/shared/services/applications-service.ts +++ b/ui/src/app/shared/services/applications-service.ts @@ -60,13 +60,6 @@ export class ApplicationsService { .then(res => res.body as models.RevisionMetadata); } - public revisionChartDetails(name: string, appNamespace: string, revision: string): Promise { - return requests - .get(`/applications/${name}/revisions/${revision || 'HEAD'}/chartdetails`) - .query({appNamespace}) - .then(res => res.body as models.ChartDetails); - } - public resourceTree(name: string, appNamespace: string): Promise { return requests .get(`/applications/${name}/resource-tree`) diff --git a/ui/src/app/shared/services/view-preferences-service.ts b/ui/src/app/shared/services/view-preferences-service.ts index 314170dba0404..f2321fc6677f1 100644 --- a/ui/src/app/shared/services/view-preferences-service.ts +++ b/ui/src/app/shared/services/view-preferences-service.ts @@ -27,7 +27,6 @@ export interface AppDetailsPreferences { wrapLines: boolean; groupNodes?: boolean; zoom: number; - podGroupCount: number; } export interface PodViewPreferences { @@ -121,8 +120,7 @@ const DEFAULT_PREFERENCES: ViewPreferences = { darkMode: false, followLogs: false, wrapLines: false, - zoom: 1.0, - podGroupCount: 15.0 + zoom: 1.0 }, appList: { view: 'tiles' as AppsListViewType, diff --git a/ui/src/app/sidebar/sidebar.tsx b/ui/src/app/sidebar/sidebar.tsx index c690565d01cb5..4d0d5d6cd6b74 100644 --- a/ui/src/app/sidebar/sidebar.tsx +++ b/ui/src/app/sidebar/sidebar.tsx @@ -1,5 +1,4 @@ import {Tooltip} from 'argo-ui'; -import {Boundary, Placement} from 'popper.js'; import {useData} from 'argo-ui/v2'; import * as React from 'react'; import {Context} from '../shared/context'; @@ -35,11 +34,11 @@ export const Sidebar = (props: SidebarProps) => { const locationPath = context.history.location.pathname; const tooltipProps = { - placement: 'right' as Placement, + placement: 'right', popperOptions: { modifiers: { preventOverflow: { - boundariesElement: 'window' as Boundary + boundariesElement: 'window' } } } diff --git a/ui/yarn.lock b/ui/yarn.lock index 9c46e7ca7093e..a16515bf9a76c 100644 --- a/ui/yarn.lock +++ b/ui/yarn.lock @@ -9,52 +9,39 @@ dependencies: "@jridgewell/trace-mapping" "^0.3.0" -"@ant-design/colors@^7.0.0": - version "7.0.0" - resolved "https://registry.yarnpkg.com/@ant-design/colors/-/colors-7.0.0.tgz#eb7eecead124c3533aea05d61254f0a17f2b61b3" - integrity sha512-iVm/9PfGCbC0dSMBrz7oiEXZaaGH7ceU40OJEfKmyuzR9R5CRimJYPlRiFtMQGQcbNMea/ePcoIebi4ASGYXtg== +"@ant-design/colors@^6.0.0": + version "6.0.0" + resolved "https://registry.yarnpkg.com/@ant-design/colors/-/colors-6.0.0.tgz#9b9366257cffcc47db42b9d0203bb592c13c0298" + integrity sha512-qAZRvPzfdWHtfameEGP2Qvuf838NhergR35o+EuVyB5XvSA98xod5r4utvi4TJ3ywmevm290g9nsCG5MryrdWQ== dependencies: "@ctrl/tinycolor" "^3.4.0" -"@ant-design/cssinjs@^1.10.1": - version "1.10.1" - resolved "https://registry.yarnpkg.com/@ant-design/cssinjs/-/cssinjs-1.10.1.tgz#c9173f38e3d61f0883ca3c17d7cf1e30784e0dd7" - integrity sha512-PSoJS8RMzn95ZRg007dJGr6AU0Zim/O+tTN0xmXmh9CkIl4y3wuOr2Zhehaj7s130wPSYDVvahf3DKT50w/Zhw== - dependencies: - "@babel/runtime" "^7.11.1" - "@emotion/hash" "^0.8.0" - "@emotion/unitless" "^0.7.5" - classnames "^2.3.1" - csstype "^3.0.10" - rc-util "^5.27.0" - stylis "^4.0.13" - "@ant-design/icons-svg@^4.2.1": version "4.2.1" resolved "https://registry.yarnpkg.com/@ant-design/icons-svg/-/icons-svg-4.2.1.tgz#8630da8eb4471a4aabdaed7d1ff6a97dcb2cf05a" integrity sha512-EB0iwlKDGpG93hW8f85CTJTs4SvMX7tt5ceupvhALp1IF44SeUFOMhKUOYqpsoYWQKAOuTRDMqn75rEaKDp0Xw== -"@ant-design/icons@^5.1.0": - version "5.1.4" - resolved "https://registry.yarnpkg.com/@ant-design/icons/-/icons-5.1.4.tgz#614e29e26d092c2c1c1a2acbc0d84434d8d1474e" - integrity sha512-YHKL7Jx3bM12OxvtiYDon04BsBT/6LGitYEqar3GljzWaAyMOAD8i/uF1Rsi5Us/YNdWWXBGSvZV2OZWMpJlcA== +"@ant-design/icons@^4.7.0": + version "4.7.0" + resolved "https://registry.yarnpkg.com/@ant-design/icons/-/icons-4.7.0.tgz#8c3cbe0a556ba92af5dc7d1e70c0b25b5179af0f" + integrity sha512-aoB4Z7JA431rt6d4u+8xcNPPCrdufSRMUOpxa1ab6mz1JCQZOEVolj2WVs/tDFmN62zzK30mNelEsprLYsSF3g== dependencies: - "@ant-design/colors" "^7.0.0" + "@ant-design/colors" "^6.0.0" "@ant-design/icons-svg" "^4.2.1" "@babel/runtime" "^7.11.2" classnames "^2.2.6" - rc-util "^5.31.1" + rc-util "^5.9.4" -"@ant-design/react-slick@~1.0.0": - version "1.0.1" - resolved "https://registry.yarnpkg.com/@ant-design/react-slick/-/react-slick-1.0.1.tgz#af10e67ef9a233df5610c36313a5c804ccc2ae6b" - integrity sha512-ARM0TmpGdDuUVE10NwUCENQlJSInNKo5NiBjL5szu5BxWNEHNwQMcDrlVCqFbkvFLy+2CvywW8Y59QJtC0YDag== +"@ant-design/react-slick@~0.29.1": + version "0.29.2" + resolved "https://registry.yarnpkg.com/@ant-design/react-slick/-/react-slick-0.29.2.tgz#53e6a7920ea3562eebb304c15a7fc2d7e619d29c" + integrity sha512-kgjtKmkGHa19FW21lHnAfyyH9AAoh35pBdcJ53rHmQ3O+cfFHGHnUbj/HFrRNJ5vIts09FKJVAD8RpaC+RaWfA== dependencies: "@babel/runtime" "^7.10.4" classnames "^2.2.5" json2mq "^0.2.0" + lodash "^4.17.21" resize-observer-polyfill "^1.5.1" - throttle-debounce "^5.0.0" "@babel/code-frame@^7.0.0", "@babel/code-frame@^7.5.5": version "7.5.5" @@ -1002,7 +989,7 @@ dependencies: regenerator-runtime "^0.13.4" -"@babel/runtime@^7.10.1", "@babel/runtime@^7.10.4", "@babel/runtime@^7.11.1", "@babel/runtime@^7.11.2": +"@babel/runtime@^7.10.1", "@babel/runtime@^7.10.2", "@babel/runtime@^7.10.4", "@babel/runtime@^7.11.1", "@babel/runtime@^7.11.2": version "7.16.7" resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.16.7.tgz#03ff99f64106588c9c403c6ecb8c3bafbbdff1fa" integrity sha512-9E9FJowqAsytyOY6LG+1KuueckRL+aQW+mKvXRXnuFGyRAyepJPmEo9vgMfXUA6O9u3IeEdv9MAkppFcaQwogQ== @@ -1023,20 +1010,6 @@ dependencies: regenerator-runtime "^0.13.4" -"@babel/runtime@^7.20.0", "@babel/runtime@^7.20.7": - version "7.22.5" - resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.22.5.tgz#8564dd588182ce0047d55d7a75e93921107b57ec" - integrity sha512-ecjvYlnAaZ/KVneE/OdKYBYfgXV3Ptu6zQWmgEF7vwKhQnvVS6bjMD2XYgj+SNvQ1GfK/pjgokfPkC/2CO8CuA== - dependencies: - regenerator-runtime "^0.13.11" - -"@babel/runtime@^7.21.0": - version "7.21.5" - resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.21.5.tgz#8492dddda9644ae3bda3b45eabe87382caee7200" - integrity sha512-8jI69toZqqcsnqGGqwGS4Qb1VwLOEp4hz+CXPywcvjs60u3B4Pom/U/7rm4W8tMOYEB+E9wgD0mW1l3r8qlI9Q== - dependencies: - regenerator-runtime "^0.13.11" - "@babel/runtime@^7.7.2", "@babel/runtime@^7.8.7": version "7.20.13" resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.20.13.tgz#7055ab8a7cff2b8f6058bf6ae45ff84ad2aded4b" @@ -1131,38 +1104,28 @@ exec-sh "^0.3.2" minimist "^1.2.0" -"@cspotcode/source-map-support@^0.8.0": - version "0.8.1" - resolved "https://registry.yarnpkg.com/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz#00629c35a688e05a88b1cda684fb9d5e73f000a1" - integrity sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw== +"@cspotcode/source-map-consumer@0.8.0": + version "0.8.0" + resolved "https://registry.yarnpkg.com/@cspotcode/source-map-consumer/-/source-map-consumer-0.8.0.tgz#33bf4b7b39c178821606f669bbc447a6a629786b" + integrity sha512-41qniHzTU8yAGbCp04ohlmSrZf8bkf/iJsl3V0dRGsQN/5GFfx+LbCSsCpp2gqrqjTVg/K6O8ycoV35JIwAzAg== + +"@cspotcode/source-map-support@0.7.0": + version "0.7.0" + resolved "https://registry.yarnpkg.com/@cspotcode/source-map-support/-/source-map-support-0.7.0.tgz#4789840aa859e46d2f3173727ab707c66bf344f5" + integrity sha512-X4xqRHqN8ACt2aHVe51OxeA2HjbcL4MqFqXkrmQszJ1NOUuUu5u6Vqx/0lZSVNku7velL5FC/s5uEAj1lsBMhA== dependencies: - "@jridgewell/trace-mapping" "0.3.9" + "@cspotcode/source-map-consumer" "0.8.0" "@ctrl/tinycolor@^3.4.0": version "3.4.0" resolved "https://registry.yarnpkg.com/@ctrl/tinycolor/-/tinycolor-3.4.0.tgz#c3c5ae543c897caa9c2a68630bed355be5f9990f" integrity sha512-JZButFdZ1+/xAfpguQHoabIXkcqRRKpMrWKBkpEZZyxfY9C1DpADFB8PEqGSTeFr135SaTRfKqGKx5xSCLI7ZQ== -"@ctrl/tinycolor@^3.6.0": - version "3.6.0" - resolved "https://registry.yarnpkg.com/@ctrl/tinycolor/-/tinycolor-3.6.0.tgz#53fa5fe9c34faee89469e48f91d51a3766108bc8" - integrity sha512-/Z3l6pXthq0JvMYdUFyX9j0MaCltlIn6mfh9jLyQwg5aPKxkyNa0PTHtU1AlFXLNk55ZuAeJRcpvq+tmLfKmaQ== - "@discoveryjs/json-ext@^0.5.0": version "0.5.7" resolved "https://registry.yarnpkg.com/@discoveryjs/json-ext/-/json-ext-0.5.7.tgz#1d572bfbbe14b7704e0ba0f39b74815b84870d70" integrity sha512-dBVuXR082gk3jsFp7Rd/JI4kytwGHecnCoTtXFb7DB6CNHp4rg5k1bhg0nWdLGLnOV71lmDzGQaLMy8iPLY0pw== -"@emotion/hash@^0.8.0": - version "0.8.0" - resolved "https://registry.yarnpkg.com/@emotion/hash/-/hash-0.8.0.tgz#bbbff68978fefdbe68ccb533bc8cbe1d1afb5413" - integrity sha512-kBJtf7PH6aWwZ6fka3zQ0p6SBYzx4fl1LoZXE2RrnYST9Xljm7WfKJrU4g/Xr3Beg72MLrp1AWNUmuYJTL7Cow== - -"@emotion/unitless@^0.7.5": - version "0.7.5" - resolved "https://registry.yarnpkg.com/@emotion/unitless/-/unitless-0.7.5.tgz#77211291c1900a700b8a78cfafda3160d76949ed" - integrity sha512-OWORNpfjMsSSUBVrRBVGECkhWcULOAJz9ZW8uK9qgxD+87M7jHRcvh/A96XXNhXTLmKcoYSQtBEX7lHMO7YRwg== - "@esbuild-kit/cjs-loader@^2.0.0": version "2.0.0" resolved "https://registry.yarnpkg.com/@esbuild-kit/cjs-loader/-/cjs-loader-2.0.0.tgz#f385aed0ba482cb9de28880e7401259311cacbd7" @@ -1192,10 +1155,10 @@ resolved "https://registry.yarnpkg.com/@exodus/schemasafe/-/schemasafe-1.0.0-rc.3.tgz#dda2fbf3dafa5ad8c63dadff7e01d3fdf4736025" integrity sha512-GoXw0U2Qaa33m3eUcxuHnHpNvHjNlLo0gtV091XBpaRINaB4X6FGCG5XKxSFNFiPpugUDqNruHzaqpTdDm4AOg== -"@fortawesome/fontawesome-free@^6.2.1", "@fortawesome/fontawesome-free@^6.4.0": - version "6.4.0" - resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-6.4.0.tgz#1ee0c174e472c84b23cb46c995154dc383e3b4fe" - integrity sha512-0NyytTlPJwB/BF5LtRV8rrABDbe3TdTXqNB3PdZ+UUUZAEIrdOJdmABqKjt4AXwIoJNaRVVZEXxpNrqvE1GAYQ== +"@fortawesome/fontawesome-free@^6.1.1": + version "6.2.0" + resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-6.2.0.tgz#ba3510825b332816fe7190f28827f8cb33a298b5" + integrity sha512-CNR7qRIfCwWHNN7FnKUniva94edPdyQzil/zCwk3v6k4R6rR2Fr8i4s3PM7n/lyfPA6Zfko9z5WDzFxG9SW1uQ== "@istanbuljs/load-nyc-config@^1.0.0": version "1.1.0" @@ -1432,7 +1395,7 @@ "@jridgewell/sourcemap-codec" "^1.4.10" "@jridgewell/trace-mapping" "^0.3.9" -"@jridgewell/resolve-uri@3.1.0", "@jridgewell/resolve-uri@^3.0.3": +"@jridgewell/resolve-uri@^3.0.3": version "3.1.0" resolved "https://registry.yarnpkg.com/@jridgewell/resolve-uri/-/resolve-uri-3.1.0.tgz#2203b118c157721addfe69d47b70465463066d78" integrity sha512-F2msla3tad+Mfht5cJq7LSXcdudKTWCVYUgw6pLFOOHSTtZlj6SWNYAp+AhuqLmWdBO2X5hPrLcu8cVP8fy28w== @@ -1450,19 +1413,11 @@ "@jridgewell/gen-mapping" "^0.3.0" "@jridgewell/trace-mapping" "^0.3.9" -"@jridgewell/sourcemap-codec@1.4.14", "@jridgewell/sourcemap-codec@^1.4.10": +"@jridgewell/sourcemap-codec@^1.4.10": version "1.4.14" resolved "https://registry.yarnpkg.com/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.14.tgz#add4c98d341472a289190b424efbdb096991bb24" integrity sha512-XPSJHWmi394fuUuzDnGz1wiKqWfo1yXecHQMRf2l6hztTO+nPru658AyDngaBe7isIxEkRsPR3FZh+s7iVa4Uw== -"@jridgewell/trace-mapping@0.3.9": - version "0.3.9" - resolved "https://registry.yarnpkg.com/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz#6534fd5933a53ba7cbf3a17615e273a0d1273ff9" - integrity sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ== - dependencies: - "@jridgewell/resolve-uri" "^3.0.3" - "@jridgewell/sourcemap-codec" "^1.4.10" - "@jridgewell/trace-mapping@^0.3.0": version "0.3.4" resolved "https://registry.yarnpkg.com/@jridgewell/trace-mapping/-/trace-mapping-0.3.4.tgz#f6a0832dffd5b8a6aaa633b7d9f8e8e94c83a0c3" @@ -1471,14 +1426,6 @@ "@jridgewell/resolve-uri" "^3.0.3" "@jridgewell/sourcemap-codec" "^1.4.10" -"@jridgewell/trace-mapping@^0.3.17": - version "0.3.18" - resolved "https://registry.yarnpkg.com/@jridgewell/trace-mapping/-/trace-mapping-0.3.18.tgz#25783b2086daf6ff1dcb53c9249ae480e4dd4cd6" - integrity sha512-w+niJYzMHdd7USdiH2U6869nqhD2nbfZXND5Yp93qIbEmnDNk7PD48o+YchRVpzMU7M6jVCbenTR7PA1FLQ9pA== - dependencies: - "@jridgewell/resolve-uri" "3.1.0" - "@jridgewell/sourcemap-codec" "1.4.14" - "@jridgewell/trace-mapping@^0.3.9": version "0.3.14" resolved "https://registry.yarnpkg.com/@jridgewell/trace-mapping/-/trace-mapping-0.3.14.tgz#b231a081d8f66796e475ad588a1ef473112701ed" @@ -1516,73 +1463,6 @@ mkdirp "^1.0.4" rimraf "^3.0.2" -"@rc-component/color-picker@~1.2.0": - version "1.2.0" - resolved "https://registry.yarnpkg.com/@rc-component/color-picker/-/color-picker-1.2.0.tgz#964c86e85f0791703c7f1ec842e7476bcb41954d" - integrity sha512-IitJ6RWGHs7btI1AqzGPrehr5bueWLGDUyMKwDwvFunfSDo/o8g/95kUG55vC5EYLM0ZJ3SDfw45OrW5KAx3oA== - dependencies: - "@babel/runtime" "^7.10.1" - "@ctrl/tinycolor" "^3.6.0" - classnames "^2.2.6" - rc-util "^5.30.0" - -"@rc-component/context@^1.3.0": - version "1.3.0" - resolved "https://registry.yarnpkg.com/@rc-component/context/-/context-1.3.0.tgz#608ccf0abcbec9406751b17a4b35db08e481c110" - integrity sha512-6QdaCJ7Wn5UZLJs15IEfqy4Ru3OaL5ctqpQYWd5rlfV9wwzrzdt6+kgAQZV/qdB0MUPN4nhyBfRembQCIvBf+w== - dependencies: - "@babel/runtime" "^7.10.1" - rc-util "^5.27.0" - -"@rc-component/mini-decimal@^1.0.1": - version "1.1.0" - resolved "https://registry.yarnpkg.com/@rc-component/mini-decimal/-/mini-decimal-1.1.0.tgz#7b7a362b14a0a54cb5bc6fd2b82731f29f11d9b0" - integrity sha512-jS4E7T9Li2GuYwI6PyiVXmxTiM6b07rlD9Ge8uGZSCz3WlzcG5ZK7g5bbuKNeZ9pgUuPK/5guV781ujdVpm4HQ== - dependencies: - "@babel/runtime" "^7.18.0" - -"@rc-component/mutate-observer@^1.0.0": - version "1.0.0" - resolved "https://registry.yarnpkg.com/@rc-component/mutate-observer/-/mutate-observer-1.0.0.tgz#ce99af3239ed9c74ee3e7302f1c67098de920b46" - integrity sha512-okqRJSfNisXdI6CUeOLZC5ukBW/8kir2Ii4PJiKpUt+3+uS7dxwJUMxsUZquxA1rQuL8YcEmKVp/TCnR+yUdZA== - dependencies: - "@babel/runtime" "^7.18.0" - classnames "^2.3.2" - rc-util "^5.24.4" - -"@rc-component/portal@^1.0.0-8", "@rc-component/portal@^1.0.0-9", "@rc-component/portal@^1.0.2", "@rc-component/portal@^1.1.0", "@rc-component/portal@^1.1.1": - version "1.1.1" - resolved "https://registry.yarnpkg.com/@rc-component/portal/-/portal-1.1.1.tgz#1a30ffe51c240b54360cba8e8bfc5d1f559325c4" - integrity sha512-m8w3dFXX0H6UkJ4wtfrSwhe2/6M08uz24HHrF8pWfAXPwA9hwCuTE5per/C86KwNLouRpwFGcr7LfpHaa1F38g== - dependencies: - "@babel/runtime" "^7.18.0" - classnames "^2.3.2" - rc-util "^5.24.4" - -"@rc-component/tour@~1.8.0": - version "1.8.0" - resolved "https://registry.yarnpkg.com/@rc-component/tour/-/tour-1.8.0.tgz#fda8b533e36db1d4254e3ffbcefe3395c346eb1c" - integrity sha512-rrRGioHTLQlGca27G2+lw7QpRb3uuMYCUIJjj31/B44VCJS0P2tqYhOgtzvWQmaLMlWH3ZlpzotkKX13NT4XEA== - dependencies: - "@babel/runtime" "^7.18.0" - "@rc-component/portal" "^1.0.0-9" - "@rc-component/trigger" "^1.3.6" - classnames "^2.3.2" - rc-util "^5.24.4" - -"@rc-component/trigger@^1.0.4", "@rc-component/trigger@^1.13.0", "@rc-component/trigger@^1.3.6", "@rc-component/trigger@^1.5.0", "@rc-component/trigger@^1.6.2", "@rc-component/trigger@^1.7.0": - version "1.13.6" - resolved "https://registry.yarnpkg.com/@rc-component/trigger/-/trigger-1.13.6.tgz#1375303018d16ccdf88e31c6bcd131421e1fa3e7" - integrity sha512-13aF9SrR5XAd+tyV/zja0A2pbrA/zdTCXRBNIsoLp8OmhVOnqiwjP7XZYPulLsH0ioEfvtXR1yI0anJD0/J7PQ== - dependencies: - "@babel/runtime" "^7.18.3" - "@rc-component/portal" "^1.1.0" - classnames "^2.3.2" - rc-align "^4.0.0" - rc-motion "^2.0.0" - rc-resize-observer "^1.3.1" - rc-util "^5.33.0" - "@redocly/ajv@^8.6.4": version "8.6.4" resolved "https://registry.yarnpkg.com/@redocly/ajv/-/ajv-8.6.4.tgz#94053e7a9d4146d1a4feacd3813892873f229a85" @@ -1628,13 +1508,13 @@ dependencies: "@sinonjs/commons" "^1.7.0" -"@tippy.js/react@^3.1.1": - version "3.1.1" - resolved "https://registry.yarnpkg.com/@tippy.js/react/-/react-3.1.1.tgz#027e4595e55f31430741fe8e0d92aaddfbe47efd" - integrity sha512-KF45vW/jKh/nBXk/2zzTFslv/T46zOMkIoDJ56ymZ+M00yHttk58J5wZ29oqGqDIUnobWSZD+cFpbR4u/UUvgw== +"@tippy.js/react@^2.2.3": + version "2.2.3" + resolved "https://registry.yarnpkg.com/@tippy.js/react/-/react-2.2.3.tgz#2ffb0af6693055be7db4b329b2d3cc7f2356f68e" + integrity sha512-5XYvbQujzDj9r00JYEz/cBtm6DutjOdv2azdco53B+eWF7FDBCQfkLVn87wimfEpmGK0vqRQv/cwFxFcoOP98Q== dependencies: prop-types "^15.6.2" - tippy.js "^5.1.1" + tippy.js "^4.3.4" "@tootallnate/once@1": version "1.1.2" @@ -1767,10 +1647,10 @@ "@types/estree" "*" "@types/json-schema" "*" -"@types/estree@*", "@types/estree@^1.0.0": - version "1.0.1" - resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.1.tgz#aa22750962f3bf0e79d753d3cc067f010c95f194" - integrity sha512-LG4opVs2ANWZ1TJoKc937iMmNstM/d0ae1vNbnBvBhqCSezgVUOzcLCqbI5elV8Vy6WKwKjaqR+zO9VKirBBCA== +"@types/estree@*", "@types/estree@^0.0.51": + version "0.0.51" + resolved "https://registry.yarnpkg.com/@types/estree/-/estree-0.0.51.tgz#cfd70924a25a3fd32b218e5e420e6897e1ac4f40" + integrity sha512-CuPgU6f3eT/XgKKPqKd/gLZV1Xmvf1a2R5POBOGQa6uv82xpls89HU5zKeVoyR8XzHd1RGNOlQlvUe3CFkjWNQ== "@types/express-serve-static-core@*", "@types/express-serve-static-core@^4.17.18": version "4.17.28" @@ -1908,11 +1788,6 @@ resolved "https://registry.yarnpkg.com/@types/node/-/node-16.3.1.tgz#24691fa2b0c3ec8c0d34bfcfd495edac5593ebb4" integrity sha512-N87VuQi7HEeRJkhzovao/JviiqKjDKMVKxKMfUvSKw+MbkbW8R0nA3fi/MQhhlxV2fQ+2ReM+/Nt4efdrJx3zA== -"@types/node@20.4.0": - version "20.4.0" - resolved "https://registry.yarnpkg.com/@types/node/-/node-20.4.0.tgz#01d637d1891e419bc85763b46f42809cd2d5addb" - integrity sha512-jfT7iTf/4kOQ9S7CHV9BIyRaQqHu67mOjsIQBC3BKZvzvUB6zLxEwJ6sBE3ozcvP8kF6Uk5PXN0Q+c0dfhGX0g== - "@types/node@^14.11.8": version "14.18.12" resolved "https://registry.yarnpkg.com/@types/node/-/node-14.18.12.tgz#0d4557fd3b94497d793efd4e7d92df2f83b4ef24" @@ -2066,11 +1941,6 @@ "@types/cookiejar" "*" "@types/node" "*" -"@types/uuid@^9.0.1": - version "9.0.1" - resolved "https://registry.yarnpkg.com/@types/uuid/-/uuid-9.0.1.tgz#98586dc36aee8dacc98cc396dbca8d0429647aa6" - integrity sha512-rFT3ak0/2trgvp4yYZo5iKFEPsET7vKydKF+VRCxlQ9bpheehyAJH89dAkaLEq/j/RZXJIqcgsmPJKUP1Z28HA== - "@types/ws@^8.2.2": version "8.5.3" resolved "https://registry.yarnpkg.com/@types/ws/-/ws-8.5.3.tgz#7d25a1ffbecd3c4f2d35068d0b283c037003274d" @@ -2104,125 +1974,125 @@ dependencies: "@types/yargs-parser" "*" -"@webassemblyjs/ast@1.11.6", "@webassemblyjs/ast@^1.11.5": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/ast/-/ast-1.11.6.tgz#db046555d3c413f8966ca50a95176a0e2c642e24" - integrity sha512-IN1xI7PwOvLPgjcf180gC1bqn3q/QaOCwYUahIOhbYUu8KA/3tw2RT/T0Gidi1l7Hhj5D/INhJxiICObqpMu4Q== +"@webassemblyjs/ast@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/ast/-/ast-1.11.1.tgz#2bfd767eae1a6996f432ff7e8d7fc75679c0b6a7" + integrity sha512-ukBh14qFLjxTQNTXocdyksN5QdM28S1CxHt2rdskFyL+xFV7VremuBLVbmCePj+URalXBENx/9Lm7lnhihtCSw== dependencies: - "@webassemblyjs/helper-numbers" "1.11.6" - "@webassemblyjs/helper-wasm-bytecode" "1.11.6" + "@webassemblyjs/helper-numbers" "1.11.1" + "@webassemblyjs/helper-wasm-bytecode" "1.11.1" -"@webassemblyjs/floating-point-hex-parser@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/floating-point-hex-parser/-/floating-point-hex-parser-1.11.6.tgz#dacbcb95aff135c8260f77fa3b4c5fea600a6431" - integrity sha512-ejAj9hfRJ2XMsNHk/v6Fu2dGS+i4UaXBXGemOfQ/JfQ6mdQg/WXtwleQRLLS4OvfDhv8rYnVwH27YJLMyYsxhw== +"@webassemblyjs/floating-point-hex-parser@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/floating-point-hex-parser/-/floating-point-hex-parser-1.11.1.tgz#f6c61a705f0fd7a6aecaa4e8198f23d9dc179e4f" + integrity sha512-iGRfyc5Bq+NnNuX8b5hwBrRjzf0ocrJPI6GWFodBFzmFnyvrQ83SHKhmilCU/8Jv67i4GJZBMhEzltxzcNagtQ== -"@webassemblyjs/helper-api-error@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-api-error/-/helper-api-error-1.11.6.tgz#6132f68c4acd59dcd141c44b18cbebbd9f2fa768" - integrity sha512-o0YkoP4pVu4rN8aTJgAyj9hC2Sv5UlkzCHhxqWj8butaLvnpdc2jOwh4ewE6CX0txSfLn/UYaV/pheS2Txg//Q== +"@webassemblyjs/helper-api-error@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-api-error/-/helper-api-error-1.11.1.tgz#1a63192d8788e5c012800ba6a7a46c705288fd16" + integrity sha512-RlhS8CBCXfRUR/cwo2ho9bkheSXG0+NwooXcc3PAILALf2QLdFyj7KGsKRbVc95hZnhnERon4kW/D3SZpp6Tcg== -"@webassemblyjs/helper-buffer@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-buffer/-/helper-buffer-1.11.6.tgz#b66d73c43e296fd5e88006f18524feb0f2c7c093" - integrity sha512-z3nFzdcp1mb8nEOFFk8DrYLpHvhKC3grJD2ardfKOzmbmJvEf/tPIqCY+sNcwZIY8ZD7IkB2l7/pqhUhqm7hLA== +"@webassemblyjs/helper-buffer@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-buffer/-/helper-buffer-1.11.1.tgz#832a900eb444884cde9a7cad467f81500f5e5ab5" + integrity sha512-gwikF65aDNeeXa8JxXa2BAk+REjSyhrNC9ZwdT0f8jc4dQQeDQ7G4m0f2QCLPJiMTTO6wfDmRmj/pW0PsUvIcA== -"@webassemblyjs/helper-numbers@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-numbers/-/helper-numbers-1.11.6.tgz#cbce5e7e0c1bd32cf4905ae444ef64cea919f1b5" - integrity sha512-vUIhZ8LZoIWHBohiEObxVm6hwP034jwmc9kuq5GdHZH0wiLVLIPcMCdpJzG4C11cHoQ25TFIQj9kaVADVX7N3g== +"@webassemblyjs/helper-numbers@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-numbers/-/helper-numbers-1.11.1.tgz#64d81da219fbbba1e3bd1bfc74f6e8c4e10a62ae" + integrity sha512-vDkbxiB8zfnPdNK9Rajcey5C0w+QJugEglN0of+kmO8l7lDb77AnlKYQF7aarZuCrv+l0UvqL+68gSDr3k9LPQ== dependencies: - "@webassemblyjs/floating-point-hex-parser" "1.11.6" - "@webassemblyjs/helper-api-error" "1.11.6" + "@webassemblyjs/floating-point-hex-parser" "1.11.1" + "@webassemblyjs/helper-api-error" "1.11.1" "@xtuc/long" "4.2.2" -"@webassemblyjs/helper-wasm-bytecode@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-bytecode/-/helper-wasm-bytecode-1.11.6.tgz#bb2ebdb3b83aa26d9baad4c46d4315283acd51e9" - integrity sha512-sFFHKwcmBprO9e7Icf0+gddyWYDViL8bpPjJJl0WHxCdETktXdmtWLGVzoHbqUcY4Be1LkNfwTmXOJUFZYSJdA== +"@webassemblyjs/helper-wasm-bytecode@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-bytecode/-/helper-wasm-bytecode-1.11.1.tgz#f328241e41e7b199d0b20c18e88429c4433295e1" + integrity sha512-PvpoOGiJwXeTrSf/qfudJhwlvDQxFgelbMqtq52WWiXC6Xgg1IREdngmPN3bs4RoO83PnL/nFrxucXj1+BX62Q== -"@webassemblyjs/helper-wasm-section@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.11.6.tgz#ff97f3863c55ee7f580fd5c41a381e9def4aa577" - integrity sha512-LPpZbSOwTpEC2cgn4hTydySy1Ke+XEu+ETXuoyvuyezHO3Kjdu90KK95Sh9xTbmjrCsUwvWwCOQQNta37VrS9g== +"@webassemblyjs/helper-wasm-section@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.11.1.tgz#21ee065a7b635f319e738f0dd73bfbda281c097a" + integrity sha512-10P9No29rYX1j7F3EVPX3JvGPQPae+AomuSTPiF9eBQeChHI6iqjMIwR9JmOJXwpnn/oVGDk7I5IlskuMwU/pg== dependencies: - "@webassemblyjs/ast" "1.11.6" - "@webassemblyjs/helper-buffer" "1.11.6" - "@webassemblyjs/helper-wasm-bytecode" "1.11.6" - "@webassemblyjs/wasm-gen" "1.11.6" + "@webassemblyjs/ast" "1.11.1" + "@webassemblyjs/helper-buffer" "1.11.1" + "@webassemblyjs/helper-wasm-bytecode" "1.11.1" + "@webassemblyjs/wasm-gen" "1.11.1" -"@webassemblyjs/ieee754@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/ieee754/-/ieee754-1.11.6.tgz#bb665c91d0b14fffceb0e38298c329af043c6e3a" - integrity sha512-LM4p2csPNvbij6U1f19v6WR56QZ8JcHg3QIJTlSwzFcmx6WSORicYj6I63f9yU1kEUtrpG+kjkiIAkevHpDXrg== +"@webassemblyjs/ieee754@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/ieee754/-/ieee754-1.11.1.tgz#963929e9bbd05709e7e12243a099180812992614" + integrity sha512-hJ87QIPtAMKbFq6CGTkZYJivEwZDbQUgYd3qKSadTNOhVY7p+gfP6Sr0lLRVTaG1JjFj+r3YchoqRYxNH3M0GQ== dependencies: "@xtuc/ieee754" "^1.2.0" -"@webassemblyjs/leb128@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/leb128/-/leb128-1.11.6.tgz#70e60e5e82f9ac81118bc25381a0b283893240d7" - integrity sha512-m7a0FhE67DQXgouf1tbN5XQcdWoNgaAuoULHIfGFIEVKA6tu/edls6XnIlkmS6FrXAquJRPni3ZZKjw6FSPjPQ== +"@webassemblyjs/leb128@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/leb128/-/leb128-1.11.1.tgz#ce814b45574e93d76bae1fb2644ab9cdd9527aa5" + integrity sha512-BJ2P0hNZ0u+Th1YZXJpzW6miwqQUGcIHT1G/sf72gLVD9DZ5AdYTqPNbHZh6K1M5VmKvFXwGSWZADz+qBWxeRw== dependencies: "@xtuc/long" "4.2.2" -"@webassemblyjs/utf8@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/utf8/-/utf8-1.11.6.tgz#90f8bc34c561595fe156603be7253cdbcd0fab5a" - integrity sha512-vtXf2wTQ3+up9Zsg8sa2yWiQpzSsMyXj0qViVP6xKGCUT8p8YJ6HqI7l5eCnWx1T/FYdsv07HQs2wTFbbof/RA== - -"@webassemblyjs/wasm-edit@^1.11.5": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-edit/-/wasm-edit-1.11.6.tgz#c72fa8220524c9b416249f3d94c2958dfe70ceab" - integrity sha512-Ybn2I6fnfIGuCR+Faaz7YcvtBKxvoLV3Lebn1tM4o/IAJzmi9AWYIPWpyBfU8cC+JxAO57bk4+zdsTjJR+VTOw== - dependencies: - "@webassemblyjs/ast" "1.11.6" - "@webassemblyjs/helper-buffer" "1.11.6" - "@webassemblyjs/helper-wasm-bytecode" "1.11.6" - "@webassemblyjs/helper-wasm-section" "1.11.6" - "@webassemblyjs/wasm-gen" "1.11.6" - "@webassemblyjs/wasm-opt" "1.11.6" - "@webassemblyjs/wasm-parser" "1.11.6" - "@webassemblyjs/wast-printer" "1.11.6" - -"@webassemblyjs/wasm-gen@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-gen/-/wasm-gen-1.11.6.tgz#fb5283e0e8b4551cc4e9c3c0d7184a65faf7c268" - integrity sha512-3XOqkZP/y6B4F0PBAXvI1/bky7GryoogUtfwExeP/v7Nzwo1QLcq5oQmpKlftZLbT+ERUOAZVQjuNVak6UXjPA== - dependencies: - "@webassemblyjs/ast" "1.11.6" - "@webassemblyjs/helper-wasm-bytecode" "1.11.6" - "@webassemblyjs/ieee754" "1.11.6" - "@webassemblyjs/leb128" "1.11.6" - "@webassemblyjs/utf8" "1.11.6" - -"@webassemblyjs/wasm-opt@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-opt/-/wasm-opt-1.11.6.tgz#d9a22d651248422ca498b09aa3232a81041487c2" - integrity sha512-cOrKuLRE7PCe6AsOVl7WasYf3wbSo4CeOk6PkrjS7g57MFfVUF9u6ysQBBODX0LdgSvQqRiGz3CXvIDKcPNy4g== - dependencies: - "@webassemblyjs/ast" "1.11.6" - "@webassemblyjs/helper-buffer" "1.11.6" - "@webassemblyjs/wasm-gen" "1.11.6" - "@webassemblyjs/wasm-parser" "1.11.6" - -"@webassemblyjs/wasm-parser@1.11.6", "@webassemblyjs/wasm-parser@^1.11.5": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-parser/-/wasm-parser-1.11.6.tgz#bb85378c527df824004812bbdb784eea539174a1" - integrity sha512-6ZwPeGzMJM3Dqp3hCsLgESxBGtT/OeCvCZ4TA1JUPYgmhAx38tTPR9JaKy0S5H3evQpO/h2uWs2j6Yc/fjkpTQ== - dependencies: - "@webassemblyjs/ast" "1.11.6" - "@webassemblyjs/helper-api-error" "1.11.6" - "@webassemblyjs/helper-wasm-bytecode" "1.11.6" - "@webassemblyjs/ieee754" "1.11.6" - "@webassemblyjs/leb128" "1.11.6" - "@webassemblyjs/utf8" "1.11.6" - -"@webassemblyjs/wast-printer@1.11.6": - version "1.11.6" - resolved "https://registry.yarnpkg.com/@webassemblyjs/wast-printer/-/wast-printer-1.11.6.tgz#a7bf8dd7e362aeb1668ff43f35cb849f188eff20" - integrity sha512-JM7AhRcE+yW2GWYaKeHL5vt4xqee5N2WcezptmgyhNS+ScggqcT1OtXykhAb13Sn5Yas0j2uv9tHgrjwvzAP4A== - dependencies: - "@webassemblyjs/ast" "1.11.6" +"@webassemblyjs/utf8@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/utf8/-/utf8-1.11.1.tgz#d1f8b764369e7c6e6bae350e854dec9a59f0a3ff" + integrity sha512-9kqcxAEdMhiwQkHpkNiorZzqpGrodQQ2IGrHHxCy+Ozng0ofyMA0lTqiLkVs1uzTRejX+/O0EOT7KxqVPuXosQ== + +"@webassemblyjs/wasm-edit@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-edit/-/wasm-edit-1.11.1.tgz#ad206ebf4bf95a058ce9880a8c092c5dec8193d6" + integrity sha512-g+RsupUC1aTHfR8CDgnsVRVZFJqdkFHpsHMfJuWQzWU3tvnLC07UqHICfP+4XyL2tnr1amvl1Sdp06TnYCmVkA== + dependencies: + "@webassemblyjs/ast" "1.11.1" + "@webassemblyjs/helper-buffer" "1.11.1" + "@webassemblyjs/helper-wasm-bytecode" "1.11.1" + "@webassemblyjs/helper-wasm-section" "1.11.1" + "@webassemblyjs/wasm-gen" "1.11.1" + "@webassemblyjs/wasm-opt" "1.11.1" + "@webassemblyjs/wasm-parser" "1.11.1" + "@webassemblyjs/wast-printer" "1.11.1" + +"@webassemblyjs/wasm-gen@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-gen/-/wasm-gen-1.11.1.tgz#86c5ea304849759b7d88c47a32f4f039ae3c8f76" + integrity sha512-F7QqKXwwNlMmsulj6+O7r4mmtAlCWfO/0HdgOxSklZfQcDu0TpLiD1mRt/zF25Bk59FIjEuGAIyn5ei4yMfLhA== + dependencies: + "@webassemblyjs/ast" "1.11.1" + "@webassemblyjs/helper-wasm-bytecode" "1.11.1" + "@webassemblyjs/ieee754" "1.11.1" + "@webassemblyjs/leb128" "1.11.1" + "@webassemblyjs/utf8" "1.11.1" + +"@webassemblyjs/wasm-opt@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-opt/-/wasm-opt-1.11.1.tgz#657b4c2202f4cf3b345f8a4c6461c8c2418985f2" + integrity sha512-VqnkNqnZlU5EB64pp1l7hdm3hmQw7Vgqa0KF/KCNO9sIpI6Fk6brDEiX+iCOYrvMuBWDws0NkTOxYEb85XQHHw== + dependencies: + "@webassemblyjs/ast" "1.11.1" + "@webassemblyjs/helper-buffer" "1.11.1" + "@webassemblyjs/wasm-gen" "1.11.1" + "@webassemblyjs/wasm-parser" "1.11.1" + +"@webassemblyjs/wasm-parser@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-parser/-/wasm-parser-1.11.1.tgz#86ca734534f417e9bd3c67c7a1c75d8be41fb199" + integrity sha512-rrBujw+dJu32gYB7/Lup6UhdkPx9S9SnobZzRVL7VcBH9Bt9bCBLEuX/YXOOtBsOZ4NQrRykKhffRWHvigQvOA== + dependencies: + "@webassemblyjs/ast" "1.11.1" + "@webassemblyjs/helper-api-error" "1.11.1" + "@webassemblyjs/helper-wasm-bytecode" "1.11.1" + "@webassemblyjs/ieee754" "1.11.1" + "@webassemblyjs/leb128" "1.11.1" + "@webassemblyjs/utf8" "1.11.1" + +"@webassemblyjs/wast-printer@1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@webassemblyjs/wast-printer/-/wast-printer-1.11.1.tgz#d0c73beda8eec5426f10ae8ef55cee5e7084c2f0" + integrity sha512-IQboUWM4eKzWW+N/jij2sRatKMh99QEelo3Eb2q0qXkvPRISAj8Qxtmw5itwqK+TTkBuUIE45AxYPToqPtL5gg== + dependencies: + "@webassemblyjs/ast" "1.11.1" "@xtuc/long" "4.2.2" "@webpack-cli/configtest@^1.1.1": @@ -2273,10 +2143,10 @@ acorn-globals@^6.0.0: acorn "^7.1.1" acorn-walk "^7.1.1" -acorn-import-assertions@^1.9.0: - version "1.9.0" - resolved "https://registry.yarnpkg.com/acorn-import-assertions/-/acorn-import-assertions-1.9.0.tgz#507276249d684797c84e0734ef84860334cfb1ac" - integrity sha512-cmMwop9x+8KFhxvKrKfPYmN6/pKTYYHBqLa0DfvVZcKMJWNyWLnaqND7dx/qn66R7ewM1UX5XMaDVP5wlVTaVA== +acorn-import-assertions@^1.7.6: + version "1.8.0" + resolved "https://registry.yarnpkg.com/acorn-import-assertions/-/acorn-import-assertions-1.8.0.tgz#ba2b5939ce62c238db6d93d81c9b111b29b855e9" + integrity sha512-m7VZ3jwz4eK6A4Vtt8Ew1/mNbP24u0FhdyfA7fSvnJR6LMdfOYnmuIrrJAgrYfYJ10F/otaHTtrtrtmHdMNzEw== acorn-walk@^7.1.1: version "7.2.0" @@ -2293,16 +2163,21 @@ acorn@^7.1.1: resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.1.tgz#feaed255973d2e77555b83dbc08851a6c63520fa" integrity sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A== -acorn@^8.2.4, acorn@^8.4.1, acorn@^8.5.0, acorn@^8.7.1: - version "8.8.2" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.8.2.tgz#1b2f25db02af965399b9776b0c2c391276d37c4a" - integrity sha512-xjIYgE8HBrkpd/sJqOGNspf8uHG+NOHGOw6a/Urj8taM2EXfdNAH2oFcPeIFfsv3+kz/mJrS5VuMqbNLjCa2vw== +acorn@^8.2.4, acorn@^8.4.1, acorn@^8.5.0: + version "8.7.1" + resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.7.1.tgz#0197122c843d1bf6d0a5e83220a788f278f63c30" + integrity sha512-Xx54uLJQZ19lKygFXOWsscKUbsBZW0CPykPhVQdhIeIwrbPmJzqeASDInc8nKBnp/JT6igTs82qPXz069H8I/A== add@^2.0.6: version "2.0.6" resolved "https://registry.yarnpkg.com/add/-/add-2.0.6.tgz#248f0a9f6e5a528ef2295dbeec30532130ae2235" integrity sha1-JI8Kn25aUo7yKV2+7DBTITCuIjU= +agent-base@5: + version "5.1.1" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-5.1.1.tgz#e8fb3f242959db44d63be665db7a8e739537a32c" + integrity sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g== + agent-base@6: version "6.0.2" resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77" @@ -2436,59 +2311,55 @@ ansi-to-react@^6.1.6: anser "^1.4.1" escape-carriage "^1.3.0" -antd@^5.6.1: - version "5.6.2" - resolved "https://registry.yarnpkg.com/antd/-/antd-5.6.2.tgz#97c8b7e37747d7b8fca1bdaf15525332906a998c" - integrity sha512-h67gKgJRs07Qrf27AiKcJSEI3nCAmaCxxvEz6DSdRl1mHc03O8zAemRA6jPQQMPS5q4k7FxIphN+2ZnzdXlU2Q== +antd@^4.21.3: + version "4.23.0" + resolved "https://registry.yarnpkg.com/antd/-/antd-4.23.0.tgz#e336bf17816b66a38c85707b0b2d62a652680929" + integrity sha512-a0voELfS5lDy6NCcDNbDUMv2OZ+IfeX/kYxaRnRJj0/R4tPJWAqs0bqFVpdk5y8JsPl6B396bTVzKZo49e+uvA== dependencies: - "@ant-design/colors" "^7.0.0" - "@ant-design/cssinjs" "^1.10.1" - "@ant-design/icons" "^5.1.0" - "@ant-design/react-slick" "~1.0.0" + "@ant-design/colors" "^6.0.0" + "@ant-design/icons" "^4.7.0" + "@ant-design/react-slick" "~0.29.1" "@babel/runtime" "^7.18.3" - "@ctrl/tinycolor" "^3.6.0" - "@rc-component/color-picker" "~1.2.0" - "@rc-component/mutate-observer" "^1.0.0" - "@rc-component/tour" "~1.8.0" - "@rc-component/trigger" "^1.13.0" + "@ctrl/tinycolor" "^3.4.0" classnames "^2.2.6" copy-to-clipboard "^3.2.0" - dayjs "^1.11.1" - qrcode.react "^3.1.0" - rc-cascader "~3.12.0" - rc-checkbox "~3.1.0" - rc-collapse "~3.7.0" - rc-dialog "~9.1.0" - rc-drawer "~6.2.0" - rc-dropdown "~4.1.0" - rc-field-form "~1.32.0" - rc-image "~5.17.1" - rc-input "~1.0.4" - rc-input-number "~7.4.0" - rc-mentions "~2.3.0" - rc-menu "~9.9.2" - rc-motion "^2.7.3" - rc-notification "~5.0.4" - rc-pagination "~3.5.0" - rc-picker "~3.8.2" - rc-progress "~3.4.1" - rc-rate "~2.12.0" + lodash "^4.17.21" + memoize-one "^6.0.0" + moment "^2.29.2" + rc-cascader "~3.6.0" + rc-checkbox "~2.3.0" + rc-collapse "~3.3.0" + rc-dialog "~8.9.0" + rc-drawer "~5.1.0" + rc-dropdown "~4.0.0" + rc-field-form "~1.27.0" + rc-image "~5.7.0" + rc-input "~0.1.2" + rc-input-number "~7.3.5" + rc-mentions "~1.9.1" + rc-menu "~9.6.3" + rc-motion "^2.6.1" + rc-notification "~4.6.0" + rc-pagination "~3.1.17" + rc-picker "~2.6.10" + rc-progress "~3.3.2" + rc-rate "~2.9.0" rc-resize-observer "^1.2.0" - rc-segmented "~2.2.0" - rc-select "~14.5.0" - rc-slider "~10.1.0" - rc-steps "~6.0.0" - rc-switch "~4.1.0" - rc-table "~7.32.1" - rc-tabs "~12.7.0" - rc-textarea "~1.2.2" - rc-tooltip "~6.0.0" - rc-tree "~5.7.4" - rc-tree-select "~5.9.0" + rc-segmented "~2.1.0" + rc-select "~14.1.1" + rc-slider "~10.0.0" + rc-steps "~4.1.0" + rc-switch "~3.2.0" + rc-table "~7.26.0" + rc-tabs "~12.1.0-alpha.1" + rc-textarea "~0.3.0" + rc-tooltip "~5.2.0" + rc-tree "~5.6.5" + rc-tree-select "~5.4.0" + rc-trigger "^5.2.10" rc-upload "~4.3.0" - rc-util "^5.32.0" - scroll-into-view-if-needed "^3.0.3" - throttle-debounce "^5.0.0" + rc-util "^5.22.5" + scroll-into-view-if-needed "^2.2.25" anymatch@^2.0.0: version "2.0.0" @@ -2513,27 +2384,26 @@ arg@^4.1.0: "argo-ui@git+https://github.com/argoproj/argo-ui.git": version "1.0.0" - resolved "git+https://github.com/argoproj/argo-ui.git#13cea62a4a0e4a14a2dd6908490e1e907709aa86" + resolved "git+https://github.com/argoproj/argo-ui.git#6107e270e7090cf9af37bf43d017dbd17d3d9130" dependencies: - "@fortawesome/fontawesome-free" "^6.2.1" - "@tippy.js/react" "^3.1.1" - antd "^5.6.1" + "@fortawesome/fontawesome-free" "^6.1.1" + "@tippy.js/react" "^2.2.3" + antd "^4.21.3" classnames "^2.2.6" - core-js "^3.30.2" + core-js "^3.22.0" foundation-sites "^6.4.3" history "^4.10.1" - moment "^2.29.4" + moment "^2.29.2" moment-timezone "^0.5.34" prop-types "^15.8.1" react-autocomplete "1.8.1" react-form "^2.16.0" react-helmet "^6.1.0" react-router-dom "^4.2.2" - react-toastify "9.0.8" - rxjs "^7.5.6" + react-toastify "^9.0.8" + rxjs "^7.5.5" typescript "^4.8.3" - uuid "^9.0.0" - xterm "^4.19.0" + xterm "^4.18.0" xterm-addon-fit "^0.5.0" argparse@^1.0.7: @@ -2855,7 +2725,7 @@ browser-process-hrtime@^1.0.0: resolved "https://registry.yarnpkg.com/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz#3c9b4b7d782c8121e56f10106d84c0d0ffc94626" integrity sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow== -browserslist@^4.14.5, browserslist@^4.16.6, browserslist@^4.17.5, browserslist@^4.6.0: +browserslist@^4.14.5, browserslist@^4.17.5: version "4.20.2" resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.20.2.tgz#567b41508757ecd904dab4d1c646c612cd3d4f88" integrity sha512-CQOBCqp/9pDvDbx3xfMi+86pr4KXIf2FDkTTdeuYw8OxS9t898LA1Khq57gtufFILXpfgsSx5woNgsBgvGjpsA== @@ -2866,6 +2736,17 @@ browserslist@^4.14.5, browserslist@^4.16.6, browserslist@^4.17.5, browserslist@^ node-releases "^2.0.2" picocolors "^1.0.0" +browserslist@^4.16.6, browserslist@^4.6.0: + version "4.16.6" + resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.16.6.tgz#d7901277a5a88e554ed305b183ec9b0c08f66fa2" + integrity sha512-Wspk/PqO+4W9qp5iUTJsa1B/QrYn1keNCcEP5OvP7WBwT4KaDly0uONYmC6Xa3Z5IqnUgS0KcgLYu1l74x0ZXQ== + dependencies: + caniuse-lite "^1.0.30001219" + colorette "^1.2.2" + electron-to-chromium "^1.3.723" + escalade "^3.1.1" + node-releases "^1.1.71" + bs-logger@0.x: version "0.2.6" resolved "https://registry.yarnpkg.com/bs-logger/-/bs-logger-0.2.6.tgz#eb7d365307a72cf974cc6cda76b68354ad336bd8" @@ -2987,6 +2868,11 @@ camelcase@^6.2.0: resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.3.0.tgz#5685b95eb209ac9c0c177467778c9c84df58ba9a" integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA== +caniuse-lite@^1.0.30001219: + version "1.0.30001243" + resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001243.tgz#d9250155c91e872186671c523f3ae50cfc94a3aa" + integrity sha512-vNxw9mkTBtkmLFnJRv/2rhs1yufpDfCkBZexG3Y0xdOH2Z/eE/85E4Dl5j1YUN34nZVsSp6vVRFQRrez9wJMRA== + caniuse-lite@^1.0.30001317: version "1.0.30001319" resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001319.tgz#eb4da4eb3ecdd409f7ba1907820061d56096e88f" @@ -3097,11 +2983,6 @@ classnames@^2.2.5, classnames@^2.2.6: resolved "https://registry.yarnpkg.com/classnames/-/classnames-2.2.6.tgz#43935bffdd291f326dad0a205309b38d00f650ce" integrity sha512-JR/iSQOSt+LQIWwrwEzJ9uk0xfN3mTVYMwt1Ir5mUcSN6pU+V4zQFFaJsclJbPuAUQH+yfWef6tm7l1quW3C8Q== -classnames@^2.3.2: - version "2.3.2" - resolved "https://registry.yarnpkg.com/classnames/-/classnames-2.3.2.tgz#351d813bf0137fcc6a76a16b88208d2560a0d924" - integrity sha512-CSbhY4cFEJRe6/GQzIk5qXZ4Jeg5pcsP7b5peFSDpffpe1cqjASH/n9UTjBwOp6XpMSTwQ8Za2K5V02ueA7Tmw== - clean-css@^5.2.2: version "5.2.4" resolved "https://registry.yarnpkg.com/clean-css/-/clean-css-5.2.4.tgz#982b058f8581adb2ae062520808fb2429bd487a4" @@ -3147,16 +3028,16 @@ co@^4.6.0: resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" integrity sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ= -codecov@^3.8.3: - version "3.8.3" - resolved "https://registry.yarnpkg.com/codecov/-/codecov-3.8.3.tgz#9c3e364b8a700c597346ae98418d09880a3fdbe7" - integrity sha512-Y8Hw+V3HgR7V71xWH2vQ9lyS358CbGCldWlJFR0JirqoGtOoas3R3/OclRTvgUYFK29mmJICDPauVKmpqbwhOA== +codecov@^3.7.2: + version "3.7.2" + resolved "https://registry.yarnpkg.com/codecov/-/codecov-3.7.2.tgz#998e68c8c1ef4b55cfcf11cd456866d35e13d693" + integrity sha512-fmCjAkTese29DUX3GMIi4EaKGflHa4K51EoMc29g8fBHawdk/+KEq5CWOeXLdd9+AT7o1wO4DIpp/Z1KCqCz1g== dependencies: argv "0.0.2" - ignore-walk "3.0.4" - js-yaml "3.14.1" - teeny-request "7.1.1" - urlgrey "1.0.0" + ignore-walk "3.0.3" + js-yaml "3.13.1" + teeny-request "6.0.1" + urlgrey "0.4.4" collect-v8-coverage@^1.0.0: version "1.0.1" @@ -3283,10 +3164,10 @@ compression@^1.7.4: safe-buffer "5.1.2" vary "~1.1.2" -compute-scroll-into-view@^3.0.2: - version "3.0.3" - resolved "https://registry.yarnpkg.com/compute-scroll-into-view/-/compute-scroll-into-view-3.0.3.tgz#c418900a5c56e2b04b885b54995df164535962b1" - integrity sha512-nadqwNxghAGTamwIqQSG433W6OADZx2vCo3UXHNrzTRHK/htu+7+L0zhjEoaeaQVNAi3YgqWDv8+tzf0hRfR+A== +compute-scroll-into-view@^1.0.17: + version "1.0.17" + resolved "https://registry.yarnpkg.com/compute-scroll-into-view/-/compute-scroll-into-view-1.0.17.tgz#6a88f18acd9d42e9cf4baa6bec7e0522607ab7ab" + integrity sha512-j4dx+Fb0URmzbwwMUrhqWM2BEWHdFGx+qZ9qqASHRPqvTYdqvWnHg0H1hIbcyLnvgnoNAVMlwkepyqM3DaIFUg== concat-map@0.0.1: version "0.0.1" @@ -3367,17 +3248,17 @@ core-js-compat@^3.1.1: integrity sha512-Wp+BJVvwopjI+A1EFqm2dwUmWYXrvucmtIB2LgXn/Rb+gWPKYxtmb4GKHGKG/KGF1eK9jfjzT38DITbTOCX/SQ== dependencies: browserslist "^4.16.6" - semver "^7.3.5" + semver "7.0.0" core-js@^2.4.0: version "2.6.12" resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.6.12.tgz#d9333dfa7b065e347cc5682219d6f690859cc2ec" integrity sha512-Kb2wC0fvsWfQrgk8HU5lW6U/Lcs8+9aaYcy4ZFc6DDlo4nZ7n70dEgE5rtR0oG6ufKDUnrwfWL1mXR5ljDatrQ== -core-js@^3.30.2: - version "3.30.2" - resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.30.2.tgz#6528abfda65e5ad728143ea23f7a14f0dcf503fc" - integrity sha512-uBJiDmwqsbJCWHAwjrx3cvjbMXP7xD72Dmsn5LOJpiRmE3WbBbN5rCqQ2Qh6Ek6/eOrjlWngEynBWo4VxerQhg== +core-js@^3.22.0: + version "3.25.0" + resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.25.0.tgz#be71d9e0dd648ffd70c44a7ec2319d039357eceb" + integrity sha512-CVU1xvJEfJGhyCpBrzzzU1kjCfgsGUxhEvwUV2e/cOedYWHdmluamx+knDnmhqALddMG16fZvIqvs9aijsHHaA== core-util-is@~1.0.0: version "1.0.2" @@ -3486,11 +3367,6 @@ cssstyle@^2.3.0: dependencies: cssom "~0.3.6" -csstype@^3.0.10: - version "3.1.2" - resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.2.tgz#1d4bf9d572f11c14031f0436e1c10bc1f571f50b" - integrity sha512-I7K1Uu0MBPzaFKg4nI5Q7Vs2t+3gWWW648spaF+Rg7pI9ds18Ugn+lvg4SHczUdKlHI5LWBXyqfS8+DufyBsgQ== - csstype@^3.0.2: version "3.0.8" resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.0.8.tgz#d2266a792729fb227cd216fb572f43728e1ad340" @@ -3513,17 +3389,15 @@ data-urls@^2.0.0: whatwg-mimetype "^2.3.0" whatwg-url "^8.0.0" -date-fns@^2.30.0: - version "2.30.0" - resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.30.0.tgz#f367e644839ff57894ec6ac480de40cae4b0f4d0" - integrity sha512-fnULvOpxnC5/Vg3NCiWelDsLiUc9bRwAPs/+LfTLNvetFCtCTN+yQz15C/fs4AwX1R9K5GLtLfn8QW+dWisaAw== - dependencies: - "@babel/runtime" "^7.21.0" +date-fns@2.x: + version "2.28.0" + resolved "https://registry.yarnpkg.com/date-fns/-/date-fns-2.28.0.tgz#9570d656f5fc13143e50c975a3b6bbeb46cd08b2" + integrity sha512-8d35hViGYx/QH0icHYCeLmsLmMUheMmTyV9Fcm6gvNwdw31yXXH+O85sOBJ+OLnLQMKZowvpKb6FgMIQjcpvQw== -dayjs@^1.11.1: - version "1.11.8" - resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.11.8.tgz#4282f139c8c19dd6d0c7bd571e30c2d0ba7698ea" - integrity sha512-LcgxzFoWMEPO7ggRv1Y2N31hUf2R0Vj7fuy/m+Bg1K8rr+KAs1AEy4y9jd5DXe8pbHgX+srkHNS7TH6Q6ZhYeQ== +dayjs@1.x: + version "1.10.7" + resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.10.7.tgz#2cf5f91add28116748440866a0a1d26f3a6ce468" + integrity sha512-P6twpd70BcPK34K26uJ1KT3wlhpuOAPoMwJzpsIWUxHZ7wpmbdZL/hQqBDfz7hGurYSa5PhzdhDHtt319hL3ig== debug@2.6.9, debug@^2.2.0, debug@^2.3.3: version "2.6.9" @@ -3823,6 +3697,11 @@ ee-first@1.1.1: resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow== +electron-to-chromium@^1.3.723: + version "1.3.772" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.772.tgz#fd1ed39f9f3149f62f581734e4f026e600369479" + integrity sha512-X/6VRCXWALzdX+RjCtBU6cyg8WZgoxm9YA02COmDOiNJEZ59WkQggDbWZ4t/giHi/3GS+cvdrP6gbLISANAGYA== + electron-to-chromium@^1.4.84: version "1.4.89" resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.4.89.tgz#33c06592812a17a7131873f4596579084ce33ff8" @@ -3860,10 +3739,10 @@ end-of-stream@^1.1.0: dependencies: once "^1.4.0" -enhanced-resolve@^5.14.1: - version "5.14.1" - resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-5.14.1.tgz#de684b6803724477a4af5d74ccae5de52c25f6b3" - integrity sha512-Vklwq2vDKtl0y/vtwjSesgJ5MYS7Etuk5txS8VdKL4AOS1aUlD96zqIfsOSLQsdv3xgMRbtkWM8eG9XDfKUPow== +enhanced-resolve@^5.9.2: + version "5.9.2" + resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-5.9.2.tgz#0224dcd6a43389ebfb2d55efee517e5466772dd9" + integrity sha512-GIm3fQfwLJ8YZx2smuHpBKkXC1yOk+OBEmKckVyL0i/ea8mqDEykK3ld5dgH1QYPNyT/lIllxV2LULnxCHaHkA== dependencies: graceful-fs "^4.2.4" tapable "^2.2.0" @@ -3897,10 +3776,10 @@ es-module-lexer@^0.10.5: resolved "https://registry.yarnpkg.com/es-module-lexer/-/es-module-lexer-0.10.5.tgz#06f76d51fa53b1f78e3bd8bb36dd275eda2fdd53" integrity sha512-+7IwY/kiGAacQfY+YBhKMvEmyAJnw5grTUgjG85Pe7vcUI/6b7pZjZG8nQ7+48YhzEAEqrEgD2dCz/JIK+AYvw== -es-module-lexer@^1.2.1: - version "1.2.1" - resolved "https://registry.yarnpkg.com/es-module-lexer/-/es-module-lexer-1.2.1.tgz#ba303831f63e6a394983fde2f97ad77b22324527" - integrity sha512-9978wrXM50Y4rTMmW5kXIC09ZdXQZqkE4mxhwkd8VbzsGkXGPgV4zWuqQJgCEzYngdo2dYDa0l8xhX4fkSwJSg== +es-module-lexer@^0.9.0: + version "0.9.3" + resolved "https://registry.yarnpkg.com/es-module-lexer/-/es-module-lexer-0.9.3.tgz#6f13db00cc38417137daf74366f535c8eb438f19" + integrity sha512-1HQ2M2sPtxwnvOvT1ZClHyQDiggdNjURWpY2we6aMKCQiUVxTmVs2UYPLIrD84sS+kMdUwfBSylbJPwNnBrnHQ== es6-promise@^3.2.1: version "3.3.1" @@ -4433,13 +4312,6 @@ fast-safe-stringify@^2.1.1: resolved "https://registry.yarnpkg.com/fast-safe-stringify/-/fast-safe-stringify-2.1.1.tgz#c406a83b6e70d9e35ce3b30a81141df30aeba884" integrity sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA== -fast-url-parser@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/fast-url-parser/-/fast-url-parser-1.1.3.tgz#f4af3ea9f34d8a271cf58ad2b3759f431f0b318d" - integrity sha512-5jOCVXADYNuRkKFzNJ0dCCewsZiYo0dz8QNYljkOpFC6r2U4OBmKtvm/Tsuh4w1YYdDqDb31a8TVhBJ2OJKdqQ== - dependencies: - punycode "^1.3.2" - fastest-levenshtein@^1.0.12: version "1.0.12" resolved "https://registry.yarnpkg.com/fastest-levenshtein/-/fastest-levenshtein-1.0.12.tgz#9990f7d3a88cc5a9ffd1f1745745251700d497e2" @@ -4582,10 +4454,15 @@ forwarded@0.2.0: resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.2.0.tgz#2269936428aad4c15c7ebe9779a84bf0b2a81811" integrity sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow== -foundation-sites@^6.4.3, foundation-sites@^6.7.5: - version "6.7.5" - resolved "https://registry.yarnpkg.com/foundation-sites/-/foundation-sites-6.7.5.tgz#6bc2bdd06819e6ed4d7fd8e3090246a0b6ac81c0" - integrity sha512-MEjAENdF/IV2XQvlQmg20o+iDTyyWu0N/j440e8fKbEylbKxARzgg5S7vcnxtjukC1Lqg+rRm7ZDSSyGhVVoUQ== +foundation-sites@^6.4.3: + version "6.5.3" + resolved "https://registry.yarnpkg.com/foundation-sites/-/foundation-sites-6.5.3.tgz#85373aaed72233ca0d16fdfcb034e976cc6943c9" + integrity sha512-ZwI0idjHHjezh6jRjpPxkczvmtUuJ1uGatZHpyloX0MvsFHfM0BFoxrqdXryXugGPdmb+yJi3JYMnz6+5t3K1A== + +foundation-sites@^6.7.4: + version "6.7.4" + resolved "https://registry.yarnpkg.com/foundation-sites/-/foundation-sites-6.7.4.tgz#495ddb3b7014ae33df3bf7cc1f9fe74b2cfd572e" + integrity sha512-2QPaZJ0Od0DyklhQyKC3zPbr8AAUXSkr1scZJrQTgj/KTLresuCgUBfi7ft32NlOWhuqVXisjOgTE8N5EPS3cg== fragment-cache@^0.2.1: version "0.2.1" @@ -4995,6 +4872,14 @@ http2-client@^1.2.5: resolved "https://registry.yarnpkg.com/http2-client/-/http2-client-1.3.3.tgz#90fc15d646cca86956b156d07c83947d57d659a9" integrity sha512-nUxLymWQ9pzkzTmir24p2RtsgruLmhje7lH3hLX1IpwvyTg77fW+1brenPPP3USAR+rQ36p5sTA/x7sjCJVkAA== +https-proxy-agent@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-4.0.0.tgz#702b71fb5520a132a66de1f67541d9e62154d82b" + integrity sha512-zoDhWrkR3of1l9QAL8/scJZyLu8j/gBkcwcaQOZh7Gyh/+uJQzGVETdgT30akuwkpL8HTRfssqI3BZuV18teDg== + dependencies: + agent-base "5" + debug "4" + https-proxy-agent@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz#e2a90542abb68a762e0a0850f6c9edadfd8506b2" @@ -5032,10 +4917,10 @@ ieee754@^1.2.1: resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA== -ignore-walk@3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/ignore-walk/-/ignore-walk-3.0.4.tgz#c9a09f69b7c7b479a5d74ac1a3c0d4236d2a6335" - integrity sha512-PY6Ii8o1jMRA1z4F2hRkH/xN59ox43DavKvD3oDpfurRlOJyAHpifIwpbdv1n4jt4ov0jSpw3kQ4GhJnpBL6WQ== +ignore-walk@3.0.3: + version "3.0.3" + resolved "https://registry.yarnpkg.com/ignore-walk/-/ignore-walk-3.0.3.tgz#017e2447184bfeade7c238e4aefdd1e8f95b1e37" + integrity sha512-m7o6xuOaT1aqheYHKf8W6J5pYH85ZI9w077erOzLje3JsB1gkafkAhHHY19dqjulgIZHFm32Cp5uNZgcQqdJKw== dependencies: minimatch "^3.0.4" @@ -5953,7 +5838,15 @@ js-levenshtein@^1.1.3, js-levenshtein@^1.1.6: resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== -js-yaml@3.14.1, js-yaml@^3.13.1, js-yaml@^3.14.1, js-yaml@^3.9.0: +js-yaml@3.13.1, js-yaml@^3.13.1, js-yaml@^3.9.0: + version "3.13.1" + resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.1.tgz#aff151b30bfdfa8e49e05da22e7415e9dfa37847" + integrity sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw== + dependencies: + argparse "^1.0.7" + esprima "^4.0.0" + +js-yaml@^3.14.1: version "3.14.1" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537" integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g== @@ -6018,12 +5911,12 @@ json-merge-patch@^0.2.3: dependencies: deep-equal "^1.0.0" -json-parse-better-errors@^1.0.1: +json-parse-better-errors@^1.0.1, json-parse-better-errors@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz#bb867cfb3450e69107c131d1c514bab3dc8bcaa9" integrity sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw== -json-parse-even-better-errors@^2.3.0, json-parse-even-better-errors@^2.3.1: +json-parse-even-better-errors@^2.3.0: version "2.3.1" resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d" integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w== @@ -6281,6 +6174,11 @@ memfs@^3.4.1: dependencies: fs-monkey "1.0.3" +memoize-one@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/memoize-one/-/memoize-one-6.0.0.tgz#b2591b871ed82948aee4727dc6abceeeac8c1045" + integrity sha512-rkpe71W0N0c0Xz6QD0eJETuWAJGnJ9afsl1srmwPrI+yBCkge5EycXXbYRyvL29zZVUWQCY7InPRCv3GDXuZNw== + merge-descriptors@1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/merge-descriptors/-/merge-descriptors-1.0.1.tgz#b00aaa556dd8b44568150ec9d1b953f3f90cbb61" @@ -6336,17 +6234,24 @@ micromatch@^4.0.4: braces "^3.0.1" picomatch "^2.2.3" +mime-db@1.48.0, "mime-db@>= 1.43.0 < 2": + version "1.48.0" + resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.48.0.tgz#e35b31045dd7eada3aaad537ed88a33afbef2d1d" + integrity sha512-FM3QwxV+TnZYQ2aRqhlKBMHxk10lTbMt3bBkMAp54ddrNeVSfcQYOOKuGuy3Ddrm38I04If834fOUSq1yzslJQ== + mime-db@1.52.0: version "1.52.0" resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70" integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg== -"mime-db@>= 1.43.0 < 2": - version "1.48.0" - resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.48.0.tgz#e35b31045dd7eada3aaad537ed88a33afbef2d1d" - integrity sha512-FM3QwxV+TnZYQ2aRqhlKBMHxk10lTbMt3bBkMAp54ddrNeVSfcQYOOKuGuy3Ddrm38I04If834fOUSq1yzslJQ== +mime-types@^2.1.12, mime-types@~2.1.17: + version "2.1.31" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.31.tgz#a00d76b74317c61f9c2db2218b8e9f8e9c5c9e6b" + integrity sha512-XGZnNzm3QvgKxa8dpzyhFTHmpP3l5YNusmne07VUOXxou9CqUqYa/HBy124RqtVh/O2pECas/MOcsDgpilPOPg== + dependencies: + mime-db "1.48.0" -mime-types@^2.1.12, mime-types@^2.1.27, mime-types@^2.1.31, mime-types@~2.1.17, mime-types@~2.1.24, mime-types@~2.1.34: +mime-types@^2.1.27, mime-types@^2.1.31, mime-types@~2.1.24, mime-types@~2.1.34: version "2.1.35" resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.35.tgz#381a871b62a734450660ae3deee44813f70d959a" integrity sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw== @@ -6467,7 +6372,7 @@ moment-timezone@^0.5.34: dependencies: moment ">= 2.9.0" -"moment@>= 2.9.0", moment@^2.29.4: +"moment@>= 2.9.0", moment@^2.24.0, moment@^2.29.2, moment@^2.29.4: version "2.29.4" resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.4.tgz#3dbe052889fe7c1b2ed966fcb3a77328964ef108" integrity sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w== @@ -6569,7 +6474,7 @@ node-fetch-h2@^2.3.0: dependencies: http2-client "^1.2.5" -node-fetch@^2.6.1: +node-fetch@^2.2.0, node-fetch@^2.6.1: version "2.6.7" resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad" integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ== @@ -6598,6 +6503,11 @@ node-readfiles@^0.2.0: dependencies: es6-promise "^3.2.1" +node-releases@^1.1.71: + version "1.1.73" + resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.73.tgz#dd4e81ddd5277ff846b80b52bb40c49edf7a7b20" + integrity sha512-uW7fodD6pyW2FZNZnp/Z3hvWKeEW1Y8R1+1CnErE8cXFXzl5blBOoVB41CvMer6P6Q0S5FXDwcHgFd1Wj0U9zg== + node-releases@^2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-2.0.2.tgz#7139fe71e2f4f11b47d4d2986aaf8c48699e0c01" @@ -7047,7 +6957,7 @@ polished@^4.1.3: dependencies: "@babel/runtime" "^7.16.7" -popper.js@^1.16.0: +popper.js@^1.14.7: version "1.16.1" resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.16.1.tgz#2a223cb3dc7b6213d740e40372be40de43e65b1b" integrity sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ== @@ -7267,21 +7177,11 @@ punycode@1.3.2: resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.3.2.tgz#9653a036fb7c1ee42342f2325cceefea3926c48d" integrity sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0= -punycode@^1.3.2: - version "1.4.1" - resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e" - integrity sha512-jmYNElW7yvO7TV33CjSmvSiE2yco3bV2czu/OzDKdMNVZQWfxCblURLhf+47syQRBntjfLdd/H0egrzIG+oaFQ== - punycode@^2.1.0, punycode@^2.1.1: version "2.1.1" resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec" integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A== -qrcode.react@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/qrcode.react/-/qrcode.react-3.1.0.tgz#5c91ddc0340f768316fbdb8fff2765134c2aecd8" - integrity sha512-oyF+Urr3oAMUG/OiOuONL3HXM+53wvuH3mtIWQrYmsXoAq0DkvZp2RYUWFSMFtbdOpuS++9v+WAkzNVkMlNW6Q== - qs@6.9.7: version "6.9.7" resolved "https://registry.npmjs.org/qs/-/qs-6.9.7.tgz#4610846871485e1e048f44ae3b94033f0e675afe" @@ -7299,11 +7199,6 @@ querystring@0.2.0: resolved "https://registry.yarnpkg.com/querystring/-/querystring-0.2.0.tgz#b209849203bb25df820da756e747005878521620" integrity sha1-sgmEkgO7Jd+CDadW50cAWHhSFiA= -querystringify@^2.1.1: - version "2.2.0" - resolved "https://registry.yarnpkg.com/querystringify/-/querystringify-2.2.0.tgz#3345941b4153cb9d082d8eee4cda2016a9aef7f6" - integrity sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ== - queue-microtask@^1.2.2: version "1.2.3" resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243" @@ -7348,135 +7243,130 @@ rc-align@^4.0.0: rc-util "^5.3.0" resize-observer-polyfill "^1.5.1" -rc-cascader@~3.12.0: - version "3.12.0" - resolved "https://registry.yarnpkg.com/rc-cascader/-/rc-cascader-3.12.0.tgz#709fdbede6c36f7e62d0daea76ba76b825cc7182" - integrity sha512-QTeGPTNYX33alozNy9lYg7YKpvYVwquai/mrFRR8mHlHnK7QlqJyMqbs2p7rc5eeKARKMRTUeoN5CfO+Gr9UBw== +rc-cascader@~3.6.0: + version "3.6.2" + resolved "https://registry.yarnpkg.com/rc-cascader/-/rc-cascader-3.6.2.tgz#2b5c108807234898cd9a0366d0626f786b7b5622" + integrity sha512-sf2otpazlROTzkD3nZVfIzXmfBLiEOBTXA5wxozGXBpS902McDpvF0bdcYBu5hN+rviEAm6Mh9cLXNQ1Ty8wKQ== dependencies: "@babel/runtime" "^7.12.5" array-tree-filter "^2.1.0" classnames "^2.3.1" - rc-select "~14.5.0" - rc-tree "~5.7.0" + rc-select "~14.1.0" + rc-tree "~5.6.3" rc-util "^5.6.1" -rc-checkbox@~3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/rc-checkbox/-/rc-checkbox-3.1.0.tgz#6be0d9d8de2cc96fb5e37f9036a1c3e360d0a42d" - integrity sha512-PAwpJFnBa3Ei+5pyqMMXdcKYKNBMS+TvSDiLdDnARnMJHC8ESxwPfm4Ao1gJiKtWLdmGfigascnCpwrHFgoOBQ== +rc-checkbox@~2.3.0: + version "2.3.2" + resolved "https://registry.yarnpkg.com/rc-checkbox/-/rc-checkbox-2.3.2.tgz#f91b3678c7edb2baa8121c9483c664fa6f0aefc1" + integrity sha512-afVi1FYiGv1U0JlpNH/UaEXdh6WUJjcWokj/nUN2TgG80bfG+MDdbfHKlLcNNba94mbjy2/SXJ1HDgrOkXGAjg== dependencies: "@babel/runtime" "^7.10.1" - classnames "^2.3.2" - rc-util "^5.25.2" + classnames "^2.2.1" -rc-collapse@~3.7.0: - version "3.7.0" - resolved "https://registry.yarnpkg.com/rc-collapse/-/rc-collapse-3.7.0.tgz#75116b7142371940ff9fdce61a9e48561b53bbfc" - integrity sha512-Cir1c89cENiK5wryd9ut+XltrIfx/+KH1/63uJIVjuXkgfrIvIy6W1fYGgEYtttbHW2fEfxg1s31W+Vm98fSRw== +rc-collapse@~3.3.0: + version "3.3.1" + resolved "https://registry.yarnpkg.com/rc-collapse/-/rc-collapse-3.3.1.tgz#fc66d4c9cfeaf41e932b2de6da2d454874aee55a" + integrity sha512-cOJfcSe3R8vocrF8T+PgaHDrgeA1tX+lwfhwSj60NX9QVRidsILIbRNDLD6nAzmcvVC5PWiIRiR4S1OobxdhCg== dependencies: "@babel/runtime" "^7.10.1" classnames "2.x" rc-motion "^2.3.4" - rc-util "^5.27.0" + rc-util "^5.2.1" + shallowequal "^1.1.0" -rc-dialog@~9.1.0: - version "9.1.0" - resolved "https://registry.yarnpkg.com/rc-dialog/-/rc-dialog-9.1.0.tgz#6bf6fcc0453503b7643e54a5a445e835e3850649" - integrity sha512-5ry+JABAWEbaKyYsmITtrJbZbJys8CtMyzV8Xn4LYuXMeUx5XVHNyJRoqLFE4AzBuXXzOWeaC49cg+XkxK6kHA== +rc-dialog@~8.9.0: + version "8.9.0" + resolved "https://registry.yarnpkg.com/rc-dialog/-/rc-dialog-8.9.0.tgz#04dc39522f0321ed2e06018d4a7e02a4c32bd3ea" + integrity sha512-Cp0tbJnrvPchJfnwIvOMWmJ4yjX3HWFatO6oBFD1jx8QkgsQCR0p8nUWAKdd3seLJhEC39/v56kZaEjwp9muoQ== dependencies: "@babel/runtime" "^7.10.1" - "@rc-component/portal" "^1.0.0-8" classnames "^2.2.6" rc-motion "^2.3.0" rc-util "^5.21.0" -rc-drawer@~6.2.0: - version "6.2.0" - resolved "https://registry.yarnpkg.com/rc-drawer/-/rc-drawer-6.2.0.tgz#fddf4825b0fa9d60e317b996f70278d594d1f668" - integrity sha512-spPkZ3WvP0U0vy5dyzSwlUJ/+vLFtjP/cTwSwejhQRoDBaexSZHsBhELoCZcEggI7LQ7typmtG30lAue2HEhvA== +rc-drawer@~5.1.0: + version "5.1.0" + resolved "https://registry.yarnpkg.com/rc-drawer/-/rc-drawer-5.1.0.tgz#c1b8a46e5c064ba46a16233fbcfb1ccec6a73c10" + integrity sha512-pU3Tsn99pxGdYowXehzZbdDVE+4lDXSGb7p8vA9mSmr569oc2Izh4Zw5vLKSe/Xxn2p5MSNbLVqD4tz+pK6SOw== dependencies: "@babel/runtime" "^7.10.1" - "@rc-component/portal" "^1.1.1" classnames "^2.2.6" rc-motion "^2.6.1" rc-util "^5.21.2" -rc-dropdown@~4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/rc-dropdown/-/rc-dropdown-4.1.0.tgz#418a68939631520de80d0865d02b440eeeb4168e" - integrity sha512-VZjMunpBdlVzYpEdJSaV7WM7O0jf8uyDjirxXLZRNZ+tAC+NzD3PXPEtliFwGzVwBBdCmGuSqiS9DWcOLxQ9tw== +rc-dropdown@~4.0.0: + version "4.0.1" + resolved "https://registry.yarnpkg.com/rc-dropdown/-/rc-dropdown-4.0.1.tgz#f65d9d3d89750241057db59d5a75e43cd4576b68" + integrity sha512-OdpXuOcme1rm45cR0Jzgfl1otzmU4vuBVb+etXM8vcaULGokAKVpKlw8p6xzspG7jGd/XxShvq+N3VNEfk/l5g== dependencies: "@babel/runtime" "^7.18.3" - "@rc-component/trigger" "^1.7.0" classnames "^2.2.6" + rc-trigger "^5.3.1" rc-util "^5.17.0" -rc-field-form@~1.32.0: - version "1.32.2" - resolved "https://registry.yarnpkg.com/rc-field-form/-/rc-field-form-1.32.2.tgz#9d0cb20af265d5ed31e3bb9384096736c4a2fbc3" - integrity sha512-SzqG1YGyD2P42ztZJ7qoPQp6FV9bD51RUdKGG/5xwybU1wbFdgWTqiMXkS8UR9L4GwXVMKh5PaF2I4EBXd/Rng== +rc-field-form@~1.27.0: + version "1.27.1" + resolved "https://registry.yarnpkg.com/rc-field-form/-/rc-field-form-1.27.1.tgz#11d61ccb43679e71fdbbff0d821326202554df84" + integrity sha512-RShegnwFu6TH8tl2olCxn+B4Wyh5EiQH8c/7wucbkLNyue05YiH5gomUAg1vbZjp71yFKwegClctsEG5CNBWAA== dependencies: "@babel/runtime" "^7.18.0" async-validator "^4.1.0" - rc-util "^5.32.2" + rc-util "^5.8.0" -rc-image@~5.17.1: - version "5.17.1" - resolved "https://registry.yarnpkg.com/rc-image/-/rc-image-5.17.1.tgz#71835b12c30fcef533de0dbbbaf13caa86454612" - integrity sha512-oR4eviLyQxd/5A7pn843w2/Z1wuBA27L2lS4agq0sjl2z97ssNIVEzRzgwgB0ZxVZG/qSu9Glit2Zgzb/n+blQ== +rc-image@~5.7.0: + version "5.7.1" + resolved "https://registry.yarnpkg.com/rc-image/-/rc-image-5.7.1.tgz#678dc014845954c30237808c00c7b12e5f2a0b07" + integrity sha512-QyMfdhoUfb5W14plqXSisaYwpdstcLYnB0MjX5ccIK2rydQM9sDPuekQWu500DDGR2dBaIF5vx9XbWkNFK17Fg== dependencies: "@babel/runtime" "^7.11.2" - "@rc-component/portal" "^1.0.2" classnames "^2.2.6" - rc-dialog "~9.1.0" - rc-motion "^2.6.2" + rc-dialog "~8.9.0" rc-util "^5.0.6" -rc-input-number@~7.4.0: - version "7.4.2" - resolved "https://registry.yarnpkg.com/rc-input-number/-/rc-input-number-7.4.2.tgz#7c52d26b986461aa16e486d469dc0476d97c6ea3" - integrity sha512-yGturTw7WGP+M1GbJ+UTAO7L4buxeW6oilhL9Sq3DezsRS8/9qec4UiXUbeoiX9bzvRXH11JvgskBtxSp4YSNg== +rc-input-number@~7.3.5: + version "7.3.7" + resolved "https://registry.yarnpkg.com/rc-input-number/-/rc-input-number-7.3.7.tgz#a5463770f06641388675d32b4ae88958b5ededf9" + integrity sha512-W9jDwfhJyNjg0iZX401r0GctTGX4ETURzF6SisC42GR0AkJxtaPD89eGwbTdAudUjEx0Pkn2rGmfvVGGdQACKA== dependencies: "@babel/runtime" "^7.10.1" - "@rc-component/mini-decimal" "^1.0.1" classnames "^2.2.5" - rc-util "^5.28.0" + rc-util "^5.23.0" -rc-input@~1.0.0, rc-input@~1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/rc-input/-/rc-input-1.0.4.tgz#2f2c73c884f41e80685bb2eb7b9d5533e8540a77" - integrity sha512-clY4oneVHRtKHYf/HCxT/MO+4BGzCIywSNLosXWOm7fcQAS0jQW7n0an8Raa8JMB8kpxc8m28p7SNwFZmlMj6g== +rc-input@~0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/rc-input/-/rc-input-0.1.2.tgz#7d6a0858a5f1fd89f78020cf6f13d672778481b1" + integrity sha512-ZPmwcFspgfYpUfbSx3KnLk9gImBcLOrlQCr4oTJ4jBoIXgJLTfm26yelzRgBJewhkvD8uJbgX0sQ/yOzuOHnJg== dependencies: "@babel/runtime" "^7.11.1" classnames "^2.2.1" rc-util "^5.18.1" -rc-mentions@~2.3.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/rc-mentions/-/rc-mentions-2.3.0.tgz#bb457c9664093be82baf33628b145f7c2bd49577" - integrity sha512-gNpsSKsBHSXvyAA1ZowVTqXSWUIw7+OI9wmjL87KcYURvtm9nDo8R0KtOc2f1PT7q9McUpFzhm6AvQdIly0aRA== +rc-mentions@~1.9.1: + version "1.9.2" + resolved "https://registry.yarnpkg.com/rc-mentions/-/rc-mentions-1.9.2.tgz#f264ebc4ec734dad9edc8e078b65ab3586d94a7b" + integrity sha512-uxb/lzNnEGmvraKWNGE6KXMVXvt8RQv9XW8R0Dqi3hYsyPiAZeHRCHQKdLARuk5YBhFhZ6ga55D/8XuY367g3g== dependencies: "@babel/runtime" "^7.10.1" - "@rc-component/trigger" "^1.5.0" classnames "^2.2.6" - rc-input "~1.0.0" - rc-menu "~9.9.0" - rc-textarea "~1.2.0" + rc-menu "~9.6.0" + rc-textarea "^0.3.0" + rc-trigger "^5.0.4" rc-util "^5.22.5" -rc-menu@~9.9.0, rc-menu@~9.9.2: - version "9.9.2" - resolved "https://registry.yarnpkg.com/rc-menu/-/rc-menu-9.9.2.tgz#733aa5b794bd801577726e448b6cfeda0436e1e5" - integrity sha512-kVJwaQn5VUu6DIddxd/jz3QupTPg0tNYq+mpFP8wYsRF5JgzPA9fPVw+CfwlTPwA1w7gzEY42S8pj6M3uev5CQ== +rc-menu@~9.6.0, rc-menu@~9.6.3: + version "9.6.3" + resolved "https://registry.yarnpkg.com/rc-menu/-/rc-menu-9.6.3.tgz#f0373d0391a97db94147106cddffe87b1e4f4e36" + integrity sha512-KY9QilKWgkJZ0JSpOBgIpQF2wMRRodRxpIMYyIJ3Nd5N6xfVLOxXCxevHcBplt+Ez7MhUF+I03MuAKqWQJLZgw== dependencies: "@babel/runtime" "^7.10.1" - "@rc-component/trigger" "^1.6.2" classnames "2.x" rc-motion "^2.4.3" - rc-overflow "^1.2.8" - rc-util "^5.27.0" + rc-overflow "^1.2.0" + rc-trigger "^5.1.2" + rc-util "^5.12.0" + shallowequal "^1.1.0" -rc-motion@^2.0.0, rc-motion@^2.0.1, rc-motion@^2.3.0, rc-motion@^2.3.4, rc-motion@^2.4.3, rc-motion@^2.4.4: +rc-motion@^2.0.0, rc-motion@^2.0.1, rc-motion@^2.2.0, rc-motion@^2.3.0, rc-motion@^2.3.4, rc-motion@^2.4.3, rc-motion@^2.4.4: version "2.4.4" resolved "https://registry.yarnpkg.com/rc-motion/-/rc-motion-2.4.4.tgz#e995d5fa24fc93065c24f714857cf2677d655bb0" integrity sha512-ms7n1+/TZQBS0Ydd2Q5P4+wJTSOrhIrwNxLXCZpR7Fa3/oac7Yi803HDALc2hLAKaCTQtw9LmQeB58zcwOsqlQ== @@ -7485,15 +7375,6 @@ rc-motion@^2.0.0, rc-motion@^2.0.1, rc-motion@^2.3.0, rc-motion@^2.3.4, rc-motio classnames "^2.2.1" rc-util "^5.2.1" -rc-motion@^2.6.0, rc-motion@^2.7.3: - version "2.7.3" - resolved "https://registry.yarnpkg.com/rc-motion/-/rc-motion-2.7.3.tgz#126155bb3e687174fb3b92fddade2835c963b04d" - integrity sha512-2xUvo8yGHdOHeQbdI8BtBsCIrWKchEmFEIskf0nmHtJsou+meLd/JE+vnvSX2JxcBrJtXY2LuBpxAOxrbY/wMQ== - dependencies: - "@babel/runtime" "^7.11.1" - classnames "^2.2.1" - rc-util "^5.21.0" - rc-motion@^2.6.1, rc-motion@^2.6.2: version "2.6.2" resolved "https://registry.yarnpkg.com/rc-motion/-/rc-motion-2.6.2.tgz#3d31f97e41fb8e4f91a4a4189b6a98ac63342869" @@ -7503,17 +7384,17 @@ rc-motion@^2.6.1, rc-motion@^2.6.2: classnames "^2.2.1" rc-util "^5.21.0" -rc-notification@~5.0.4: - version "5.0.4" - resolved "https://registry.yarnpkg.com/rc-notification/-/rc-notification-5.0.4.tgz#4ad33d4aa291528fee9095b0be80ae41f1728a38" - integrity sha512-3535oellIRlt1LspERfK8yvCqb8Gio3R02rULciaSc1xe3H7ArTU/khlUTv1ddGzua4HhmF4D4Rwz/+mBxETvg== +rc-notification@~4.6.0: + version "4.6.0" + resolved "https://registry.yarnpkg.com/rc-notification/-/rc-notification-4.6.0.tgz#4e76fc2d0568f03cc93ac18c9e20763ebe29fa46" + integrity sha512-xF3MKgIoynzjQAO4lqsoraiFo3UXNYlBfpHs0VWvwF+4pimen9/H1DYLN2mfRWhHovW6gRpla73m2nmyIqAMZQ== dependencies: "@babel/runtime" "^7.10.1" classnames "2.x" - rc-motion "^2.6.0" + rc-motion "^2.2.0" rc-util "^5.20.1" -rc-overflow@^1.0.0: +rc-overflow@^1.0.0, rc-overflow@^1.2.0: version "1.2.2" resolved "https://registry.yarnpkg.com/rc-overflow/-/rc-overflow-1.2.2.tgz#95b0222016c0cdbdc0db85f569c262e7706a5f22" integrity sha512-X5kj9LDU1ue5wHkqvCprJWLKC+ZLs3p4He/oxjZ1Q4NKaqKBaYf5OdSzRSgh3WH8kSdrfU8LjvlbWnHgJOEkNQ== @@ -7523,48 +7404,41 @@ rc-overflow@^1.0.0: rc-resize-observer "^1.0.0" rc-util "^5.5.1" -rc-overflow@^1.2.8: - version "1.3.1" - resolved "https://registry.yarnpkg.com/rc-overflow/-/rc-overflow-1.3.1.tgz#03224cf90c66aa570eb0deeb4eff6cc96401e979" - integrity sha512-RY0nVBlfP9CkxrpgaLlGzkSoh9JhjJLu6Icqs9E7CW6Ewh9s0peF9OHIex4OhfoPsR92LR0fN6BlCY9Z4VoUtA== - dependencies: - "@babel/runtime" "^7.11.1" - classnames "^2.2.1" - rc-resize-observer "^1.0.0" - rc-util "^5.19.2" - -rc-pagination@~3.5.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/rc-pagination/-/rc-pagination-3.5.0.tgz#8692a62f3c24d8bfe58f1b3059bc5262ddce5d87" - integrity sha512-lUBVtVVUn7gGsq4mTyVpcZQr+AMcljbMiL/HcCmSdFrcsK0iZVKwwbXDxhz2IV0JXUs9Hzepr5sQFaF+9ad/pQ== +rc-pagination@~3.1.17: + version "3.1.17" + resolved "https://registry.yarnpkg.com/rc-pagination/-/rc-pagination-3.1.17.tgz#91e690aa894806e344cea88ea4a16d244194a1bd" + integrity sha512-/BQ5UxcBnW28vFAcP2hfh+Xg15W0QZn8TWYwdCApchMH1H0CxiaUUcULP8uXcFM1TygcdKWdt3JqsL9cTAfdkQ== dependencies: "@babel/runtime" "^7.10.1" classnames "^2.2.1" - rc-util "^5.32.2" -rc-picker@~3.8.2: - version "3.8.2" - resolved "https://registry.yarnpkg.com/rc-picker/-/rc-picker-3.8.2.tgz#1dc377a628cd94416e03974483daa36940a411b0" - integrity sha512-q6jnMwBoOi6tFA4xohrKIhzq80Fc3dH0Kiw5VRx6Tf1db7y27PBFCLwu6f66niXidZKD8F4R0M9VIui/jkL4cg== +rc-picker@~2.6.10: + version "2.6.10" + resolved "https://registry.yarnpkg.com/rc-picker/-/rc-picker-2.6.10.tgz#8d0a473c079388bdb2d7358a2a54c7d5095893b4" + integrity sha512-9wYtw0DFWs9FO92Qh2D76P0iojUr8ZhLOtScUeOit6ks/F+TBLrOC1uze3IOu+u9gbDAjmosNWLKbBzx/Yuv2w== dependencies: "@babel/runtime" "^7.10.1" - "@rc-component/trigger" "^1.5.0" classnames "^2.2.1" - rc-util "^5.30.0" + date-fns "2.x" + dayjs "1.x" + moment "^2.24.0" + rc-trigger "^5.0.4" + rc-util "^5.4.0" + shallowequal "^1.1.0" -rc-progress@~3.4.1: - version "3.4.2" - resolved "https://registry.yarnpkg.com/rc-progress/-/rc-progress-3.4.2.tgz#f8df9ee95e790490171ab6b31bf07303cdc79980" - integrity sha512-iAGhwWU+tsayP+Jkl9T4+6rHeQTG9kDz8JAHZk4XtQOcYN5fj9H34NXNEdRdZx94VUDHMqCb1yOIvi8eJRh67w== +rc-progress@~3.3.2: + version "3.3.3" + resolved "https://registry.yarnpkg.com/rc-progress/-/rc-progress-3.3.3.tgz#eb9bffbacab1534f2542f9f6861ce772254362b1" + integrity sha512-MDVNVHzGanYtRy2KKraEaWeZLri2ZHWIRyaE1a9MQ2MuJ09m+Wxj5cfcaoaR6z5iRpHpA59YeUxAlpML8N4PJw== dependencies: "@babel/runtime" "^7.10.1" classnames "^2.2.6" rc-util "^5.16.1" -rc-rate@~2.12.0: - version "2.12.0" - resolved "https://registry.yarnpkg.com/rc-rate/-/rc-rate-2.12.0.tgz#0182deffed3b009cdcc61660da8746c39ed91ed5" - integrity sha512-g092v5iZCdVzbjdn28FzvWebK2IutoVoiTeqoLTj9WM7SjA/gOJIw5/JFZMRyJYYVe1jLAU2UhAfstIpCNRozg== +rc-rate@~2.9.0: + version "2.9.1" + resolved "https://registry.yarnpkg.com/rc-rate/-/rc-rate-2.9.1.tgz#e43cb95c4eb90a2c1e0b16ec6614d8c43530a731" + integrity sha512-MmIU7FT8W4LYRRHJD1sgG366qKtSaKb67D0/vVvJYR0lrCuRrCiVQ5qhfT5ghVO4wuVIORGpZs7ZKaYu+KMUzA== dependencies: "@babel/runtime" "^7.10.1" classnames "^2.2.5" @@ -7590,131 +7464,144 @@ rc-resize-observer@^1.2.0: rc-util "^5.15.0" resize-observer-polyfill "^1.5.1" -rc-resize-observer@^1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/rc-resize-observer/-/rc-resize-observer-1.3.1.tgz#b61b9f27048001243617b81f95e53d7d7d7a6a3d" - integrity sha512-iFUdt3NNhflbY3mwySv5CA1TC06zdJ+pfo0oc27xpf4PIOvfZwZGtD9Kz41wGYqC4SLio93RVAirSSpYlV/uYg== - dependencies: - "@babel/runtime" "^7.20.7" - classnames "^2.2.1" - rc-util "^5.27.0" - resize-observer-polyfill "^1.5.1" - -rc-segmented@~2.2.0: - version "2.2.2" - resolved "https://registry.yarnpkg.com/rc-segmented/-/rc-segmented-2.2.2.tgz#a34f12ce6c0975fc3042ae7656bcd18e1744798e" - integrity sha512-Mq52M96QdHMsNdE/042ibT5vkcGcD5jxKp7HgPC2SRofpia99P5fkfHy1pEaajLMF/kj0+2Lkq1UZRvqzo9mSA== +rc-segmented@~2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/rc-segmented/-/rc-segmented-2.1.0.tgz#0e0afe646c1a0e44a0e18785f518c42633ec8efc" + integrity sha512-hUlonro+pYoZcwrH6Vm56B2ftLfQh046hrwif/VwLIw1j3zGt52p5mREBwmeVzXnSwgnagpOpfafspzs1asjGw== dependencies: "@babel/runtime" "^7.11.1" classnames "^2.2.1" rc-motion "^2.4.4" rc-util "^5.17.0" -rc-select@~14.5.0: - version "14.5.2" - resolved "https://registry.yarnpkg.com/rc-select/-/rc-select-14.5.2.tgz#1ac1ab58c874696cfa01cb15e1fc9a7bba81b29e" - integrity sha512-Np/lDHvxCnVhVsheQjSV1I/OMJTWJf1n10wq8q1AGy3ytyYLfjNpi6uaz/pmjsbbiSddSWzJnNZCli9LmgBZsA== +rc-select@~14.1.0, rc-select@~14.1.1: + version "14.1.11" + resolved "https://registry.yarnpkg.com/rc-select/-/rc-select-14.1.11.tgz#7f1227c14fe47c0f6e880a57e428c3318ac9bffe" + integrity sha512-3UI781eaTg/V4BEc8rLk1i2BQmO+n0sOsi3RKcV2EkHu2ErjTlg/1SOixllnWTWcH02oizvdvALZ1nvZulin9A== dependencies: "@babel/runtime" "^7.10.1" - "@rc-component/trigger" "^1.5.0" classnames "2.x" rc-motion "^2.0.1" rc-overflow "^1.0.0" + rc-trigger "^5.0.4" rc-util "^5.16.1" - rc-virtual-list "^3.5.2" + rc-virtual-list "^3.2.0" -rc-slider@~10.1.0: - version "10.1.1" - resolved "https://registry.yarnpkg.com/rc-slider/-/rc-slider-10.1.1.tgz#5e82036e60b61021aba3ea0e353744dd7c74e104" - integrity sha512-gn8oXazZISEhnmRinI89Z/JD/joAaM35jp+gDtIVSTD/JJMCCBqThqLk1SVJmvtfeiEF/kKaFY0+qt4SDHFUDw== +rc-slider@~10.0.0: + version "10.0.1" + resolved "https://registry.yarnpkg.com/rc-slider/-/rc-slider-10.0.1.tgz#7058c68ff1e1aa4e7c3536e5e10128bdbccb87f9" + integrity sha512-igTKF3zBet7oS/3yNiIlmU8KnZ45npmrmHlUUio8PNbIhzMcsh+oE/r2UD42Y6YD2D/s+kzCQkzQrPD6RY435Q== dependencies: "@babel/runtime" "^7.10.1" classnames "^2.2.5" - rc-util "^5.27.0" + rc-util "^5.18.1" + shallowequal "^1.1.0" -rc-steps@~6.0.0: - version "6.0.0" - resolved "https://registry.yarnpkg.com/rc-steps/-/rc-steps-6.0.0.tgz#f7148f8097d5d135f19b96c1b4f4b50ad6093753" - integrity sha512-+KfMZIty40mYCQSDvYbZ1jwnuObLauTiIskT1hL4FFOBHP6ZOr8LK0m143yD3kEN5XKHSEX1DIwCj3AYZpoeNQ== +rc-steps@~4.1.0: + version "4.1.4" + resolved "https://registry.yarnpkg.com/rc-steps/-/rc-steps-4.1.4.tgz#0ba82db202d59ca52d0693dc9880dd145b19dc23" + integrity sha512-qoCqKZWSpkh/b03ASGx1WhpKnuZcRWmvuW+ZUu4mvMdfvFzVxblTwUM+9aBd0mlEUFmt6GW8FXhMpHkK3Uzp3w== dependencies: - "@babel/runtime" "^7.16.7" + "@babel/runtime" "^7.10.2" classnames "^2.2.3" - rc-util "^5.16.1" + rc-util "^5.0.1" -rc-switch@~4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/rc-switch/-/rc-switch-4.1.0.tgz#f37d81b4e0c5afd1274fd85367b17306bf25e7d7" - integrity sha512-TI8ufP2Az9oEbvyCeVE4+90PDSljGyuwix3fV58p7HV2o4wBnVToEyomJRVyTaZeqNPAp+vqeo4Wnj5u0ZZQBg== +rc-switch@~3.2.0: + version "3.2.2" + resolved "https://registry.yarnpkg.com/rc-switch/-/rc-switch-3.2.2.tgz#d001f77f12664d52595b4f6fb425dd9e66fba8e8" + integrity sha512-+gUJClsZZzvAHGy1vZfnwySxj+MjLlGRyXKXScrtCTcmiYNPzxDFOxdQ/3pK1Kt/0POvwJ/6ALOR8gwdXGhs+A== dependencies: - "@babel/runtime" "^7.21.0" + "@babel/runtime" "^7.10.1" classnames "^2.2.1" - rc-util "^5.30.0" + rc-util "^5.0.1" -rc-table@~7.32.1: - version "7.32.1" - resolved "https://registry.yarnpkg.com/rc-table/-/rc-table-7.32.1.tgz#7130a94727ac3870a6ddb9778b6f8496e388bce0" - integrity sha512-fHMQteKMocUC9I9Vex3eBLH7QsiaMR/qtzh3B1Ty2PoNGwVTwVdDFyRL05zch+JU3KnNNczgQeVvtf/p//gdrQ== +rc-table@~7.26.0: + version "7.26.0" + resolved "https://registry.yarnpkg.com/rc-table/-/rc-table-7.26.0.tgz#9d517e7fa512e7571fdcc453eb1bf19edfac6fbc" + integrity sha512-0cD8e6S+DTGAt5nBZQIPFYEaIukn17sfa5uFL98faHlH/whZzD8ii3dbFL4wmUDEL4BLybhYop+QUfZJ4CPvNQ== dependencies: "@babel/runtime" "^7.10.1" - "@rc-component/context" "^1.3.0" classnames "^2.2.5" rc-resize-observer "^1.1.0" - rc-util "^5.27.1" + rc-util "^5.22.5" + shallowequal "^1.1.0" -rc-tabs@~12.7.0: - version "12.7.1" - resolved "https://registry.yarnpkg.com/rc-tabs/-/rc-tabs-12.7.1.tgz#6bfd11cc7b2bec08600eb0aba41966b230c38906" - integrity sha512-NrltXEYIyiDP5JFu85NQwc9eR+7e50r/6MNXYDyG1EMIFNc7BgDppzdpnD3nW4NHYWw5wLIThCURGib48OCTBg== +rc-tabs@~12.1.0-alpha.1: + version "12.1.0-alpha.1" + resolved "https://registry.yarnpkg.com/rc-tabs/-/rc-tabs-12.1.0-alpha.1.tgz#00f45b9dffa9bc6aff8ce2aff4a1a0764caada54" + integrity sha512-M+B88WEnGSuE+mR54fpgPbZLAakzxa/H6FmEetLBl5WG4I3AcwSk9amuIPC/tu0KXBl+H6Bg5ZwrrEUOBUvgzg== dependencies: "@babel/runtime" "^7.11.2" classnames "2.x" - rc-dropdown "~4.1.0" - rc-menu "~9.9.0" + rc-dropdown "~4.0.0" + rc-menu "~9.6.0" rc-motion "^2.6.2" rc-resize-observer "^1.0.0" - rc-util "^5.16.0" + rc-util "^5.5.0" -rc-textarea@~1.2.0, rc-textarea@~1.2.2: - version "1.2.3" - resolved "https://registry.yarnpkg.com/rc-textarea/-/rc-textarea-1.2.3.tgz#bdaea2931ad2571583e9e27e627b8a9b5dbe7de7" - integrity sha512-YvN8IskIVBRRzcS4deT0VAMim31+T3IoVX4yoCJ+b/iVCvw7yf0usR7x8OaHiUOUoURKcn/3lfGjmtzplcy99g== +rc-textarea@^0.3.0, rc-textarea@~0.3.0: + version "0.3.7" + resolved "https://registry.yarnpkg.com/rc-textarea/-/rc-textarea-0.3.7.tgz#987142891efdedb774883c07e2f51b318fde5a11" + integrity sha512-yCdZ6binKmAQB13hc/oehh0E/QRwoPP1pjF21aHBxlgXO3RzPF6dUu4LG2R4FZ1zx/fQd2L1faktulrXOM/2rw== dependencies: "@babel/runtime" "^7.10.1" classnames "^2.2.1" - rc-input "~1.0.4" rc-resize-observer "^1.0.0" - rc-util "^5.27.0" + rc-util "^5.7.0" + shallowequal "^1.1.0" -rc-tooltip@~6.0.0: - version "6.0.1" - resolved "https://registry.yarnpkg.com/rc-tooltip/-/rc-tooltip-6.0.1.tgz#6a5e33bd6c3f6afe8851ea90e7af43e5c26b3cc6" - integrity sha512-MdvPlsD1fDSxKp9+HjXrc/CxLmA/s11QYIh1R7aExxfodKP7CZA++DG1AjrW80F8IUdHYcR43HAm0Y2BYPelHA== +rc-tooltip@~5.2.0: + version "5.2.2" + resolved "https://registry.yarnpkg.com/rc-tooltip/-/rc-tooltip-5.2.2.tgz#e5cafa8ecebf78108936a0bcb93c150fa81ac93b" + integrity sha512-jtQzU/18S6EI3lhSGoDYhPqNpWajMtS5VV/ld1LwyfrDByQpYmw/LW6U7oFXXLukjfDHQ7Ju705A82PRNFWYhg== dependencies: "@babel/runtime" "^7.11.2" - "@rc-component/trigger" "^1.0.4" classnames "^2.3.1" + rc-trigger "^5.0.0" -rc-tree-select@~5.9.0: - version "5.9.0" - resolved "https://registry.yarnpkg.com/rc-tree-select/-/rc-tree-select-5.9.0.tgz#e8af859ff7751d22b6f4d98941cf13f775686475" - integrity sha512-oh3blESzLfLCBPSiVDtZ2irzrWWZUMeHvnSwRvFo79br8Z+K/1OhXhXBZmROvfKwaH8YUugAQy8B2j5EGQbdyA== +rc-tree-select@~5.4.0: + version "5.4.1" + resolved "https://registry.yarnpkg.com/rc-tree-select/-/rc-tree-select-5.4.1.tgz#b97b9c6adcabc7415d25cfd40d18058b0c57bec2" + integrity sha512-xhXnKP8Stu2Q7wTcjJaSzSOLd4wmFtUZOwmy1cioaWyPbpiKlYdnALXA/9U49HOaV3KFXdRHE9Yi0KYED7yOAQ== dependencies: "@babel/runtime" "^7.10.1" classnames "2.x" - rc-select "~14.5.0" - rc-tree "~5.7.0" + rc-select "~14.1.0" + rc-tree "~5.6.1" rc-util "^5.16.1" -rc-tree@~5.7.0, rc-tree@~5.7.4: - version "5.7.6" - resolved "https://registry.yarnpkg.com/rc-tree/-/rc-tree-5.7.6.tgz#0d0bea9351517a18f5065cf3106cfc06bb740bd1" - integrity sha512-Dzam4VFcohXfcw+K4syq177RKqdqYun1XRc6etAEpRvsTruo4udhcsPrsEfOrRkrhnmkO58Q9F1/lgvm2dznVQ== +rc-tree@~5.6.1, rc-tree@~5.6.3, rc-tree@~5.6.5: + version "5.6.7" + resolved "https://registry.yarnpkg.com/rc-tree/-/rc-tree-5.6.7.tgz#832ef5a239c8143afe9dda33c39b87832b1a7e49" + integrity sha512-LcvI8YciaBcPpsroi3qUR0hU3qMWAwtD/5SQuT4HcmMbVYM4281Xptav0Bq+7KUf2t1WhrqLhhtzrIlft+4tvw== dependencies: "@babel/runtime" "^7.10.1" classnames "2.x" rc-motion "^2.0.1" rc-util "^5.16.1" - rc-virtual-list "^3.5.1" + rc-virtual-list "^3.4.8" + +rc-trigger@^5.0.0, rc-trigger@^5.0.4, rc-trigger@^5.1.2, rc-trigger@^5.2.10: + version "5.2.10" + resolved "https://registry.yarnpkg.com/rc-trigger/-/rc-trigger-5.2.10.tgz#8a0057a940b1b9027eaa33beec8a6ecd85cce2b1" + integrity sha512-FkUf4H9BOFDaIwu42fvRycXMAvkttph9AlbCZXssZDVzz2L+QZ0ERvfB/4nX3ZFPh1Zd+uVGr1DEDeXxq4J1TA== + dependencies: + "@babel/runtime" "^7.11.2" + classnames "^2.2.6" + rc-align "^4.0.0" + rc-motion "^2.0.0" + rc-util "^5.5.0" + +rc-trigger@^5.3.1: + version "5.3.1" + resolved "https://registry.yarnpkg.com/rc-trigger/-/rc-trigger-5.3.1.tgz#acafadf3eaf384e7f466c303bfa0f34c8137d7b8" + integrity sha512-5gaFbDkYSefZ14j2AdzucXzlWgU2ri5uEjkHvsf1ynRhdJbKxNOnw4PBZ9+FVULNGFiDzzlVF8RJnR9P/xrnKQ== + dependencies: + "@babel/runtime" "^7.18.3" + classnames "^2.2.6" + rc-align "^4.0.0" + rc-motion "^2.0.0" + rc-util "^5.19.2" rc-upload@~4.3.0: version "4.3.3" @@ -7725,7 +7612,7 @@ rc-upload@~4.3.0: classnames "^2.2.5" rc-util "^5.2.0" -rc-util@^5.0.1, rc-util@^5.0.6, rc-util@^5.15.0, rc-util@^5.16.1, rc-util@^5.2.0, rc-util@^5.2.1, rc-util@^5.3.0, rc-util@^5.5.1, rc-util@^5.6.1: +rc-util@^5.0.1, rc-util@^5.0.6, rc-util@^5.0.7, rc-util@^5.12.0, rc-util@^5.15.0, rc-util@^5.16.1, rc-util@^5.2.0, rc-util@^5.2.1, rc-util@^5.3.0, rc-util@^5.4.0, rc-util@^5.5.0, rc-util@^5.5.1, rc-util@^5.6.1, rc-util@^5.7.0, rc-util@^5.8.0, rc-util@^5.9.4: version "5.16.1" resolved "https://registry.yarnpkg.com/rc-util/-/rc-util-5.16.1.tgz#374db7cb735512f05165ddc3d6b2c61c21b8b4e3" integrity sha512-kSCyytvdb3aRxQacS/71ta6c+kBWvM1v8/2h9d/HaNWauc3qB8pLnF20PJ8NajkNN8gb+rR1l0eWO+D4Pz+LLQ== @@ -7734,14 +7621,6 @@ rc-util@^5.0.1, rc-util@^5.0.6, rc-util@^5.15.0, rc-util@^5.16.1, rc-util@^5.2.0 react-is "^16.12.0" shallowequal "^1.1.0" -rc-util@^5.16.0, rc-util@^5.24.4, rc-util@^5.25.2, rc-util@^5.27.0, rc-util@^5.27.1, rc-util@^5.28.0, rc-util@^5.30.0, rc-util@^5.31.1, rc-util@^5.32.0, rc-util@^5.32.2, rc-util@^5.33.0: - version "5.34.0" - resolved "https://registry.yarnpkg.com/rc-util/-/rc-util-5.34.0.tgz#3bec84f98c1dbf5305d89cda124aa8a0c9615f97" - integrity sha512-+zCDJ1gq+KwqbaZPAk7PGlNAssoTcnZSnTsr5KMYDBhzdPNFxyuglnewWMP5PyP/kAC6uW4r9Ejc08M+Lei04A== - dependencies: - "@babel/runtime" "^7.18.3" - react-is "^16.12.0" - rc-util@^5.17.0, rc-util@^5.18.1: version "5.20.1" resolved "https://registry.yarnpkg.com/rc-util/-/rc-util-5.20.1.tgz#323590df56175f60b1a67d2ba76f04c3c2cb84cd" @@ -7751,7 +7630,7 @@ rc-util@^5.17.0, rc-util@^5.18.1: react-is "^16.12.0" shallowequal "^1.1.0" -rc-util@^5.19.2, rc-util@^5.20.1, rc-util@^5.21.0, rc-util@^5.21.2, rc-util@^5.22.5: +rc-util@^5.19.2, rc-util@^5.20.1, rc-util@^5.21.0, rc-util@^5.21.2, rc-util@^5.22.5, rc-util@^5.23.0: version "5.24.2" resolved "https://registry.yarnpkg.com/rc-util/-/rc-util-5.24.2.tgz#b90057dd880e1ba2bea63028ef1892101a48bc0c" integrity sha512-MWd0ZEV7xSwN4HM9jz9BwpnMzwCPjYJ7K90lePsrdgAkrmm8U7b4BOTIsv/84BQsaF7N3ejNkcrZ3AfEwc9HXA== @@ -7760,12 +7639,20 @@ rc-util@^5.19.2, rc-util@^5.20.1, rc-util@^5.21.0, rc-util@^5.21.2, rc-util@^5.2 react-is "^16.12.0" shallowequal "^1.1.0" -rc-virtual-list@^3.5.1, rc-virtual-list@^3.5.2: - version "3.5.2" - resolved "https://registry.yarnpkg.com/rc-virtual-list/-/rc-virtual-list-3.5.2.tgz#5e1028869bae900eacbae6788d4eca7210736006" - integrity sha512-sE2G9hTPjVmatQni8OP2Kx33+Oth6DMKm67OblBBmgMBJDJQOOFpSGH7KZ6Pm85rrI2IGxDRXZCr0QhYOH2pfQ== +rc-virtual-list@^3.2.0: + version "3.4.2" + resolved "https://registry.yarnpkg.com/rc-virtual-list/-/rc-virtual-list-3.4.2.tgz#1078327aa7230b5e456d679ed2ce99f3c036ebd1" + integrity sha512-OyVrrPvvFcHvV0ssz5EDZ+7Rf5qLat/+mmujjchNw5FfbJWNDwkpQ99EcVE6+FtNRmX9wFa1LGNpZLUTvp/4GQ== + dependencies: + classnames "^2.2.6" + rc-resize-observer "^1.0.0" + rc-util "^5.0.7" + +rc-virtual-list@^3.4.8: + version "3.4.8" + resolved "https://registry.yarnpkg.com/rc-virtual-list/-/rc-virtual-list-3.4.8.tgz#c24c10c6940546b7e2a5e9809402c6716adfd26c" + integrity sha512-qSN+Rv4i/E7RCTvTMr1uZo7f3crJJg/5DekoCagydo9zsXrxj07zsFSxqizqW+ldGA16lwa8So/bIbV9Ofjddg== dependencies: - "@babel/runtime" "^7.20.0" classnames "^2.2.6" rc-resize-observer "^1.0.0" rc-util "^5.15.0" @@ -7989,7 +7876,7 @@ react-test-renderer@16.8.3: react-is "^16.8.3" scheduler "^0.13.3" -react-toastify@9.0.8: +react-toastify@^9.0.8: version "9.0.8" resolved "https://registry.yarnpkg.com/react-toastify/-/react-toastify-9.0.8.tgz#3876c89fc6211a29027b3075010b5ec39ebe4f7e" integrity sha512-EwM+teWt49HSHx+67qI08yLAW1zAsBxCXLCsUfxHYv1W7/R3ZLhrqKalh7j+kjgPna1h5LQMSMwns4tB4ww2yQ== @@ -8326,7 +8213,7 @@ run-parallel@^1.1.9: dependencies: queue-microtask "^1.2.2" -rxjs@6.6.7, rxjs@^6.6.6, rxjs@^7.5.6: +rxjs@6.6.7, rxjs@^6.6.6, rxjs@^7.5.5: version "6.6.7" resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.7.tgz#90ac018acabf491bf65044235d5863c4dab804c9" integrity sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ== @@ -8427,10 +8314,10 @@ schema-utils@^2.7.1: ajv "^6.12.4" ajv-keywords "^3.5.2" -schema-utils@^3.1.1, schema-utils@^3.1.2: - version "3.1.2" - resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-3.1.2.tgz#36c10abca6f7577aeae136c804b0c741edeadc99" - integrity sha512-pvjEHOgWc9OWA/f/DE3ohBWTD6EleVLf7iFUkoSwAxttdBhB9QUebQgxER2kWueOvRJXPHNnyrvvh9eZINB8Eg== +schema-utils@^3.1.0, schema-utils@^3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-3.1.1.tgz#bc74c4b6b6995c1d88f76a8b77bea7219e0c8281" + integrity sha512-Y5PQxS4ITlC+EahLuXaY86TXfR7Dc5lw294alXOq86JAHCihAIZfqv8nNCWvaEJvaC51uN9hbLGeV0cFBdH+Fw== dependencies: "@types/json-schema" "^7.0.8" ajv "^6.12.5" @@ -8446,12 +8333,12 @@ schema-utils@^4.0.0: ajv-formats "^2.1.1" ajv-keywords "^5.0.0" -scroll-into-view-if-needed@^3.0.3: - version "3.0.10" - resolved "https://registry.yarnpkg.com/scroll-into-view-if-needed/-/scroll-into-view-if-needed-3.0.10.tgz#38fbfe770d490baff0fb2ba34ae3539f6ec44e13" - integrity sha512-t44QCeDKAPf1mtQH3fYpWz8IM/DyvHLjs8wUvvwMYxk5moOqCzrMSxK6HQVD0QVmVjXFavoFIPRVrMuJPKAvtg== +scroll-into-view-if-needed@^2.2.25: + version "2.2.28" + resolved "https://registry.yarnpkg.com/scroll-into-view-if-needed/-/scroll-into-view-if-needed-2.2.28.tgz#5a15b2f58a52642c88c8eca584644e01703d645a" + integrity sha512-8LuxJSuFVc92+0AdNv4QOxRL4Abeo1DgLnGNkn1XlaujPH/3cCFz3QI60r2VNu4obJJROzgnIUw5TKQkZvZI1w== dependencies: - compute-scroll-into-view "^3.0.2" + compute-scroll-into-view "^1.0.17" select-hose@^2.0.0: version "2.0.0" @@ -8465,22 +8352,34 @@ selfsigned@^2.0.0: dependencies: node-forge "^1" -semver@^6.0.0, semver@^6.3.0: - version "6.3.1" - resolved "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4" - integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA== +semver@7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz#5f3ca35761e47e05b206c6daff2cf814f0316b8e" + integrity sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A== -semver@7.x, semver@^7.3.2, semver@^7.3.5, semver@^7.3.8: - version "7.5.2" - resolved "https://registry.npmjs.org/semver/-/semver-7.5.2.tgz#5b851e66d1be07c1cdaf37dfc856f543325a2beb" - integrity sha512-SoftuTROv/cRjCze/scjGyiDtcUyxw1rgYQSZY7XTmtR5hX+dm76iDbTH8TkLPHCQmlbQVSSbNZCPM2hb0knnQ== +semver@7.x, semver@^7.3.2: + version "7.3.5" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7" + integrity sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ== dependencies: lru-cache "^6.0.0" semver@^5.3.0, semver@^5.4.1, semver@^5.5.0, semver@^5.6.0: - version "5.7.2" - resolved "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz#48d55db737c3287cd4835e17fa13feace1c41ef8" - integrity sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g== + version "5.7.0" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.0.tgz#790a7cf6fea5459bac96110b29b60412dc8ff96b" + integrity sha512-Ya52jSX2u7QKghxeoFGpLwCtGlt7j0oY9DYb5apt9nPlJ42ID+ulTXESnt/qAQcoSERyZ5sl3LDIOw0nAn/5DA== + +semver@^6.0.0, semver@^6.3.0: + version "6.3.0" + resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d" + integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw== + +semver@^7.3.8: + version "7.3.8" + resolved "https://registry.npmjs.org/semver/-/semver-7.3.8.tgz#07a78feafb3f7b32347d725e33de7e2a2df67798" + integrity sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A== + dependencies: + lru-cache "^6.0.0" send@0.17.2: version "0.17.2" @@ -8508,10 +8407,10 @@ serialize-javascript@^5.0.1: dependencies: randombytes "^2.1.0" -serialize-javascript@^6.0.1: - version "6.0.1" - resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-6.0.1.tgz#b206efb27c3da0b0ab6b52f48d170b7996458e5c" - integrity sha512-owoXEFjWRllis8/M1Q+Cw5k8ZH40e3zhp/ovX+Xr/vi1qj6QesbyXXViFbpNvWvPNAD62SutwEXavefrLJWj7w== +serialize-javascript@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-6.0.0.tgz#efae5d88f45d7924141da8b5c3a7a7e663fefeb8" + integrity sha512-Qr3TosvguFt8ePWqsvRfrKyQXIiW+nGbYpy8XK24NQHE83caxWt+mIymTT19DGFbNWNLfEwsrkSmN64lVWB9ag== dependencies: randombytes "^2.1.0" @@ -8983,11 +8882,6 @@ style-loader@^3.3.1: resolved "https://registry.yarnpkg.com/style-loader/-/style-loader-3.3.1.tgz#057dfa6b3d4d7c7064462830f9113ed417d38575" integrity sha512-GPcQ+LDJbrcxHORTRes6Jy2sfvK2kS6hpSfI/fXhPt+spVzxF6LJ1dHLN9zIGmVaaP044YKaIatFaufENRiDoQ== -stylis@^4.0.13: - version "4.2.0" - resolved "https://registry.yarnpkg.com/stylis/-/stylis-4.2.0.tgz#79daee0208964c8fe695a42fcffcac633a211a51" - integrity sha512-Orov6g6BB1sDfYgzWfTHDOxamtX1bE/zo104Dh9e6fqJ3PooipYyfJ0pUmrZO2wAvO8YbEyeFrkV91XTsGMSrw== - superagent@^8.0.9: version "8.0.9" resolved "https://registry.npmjs.org/superagent/-/superagent-8.0.9.tgz#2c6fda6fadb40516515f93e9098c0eb1602e0535" @@ -9101,16 +8995,16 @@ tar@^6.0.2: mkdirp "^1.0.3" yallist "^4.0.0" -teeny-request@7.1.1: - version "7.1.1" - resolved "https://registry.yarnpkg.com/teeny-request/-/teeny-request-7.1.1.tgz#2b0d156f4a8ad81de44303302ba8d7f1f05e20e6" - integrity sha512-iwY6rkW5DDGq8hE2YgNQlKbptYpY5Nn2xecjQiNjOXWbKzPGUfmeUBCSQbbr306d7Z7U2N0TPl+/SwYRfua1Dg== +teeny-request@6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/teeny-request/-/teeny-request-6.0.1.tgz#9b1f512cef152945827ba7e34f62523a4ce2c5b0" + integrity sha512-TAK0c9a00ELOqLrZ49cFxvPVogMUFaWY8dUsQc/0CuQPGF+BOxOQzXfE413BAk2kLomwNplvdtMpeaeGWmoc2g== dependencies: http-proxy-agent "^4.0.0" - https-proxy-agent "^5.0.0" - node-fetch "^2.6.1" + https-proxy-agent "^4.0.0" + node-fetch "^2.2.0" stream-events "^1.0.5" - uuid "^8.0.0" + uuid "^3.3.2" terminal-link@^2.0.0: version "2.1.1" @@ -9120,18 +9014,18 @@ terminal-link@^2.0.0: ansi-escapes "^4.2.1" supports-hyperlinks "^2.0.0" -terser-webpack-plugin@^5.3.7: - version "5.3.9" - resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-5.3.9.tgz#832536999c51b46d468067f9e37662a3b96adfe1" - integrity sha512-ZuXsqE07EcggTWQjXUj+Aot/OMcD0bMKGgF63f7UxYcu5/AJF53aIpK1YoP5xR9l6s/Hy2b+t1AM0bLNPRuhwA== +terser-webpack-plugin@^5.1.3: + version "5.3.1" + resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-5.3.1.tgz#0320dcc270ad5372c1e8993fabbd927929773e54" + integrity sha512-GvlZdT6wPQKbDNW/GDQzZFg/j4vKU96yl2q6mcUkzKOgW4gwf1Z8cZToUCrz31XHlPWH8MVb1r2tFtdDtTGJ7g== dependencies: - "@jridgewell/trace-mapping" "^0.3.17" jest-worker "^27.4.5" schema-utils "^3.1.1" - serialize-javascript "^6.0.1" - terser "^5.16.8" + serialize-javascript "^6.0.0" + source-map "^0.6.1" + terser "^5.7.2" -terser@^5.10.0: +terser@^5.10.0, terser@^5.7.2: version "5.14.2" resolved "https://registry.yarnpkg.com/terser/-/terser-5.14.2.tgz#9ac9f22b06994d736174f4091aa368db896f1c10" integrity sha512-oL0rGeM/WFQCUd0y2QrWxYnq7tfSuKBiqTjRPWrRgB46WD/kiwHwF8T23z78H6Q6kGCuuHcPB+KULHRdxvVGQA== @@ -9141,16 +9035,6 @@ terser@^5.10.0: commander "^2.20.0" source-map-support "~0.5.20" -terser@^5.16.8: - version "5.17.6" - resolved "https://registry.yarnpkg.com/terser/-/terser-5.17.6.tgz#d810e75e1bb3350c799cd90ebefe19c9412c12de" - integrity sha512-V8QHcs8YuyLkLHsJO5ucyff1ykrLVsR4dNnS//L5Y3NiSXpbK1J+WMVUs67eI0KTxs9JtHhgEQpXQVHlHI92DQ== - dependencies: - "@jridgewell/source-map" "^0.3.2" - acorn "^8.5.0" - commander "^2.20.0" - source-map-support "~0.5.20" - test-exclude@^6.0.0: version "6.0.0" resolved "https://registry.yarnpkg.com/test-exclude/-/test-exclude-6.0.0.tgz#04a8698661d805ea6fa293b6cb9e63ac044ef15e" @@ -9165,11 +9049,6 @@ throat@^6.0.1: resolved "https://registry.yarnpkg.com/throat/-/throat-6.0.1.tgz#d514fedad95740c12c2d7fc70ea863eb51ade375" integrity sha512-8hmiGIJMDlwjg7dlJ4yKGLK8EsYqKgPWbG3b4wjJddKNwc7N7Dpn08Df4szr/sZdMVeOstrdYSsqzX6BYbcB+w== -throttle-debounce@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/throttle-debounce/-/throttle-debounce-5.0.0.tgz#a17a4039e82a2ed38a5e7268e4132d6960d41933" - integrity sha512-2iQTSgkkc1Zyk0MeVrt/3BvuOXYPl/R8Z0U2xxo9rjwNciaHDG3R+Lm6dh4EeUci49DanvBnuqI6jshoQQRGEg== - thunky@^1.0.2: version "1.1.0" resolved "https://registry.yarnpkg.com/thunky/-/thunky-1.1.0.tgz#5abaf714a9405db0504732bbccd2cedd9ef9537d" @@ -9190,12 +9069,12 @@ tiny-warning@^1.0.0: resolved "https://registry.yarnpkg.com/tiny-warning/-/tiny-warning-1.0.3.tgz#94a30db453df4c643d0fd566060d60a875d84754" integrity sha512-lBN9zLN/oAf68o3zNXYrdCt1kP8WsiGW8Oo2ka41b2IM5JL/S1CTyX1rW0mb/zSuJun0ZUrDxx4sqvYS2FWzPA== -tippy.js@^5.1.1: - version "5.2.1" - resolved "https://registry.yarnpkg.com/tippy.js/-/tippy.js-5.2.1.tgz#e08d7332c103a15e427124d710d881fca82365d6" - integrity sha512-66UT6JRVn3dXNCORE+0UvUK3JZqV/VhLlU6HTDm3FmrweUUFUxUGvT8tUQ7ycMp+uhuLAwQw6dBabyC+iKf/MA== +tippy.js@^4.3.4: + version "4.3.5" + resolved "https://registry.yarnpkg.com/tippy.js/-/tippy.js-4.3.5.tgz#882bff8d92f09bb0546d2826d5668c0560006f54" + integrity sha512-NDq3efte8nGK6BOJ1dDN1/WelAwfmh3UtIYXXck6+SxLzbIQNZE/cmRSnwScZ/FyiKdIcvFHvYUgqmoGx8CcyA== dependencies: - popper.js "^1.16.0" + popper.js "^1.14.7" tmpl@1.0.x: version "1.0.5" @@ -9250,14 +9129,13 @@ toidentifier@1.0.1: integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA== tough-cookie@^4.0.0: - version "4.1.3" - resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-4.1.3.tgz#97b9adb0728b42280aa3d814b6b999b2ff0318bf" - integrity sha512-aX/y5pVRkfRnfmuX+OdbSdXvPe6ieKX/G2s7e98f4poJHnqH3281gDPm/metm6E/WRamfx7WC4HUqkWHfQHprw== + version "4.0.0" + resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-4.0.0.tgz#d822234eeca882f991f0f908824ad2622ddbece4" + integrity sha512-tHdtEpQCMrc1YLrMaqXXcj6AxhYi/xgit6mZu1+EDWUn+qhUf8wMQoFIy9NXuq23zAwtcB0t/MjACGR18pcRbg== dependencies: psl "^1.1.33" punycode "^2.1.1" - universalify "^0.2.0" - url-parse "^1.5.3" + universalify "^0.1.2" tr46@^2.1.0: version "2.1.0" @@ -9285,12 +9163,12 @@ ts-jest@^27.1.3: semver "7.x" yargs-parser "20.x" -ts-node@10.9.1: - version "10.9.1" - resolved "https://registry.yarnpkg.com/ts-node/-/ts-node-10.9.1.tgz#e73de9102958af9e1f0b168a6ff320e25adcff4b" - integrity sha512-NtVysVPkxxrwFGUUxGYhfux8k78pQB3JqYBXlLRZgdGUqTO5wU/UyHop5p70iEbGhB7q5KmiZiU0Y3KlJrScEw== +ts-node@^10.7.0: + version "10.7.0" + resolved "https://registry.yarnpkg.com/ts-node/-/ts-node-10.7.0.tgz#35d503d0fab3e2baa672a0e94f4b40653c2463f5" + integrity sha512-TbIGS4xgJoX2i3do417KSaep1uRAW/Lu+WAL2doDHC0D6ummjirVOXU5/7aiZotbQ5p1Zp9tP7U6cYhA0O7M8A== dependencies: - "@cspotcode/source-map-support" "^0.8.0" + "@cspotcode/source-map-support" "0.7.0" "@tsconfig/node10" "^1.0.7" "@tsconfig/node12" "^1.0.7" "@tsconfig/node14" "^1.0.0" @@ -9301,7 +9179,7 @@ ts-node@10.9.1: create-require "^1.1.0" diff "^4.0.1" make-error "^1.1.1" - v8-compile-cache-lib "^3.0.1" + v8-compile-cache-lib "^3.0.0" yn "3.1.1" tslib@^1.13.0: @@ -9416,16 +9294,16 @@ typedarray-to-buffer@^3.1.5: dependencies: is-typedarray "^1.0.0" +typescript@^4.0.3: + version "4.4.3" + resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.4.3.tgz#bdc5407caa2b109efd4f82fe130656f977a29324" + integrity sha512-4xfscpisVgqqDfPaJo5vkd+Qd/ItkoagnHpufr+i2QCHBsNYp+G7UAoyFl8aPtx879u38wPV65rZ8qbGZijalA== + typescript@^4.8.3: version "4.8.3" resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.8.3.tgz#d59344522c4bc464a65a730ac695007fdb66dd88" integrity sha512-goMHfm00nWPa8UvR/CPSvykqf6dVV8x/dp0c5mFTMTIu0u0FlGWRioyy7Nn0PGAdHxpJZnuO/ut+PpQ8UiHAig== -typescript@^4.9.5: - version "4.9.5" - resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.9.5.tgz#095979f9bcc0d09da324d58d03ce8f8374cbe65a" - integrity sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g== - unicode-canonical-property-names-ecmascript@^1.0.4: version "1.0.4" resolved "https://registry.yarnpkg.com/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-1.0.4.tgz#2619800c4c825800efdd8343af7dd9933cbe2818" @@ -9480,10 +9358,10 @@ unique-slug@^2.0.0: dependencies: imurmurhash "^0.1.4" -universalify@^0.2.0: - version "0.2.0" - resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.2.0.tgz#6451760566fa857534745ab1dde952d1b1761be0" - integrity sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg== +universalify@^0.1.2: + version "0.1.2" + resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.1.2.tgz#b646f69be3942dabcecc9d6639c80dc105efaa66" + integrity sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg== unpipe@1.0.0, unpipe@~1.0.0: version "1.0.0" @@ -9510,14 +9388,6 @@ urix@^0.1.0: resolved "https://registry.yarnpkg.com/urix/-/urix-0.1.0.tgz#da937f7a62e21fec1fd18d49b35c2935067a6c72" integrity sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI= -url-parse@^1.5.3: - version "1.5.10" - resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.10.tgz#9d3c2f736c1d75dd3bd2be507dcc111f1e2ea9c1" - integrity sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ== - dependencies: - querystringify "^2.1.1" - requires-port "^1.0.0" - url-template@^2.0.8: version "2.0.8" resolved "https://registry.yarnpkg.com/url-template/-/url-template-2.0.8.tgz#fc565a3cccbff7730c775f5641f9555791439f21" @@ -9531,12 +9401,10 @@ url@^0.11.0: punycode "1.3.2" querystring "0.2.0" -urlgrey@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/urlgrey/-/urlgrey-1.0.0.tgz#72d2f904482d0b602e3c7fa599343d699bbe1017" - integrity sha512-hJfIzMPJmI9IlLkby8QrsCykQ+SXDeO2W5Q9QTW3QpqZVTx4a/K7p8/5q+/isD8vsbVaFgql/gvAoQCRQ2Cb5w== - dependencies: - fast-url-parser "^1.1.3" +urlgrey@0.4.4: + version "0.4.4" + resolved "https://registry.yarnpkg.com/urlgrey/-/urlgrey-0.4.4.tgz#892fe95960805e85519f1cd4389f2cb4cbb7652f" + integrity sha1-iS/pWWCAXoVRnxzUOJ8stMu3ZS8= use@^3.1.0: version "3.1.1" @@ -9565,20 +9433,20 @@ utils-merge@1.0.1: resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713" integrity sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA== -uuid@^8.0.0, uuid@^8.3.2: +uuid@^3.3.2: + version "3.3.3" + resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.3.3.tgz#4568f0216e78760ee1dbf3a4d2cf53e224112866" + integrity sha512-pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ== + +uuid@^8.3.2: version "8.3.2" resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2" integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg== -uuid@^9.0.0: - version "9.0.0" - resolved "https://registry.yarnpkg.com/uuid/-/uuid-9.0.0.tgz#592f550650024a38ceb0c562f2f6aa435761efb5" - integrity sha512-MXcSTerfPa4uqyzStbRoTgt5XIe3x5+42+q1sDuy3R5MDk66URdLMOZe5aPX/SQd+kuYAh0FdP/pO28IkQyTeg== - -v8-compile-cache-lib@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz#6336e8d71965cb3d35a1bbb7868445a7c05264bf" - integrity sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg== +v8-compile-cache-lib@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.0.tgz#0582bcb1c74f3a2ee46487ceecf372e46bce53e8" + integrity sha512-mpSYqfsFvASnSn5qMiwrr4VKfumbPyONLCOPmsR3A6pTY/r0+tSaVbgPWSAIuzbk3lCTa+FForeTiO+wBQGkjA== v8-to-istanbul@^8.1.0: version "8.1.1" @@ -9627,10 +9495,10 @@ warning@^4.0.1, warning@^4.0.2: dependencies: loose-envify "^1.0.0" -watchpack@^2.4.0: - version "2.4.0" - resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-2.4.0.tgz#fa33032374962c78113f93c7f2fb4c54c9862a5d" - integrity sha512-Lcvm7MGST/4fup+ifyKi2hjyIAwcdI4HRgtvTpIUxBRhB+RFtUh8XtDOxUfctVCnhVi+QQj49i91OyvzkJl6cg== +watchpack@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-2.3.1.tgz#4200d9447b401156eeca7767ee610f8809bc9d25" + integrity sha512-x0t0JuydIo8qCNctdDrn1OzH/qDzk2+rdCOC3YzumZ42fiMqmQ7T3xQurykYMhYfHaPHTp4ZxAx2NfUo1K6QaA== dependencies: glob-to-regexp "^0.4.1" graceful-fs "^4.1.2" @@ -9751,34 +9619,34 @@ webpack-sources@^3.2.3: resolved "https://registry.yarnpkg.com/webpack-sources/-/webpack-sources-3.2.3.tgz#2d4daab8451fd4b240cc27055ff6a0c2ccea0cde" integrity sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w== -webpack@^5.84.1: - version "5.84.1" - resolved "https://registry.yarnpkg.com/webpack/-/webpack-5.84.1.tgz#d4493acdeca46b26ffc99d86d784cabfeb925a15" - integrity sha512-ZP4qaZ7vVn/K8WN/p990SGATmrL1qg4heP/MrVneczYtpDGJWlrgZv55vxaV2ul885Kz+25MP2kSXkPe3LZfmg== +webpack@^5.70.0: + version "5.70.0" + resolved "https://registry.yarnpkg.com/webpack/-/webpack-5.70.0.tgz#3461e6287a72b5e6e2f4872700bc8de0d7500e6d" + integrity sha512-ZMWWy8CeuTTjCxbeaQI21xSswseF2oNOwc70QSKNePvmxE7XW36i7vpBMYZFAUHPwQiEbNGCEYIOOlyRbdGmxw== dependencies: "@types/eslint-scope" "^3.7.3" - "@types/estree" "^1.0.0" - "@webassemblyjs/ast" "^1.11.5" - "@webassemblyjs/wasm-edit" "^1.11.5" - "@webassemblyjs/wasm-parser" "^1.11.5" - acorn "^8.7.1" - acorn-import-assertions "^1.9.0" + "@types/estree" "^0.0.51" + "@webassemblyjs/ast" "1.11.1" + "@webassemblyjs/wasm-edit" "1.11.1" + "@webassemblyjs/wasm-parser" "1.11.1" + acorn "^8.4.1" + acorn-import-assertions "^1.7.6" browserslist "^4.14.5" chrome-trace-event "^1.0.2" - enhanced-resolve "^5.14.1" - es-module-lexer "^1.2.1" + enhanced-resolve "^5.9.2" + es-module-lexer "^0.9.0" eslint-scope "5.1.1" events "^3.2.0" glob-to-regexp "^0.4.1" graceful-fs "^4.2.9" - json-parse-even-better-errors "^2.3.1" + json-parse-better-errors "^1.0.2" loader-runner "^4.2.0" mime-types "^2.1.27" neo-async "^2.6.2" - schema-utils "^3.1.2" + schema-utils "^3.1.0" tapable "^2.1.1" - terser-webpack-plugin "^5.3.7" - watchpack "^2.4.0" + terser-webpack-plugin "^5.1.3" + watchpack "^2.3.1" webpack-sources "^3.2.3" websocket-driver@>=0.5.1: @@ -9909,10 +9777,10 @@ xterm-addon-fit@^0.5.0: resolved "https://registry.yarnpkg.com/xterm-addon-fit/-/xterm-addon-fit-0.5.0.tgz#2d51b983b786a97dcd6cde805e700c7f913bc596" integrity sha512-DsS9fqhXHacEmsPxBJZvfj2la30Iz9xk+UKjhQgnYNkrUIN5CYLbw7WEfz117c7+S86S/tpHPfvNxJsF5/G8wQ== -xterm@^4.19.0: - version "4.19.0" - resolved "https://registry.yarnpkg.com/xterm/-/xterm-4.19.0.tgz#c0f9d09cd61de1d658f43ca75f992197add9ef6d" - integrity sha512-c3Cp4eOVsYY5Q839dR5IejghRPpxciGmLWWaP9g+ppfMeBChMeLa1DCA+pmX/jyDZ+zxFOmlJL/82qVdayVoGQ== +xterm@^4.18.0: + version "4.18.0" + resolved "https://registry.yarnpkg.com/xterm/-/xterm-4.18.0.tgz#a1f6ab2c330c3918fb094ae5f4c2562987398ea1" + integrity sha512-JQoc1S0dti6SQfI0bK1AZvGnAxH4MVw45ZPFSO6FHTInAiau3Ix77fSxNx3mX4eh9OL4AYa8+4C8f5UvnSfppQ== y18n@^5.0.5: version "5.0.8" diff --git a/util/app/discovery/discovery.go b/util/app/discovery/discovery.go index 21fbe5fd4bf36..e29cbf2fa7ce1 100644 --- a/util/app/discovery/discovery.go +++ b/util/app/discovery/discovery.go @@ -100,7 +100,7 @@ func DetectConfigManagementPlugin(ctx context.Context, appPath, repoPath, plugin // check if the given plugin supports the repo conn, cmpClient, connFound = cmpSupports(ctx, pluginSockFilePath, appPath, repoPath, fmt.Sprintf("%v.sock", pluginName), env, tarExcludedGlobs, true) if !connFound { - return nil, nil, fmt.Errorf("couldn't find cmp-server plugin with name %q supporting the given repository", pluginName) + return nil, nil, fmt.Errorf("couldn't find cmp-server plugin with name %v supporting the given repository", pluginName) } } else { fileList, err := os.ReadDir(pluginSockFilePath) diff --git a/util/argo/argo.go b/util/argo/argo.go index 9b08d3aeeb847..14ba89b5b4fe7 100644 --- a/util/argo/argo.go +++ b/util/argo/argo.go @@ -272,13 +272,12 @@ func TestRepoWithKnownType(ctx context.Context, repoClient apiclient.RepoServerS // * the repository is accessible // * the path contains valid manifests // * there are parameters of only one app source type -// -// The plugins parameter is no longer used. It is kept for compatibility with the old signature until Argo CD v3.0. func ValidateRepo( ctx context.Context, app *argoappv1.Application, repoClientset apiclient.Clientset, db db.ArgoDB, + plugins []*argoappv1.ConfigManagementPlugin, kubectl kube.Kubectl, proj *argoappv1.AppProject, settingsMgr *settings.SettingsManager, @@ -344,6 +343,7 @@ func ValidateRepo( db, app.Spec.GetSources(), repoClient, + plugins, permittedHelmRepos, helmOptions, cluster, @@ -365,6 +365,7 @@ func validateRepo(ctx context.Context, db db.ArgoDB, sources []argoappv1.ApplicationSource, repoClient apiclient.RepoServerServiceClient, + plugins []*argoappv1.ConfigManagementPlugin, permittedHelmRepos []*argoappv1.Repository, helmOptions *argoappv1.HelmOptions, cluster *argoappv1.Cluster, @@ -419,9 +420,9 @@ func validateRepo(ctx context.Context, helmOptions, app.Name, app.Spec.Destination, - proj, sources, repoClient, + plugins, cluster.ServerVersion, APIResourcesToStrings(apiGroups, true), permittedHelmCredentials, @@ -585,7 +586,7 @@ func ValidatePermissions(ctx context.Context, spec *argoappv1.ApplicationSpec, p if !permitted { conditions = append(conditions, argoappv1.ApplicationCondition{ Type: argoappv1.ApplicationConditionInvalidSpecError, - Message: fmt.Sprintf("application destination server '%s' and namespace '%s' do not match any of the allowed destinations in project '%s'", spec.Destination.Server, spec.Destination.Namespace, spec.Project), + Message: fmt.Sprintf("application destination {%s %s} is not permitted in project '%s'", spec.Destination.Server, spec.Destination.Namespace, spec.Project), }) } // Ensure the k8s cluster the app is referencing, is configured in Argo CD @@ -704,9 +705,9 @@ func verifyGenerateManifests( helmOptions *argoappv1.HelmOptions, name string, dest argoappv1.ApplicationDestination, - proj *argoappv1.AppProject, sources []argoappv1.ApplicationSource, repoClient apiclient.RepoServerServiceClient, + plugins []*argoappv1.ConfigManagementPlugin, kubeVersion string, apiVersions []string, repositoryCredentials []*argoappv1.RepoCreds, @@ -761,6 +762,7 @@ func verifyGenerateManifests( AppName: name, Namespace: dest.Namespace, ApplicationSource: &source, + Plugins: plugins, KustomizeOptions: kustomizeOptions, KubeVersion: kubeVersion, ApiVersions: apiVersions, @@ -771,8 +773,6 @@ func verifyGenerateManifests( NoRevisionCache: true, HasMultipleSources: hasMultipleSources, RefSources: refSources, - ProjectName: proj.Name, - ProjectSourceRepos: proj.Spec.SourceRepos, } req.Repo.CopyCredentialsFromRepo(repoRes) req.Repo.CopySettingsFrom(repoRes) @@ -1015,8 +1015,8 @@ func GetDifferentPathsBetweenStructs(a, b interface{}) ([]string, error) { return difference, nil } -// parseName will -func parseName(appName string, defaultNs string, delim string) (string, string) { +// parseAppName will +func parseAppName(appName string, defaultNs string, delim string) (string, string) { var ns string var name string t := strings.SplitN(appName, delim, 2) @@ -1033,15 +1033,15 @@ func parseName(appName string, defaultNs string, delim string) (string, string) // ParseAppNamespacedName parses a namespaced name in the format namespace/name // and returns the components. If name wasn't namespaced, defaultNs will be // returned as namespace component. -func ParseFromQualifiedName(appName string, defaultNs string) (string, string) { - return parseName(appName, defaultNs, "/") +func ParseAppQualifiedName(appName string, defaultNs string) (string, string) { + return parseAppName(appName, defaultNs, "/") } -// ParseInstanceName parses a namespaced name in the format namespace_name +// ParseAppInstanceName parses a namespaced name in the format namespace_name // and returns the components. If name wasn't namespaced, defaultNs will be // returned as namespace component. -func ParseInstanceName(appName string, defaultNs string) (string, string) { - return parseName(appName, defaultNs, "_") +func ParseAppInstanceName(appName string, defaultNs string) (string, string) { + return parseAppName(appName, defaultNs, "_") } // AppInstanceName returns the value to be used for app instance labels from @@ -1054,9 +1054,9 @@ func AppInstanceName(appName, appNs, defaultNs string) string { } } -// InstanceNameFromQualified returns the value to be used for app -func InstanceNameFromQualified(name string, defaultNs string) string { - appName, appNs := ParseFromQualifiedName(name, defaultNs) +// AppInstanceNameFromQualified returns the value to be used for app +func AppInstanceNameFromQualified(name string, defaultNs string) string { + appName, appNs := ParseAppQualifiedName(name, defaultNs) return AppInstanceName(appName, appNs, defaultNs) } diff --git a/util/argo/argo_test.go b/util/argo/argo_test.go index 780a2c0403267..a096f2c58de32 100644 --- a/util/argo/argo_test.go +++ b/util/argo/argo_test.go @@ -414,7 +414,7 @@ func TestValidateRepo(t *testing.T) { kubeClient := fake.NewSimpleClientset(&cm) settingsMgr := settings.NewSettingsManager(context.Background(), kubeClient, test.FakeArgoCDNamespace) - conditions, err := ValidateRepo(context.Background(), app, repoClientSet, db, &kubetest.MockKubectlCmd{Version: kubeVersion, APIResources: apiResources}, proj, settingsMgr) + conditions, err := ValidateRepo(context.Background(), app, repoClientSet, db, nil, &kubetest.MockKubectlCmd{Version: kubeVersion, APIResources: apiResources}, proj, settingsMgr) assert.NoError(t, err) assert.Empty(t, conditions) @@ -1183,7 +1183,7 @@ func Test_ParseAppQualifiedName(t *testing.T) { for _, tt := range testcases { t.Run(tt.name, func(t *testing.T) { - appName, appNs := ParseFromQualifiedName(tt.input, tt.implicitNs) + appName, appNs := ParseAppQualifiedName(tt.input, tt.implicitNs) assert.Equal(t, tt.appName, appName) assert.Equal(t, tt.appNs, appNs) }) @@ -1207,7 +1207,7 @@ func Test_ParseAppInstanceName(t *testing.T) { for _, tt := range testcases { t.Run(tt.name, func(t *testing.T) { - appName, appNs := ParseInstanceName(tt.input, tt.implicitNs) + appName, appNs := ParseAppInstanceName(tt.input, tt.implicitNs) assert.Equal(t, tt.appName, appName) assert.Equal(t, tt.appNs, appNs) }) @@ -1251,7 +1251,7 @@ func Test_AppInstanceNameFromQualified(t *testing.T) { for _, tt := range testcases { t.Run(tt.name, func(t *testing.T) { - result := InstanceNameFromQualified(tt.appName, tt.defaultNs) + result := AppInstanceNameFromQualified(tt.appName, tt.defaultNs) assert.Equal(t, tt.result, result) }) } @@ -1278,7 +1278,7 @@ func Test_GetRefSources(t *testing.T) { {RepoURL: fmt.Sprintf("file://%s", repoPath)}, }) - refSources, err := GetRefSources(context.Background(), *argoSpec, repoDB) + refSources, err := GetRefSources(context.TODO(), *argoSpec, repoDB) expectedRefSource := argoappv1.RefTargetRevisionMapping{ "$source-1_2": &argoappv1.RefTarget{ @@ -1298,7 +1298,7 @@ func Test_GetRefSources(t *testing.T) { {RepoURL: "file://does-not-exist", Ref: "source1"}, }) - refSources, err := GetRefSources(context.Background(), *argoSpec, repoDB) + refSources, err := GetRefSources(context.TODO(), *argoSpec, repoDB) assert.Error(t, err) assert.Empty(t, refSources) diff --git a/util/argo/diff/diff.go b/util/argo/diff/diff.go index 9b104719c5616..6f32084dadce3 100644 --- a/util/argo/diff/diff.go +++ b/util/argo/diff/diff.go @@ -5,12 +5,11 @@ import ( "github.com/go-logr/logr" - k8smanagedfields "k8s.io/apimachinery/pkg/util/managedfields" - "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/util/argo" "github.com/argoproj/argo-cd/v2/util/argo/managedfields" appstatecache "github.com/argoproj/argo-cd/v2/util/cache/appstate" + k8smanagedfields "k8s.io/apimachinery/pkg/util/managedfields" "github.com/argoproj/gitops-engine/pkg/diff" "github.com/argoproj/gitops-engine/pkg/utils/kube" @@ -240,12 +239,12 @@ func StateDiff(live, config *unstructured.Unstructured, diffConfig DiffConfig) ( func StateDiffs(lives, configs []*unstructured.Unstructured, diffConfig DiffConfig) (*diff.DiffResultList, error) { normResults, err := preDiffNormalize(lives, configs, diffConfig) if err != nil { - return nil, fmt.Errorf("failed to perform pre-diff normalization: %w", err) + return nil, err } diffNormalizer, err := newDiffNormalizer(diffConfig.Ignores(), diffConfig.Overrides()) if err != nil { - return nil, fmt.Errorf("failed to create diff normalizer: %w", err) + return nil, err } diffOpts := []diff.Option{ @@ -262,17 +261,9 @@ func StateDiffs(lives, configs []*unstructured.Unstructured, diffConfig DiffConf useCache, cachedDiff := diffConfig.DiffFromCache(diffConfig.AppName()) if useCache && cachedDiff != nil { - cached, err := diffArrayCached(normResults.Targets, normResults.Lives, cachedDiff, diffOpts...) - if err != nil { - return nil, fmt.Errorf("failed to calculate diff from cache: %w", err) - } - return cached, nil - } - array, err := diff.DiffArray(normResults.Targets, normResults.Lives, diffOpts...) - if err != nil { - return nil, fmt.Errorf("failed to calculate diff: %w", err) + return diffArrayCached(normResults.Targets, normResults.Lives, cachedDiff, diffOpts...) } - return array, nil + return diff.DiffArray(normResults.Targets, normResults.Lives, diffOpts...) } func diffArrayCached(configArray []*unstructured.Unstructured, liveArray []*unstructured.Unstructured, cachedDiff []*v1alpha1.ResourceDiff, opts ...diff.Option) (*diff.DiffResultList, error) { diff --git a/util/argo/managedfields/managed_fields_test.go b/util/argo/managedfields/managed_fields_test.go index 1085c66a3dab3..60b475198d5cc 100644 --- a/util/argo/managedfields/managed_fields_test.go +++ b/util/argo/managedfields/managed_fields_test.go @@ -3,12 +3,12 @@ package managedfields_test import ( "testing" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" arv1 "k8s.io/api/admissionregistration/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/util/argo/managedfields" "github.com/argoproj/argo-cd/v2/util/argo/testdata" diff --git a/util/argo/normalizers/diff_normalizer.go b/util/argo/normalizers/diff_normalizer.go index 6eae329d186d8..5347944ecc198 100644 --- a/util/argo/normalizers/diff_normalizer.go +++ b/util/argo/normalizers/diff_normalizer.go @@ -3,7 +3,6 @@ package normalizers import ( "encoding/json" "fmt" - "strings" "github.com/argoproj/gitops-engine/pkg/diff" jsonpatch "github.com/evanphx/json-patch" @@ -180,9 +179,7 @@ func (n *ignoreNormalizer) Normalize(un *unstructured.Unstructured) error { for _, patch := range matched { patchedDocData, err := patch.Apply(docData) if err != nil { - if shouldLogError(err) { - log.Debugf("Failed to apply normalization: %v", err) - } + log.Debugf("Failed to apply normalization: %v", err) continue } docData = patchedDocData @@ -194,13 +191,3 @@ func (n *ignoreNormalizer) Normalize(un *unstructured.Unstructured) error { } return nil } - -func shouldLogError(e error) bool { - if strings.Contains(e.Error(), "Unable to remove nonexistent key") { - return false - } - if strings.Contains(e.Error(), "remove operation does not apply: doc is missing path") { - return false - } - return true -} diff --git a/util/argo/normalizers/diff_normalizer_test.go b/util/argo/normalizers/diff_normalizer_test.go index 99f0ec3ff9db3..f872ca367cc29 100644 --- a/util/argo/normalizers/diff_normalizer_test.go +++ b/util/argo/normalizers/diff_normalizer_test.go @@ -1,13 +1,11 @@ package normalizers import ( - "encoding/json" - "fmt" "testing" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/test" @@ -221,34 +219,3 @@ func TestNormalizeJQPathExpressionWithError(t *testing.T) { assert.Nil(t, err) assert.Equal(t, originalDeployment, normalizedDeployment) } - -func TestNormalizeExpectedErrorAreSilenced(t *testing.T) { - normalizer, err := NewIgnoreNormalizer([]v1alpha1.ResourceIgnoreDifferences{}, map[string]v1alpha1.ResourceOverride{ - "*/*": { - IgnoreDifferences: v1alpha1.OverrideIgnoreDiff{ - JSONPointers: []string{"/invalid", "/invalid/json/path"}, - }, - }, - }) - assert.Nil(t, err) - - ignoreNormalizer := normalizer.(*ignoreNormalizer) - assert.Len(t, ignoreNormalizer.patches, 2) - jsonPatch := ignoreNormalizer.patches[0] - jqPatch := ignoreNormalizer.patches[1] - - deployment := test.NewDeployment() - deploymentData, err := json.Marshal(deployment) - assert.Nil(t, err) - - // Error: "error in remove for path: '/invalid': Unable to remove nonexistent key: invalid: missing value" - _, err = jsonPatch.Apply(deploymentData) - assert.False(t, shouldLogError(err)) - - // Error: "remove operation does not apply: doc is missing path: \"/invalid/json/path\": missing value" - _, err = jqPatch.Apply(deploymentData) - assert.False(t, shouldLogError(err)) - - assert.True(t, shouldLogError(fmt.Errorf("An error that should not be ignored"))) - -} diff --git a/util/argo/normalizers/knowntypes_normalizer_test.go b/util/argo/normalizers/knowntypes_normalizer_test.go index 57e436195f890..b6151d67f1005 100644 --- a/util/argo/normalizers/knowntypes_normalizer_test.go +++ b/util/argo/normalizers/knowntypes_normalizer_test.go @@ -10,10 +10,10 @@ import ( "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/pkg/errors" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" - "sigs.k8s.io/yaml" ) const ( @@ -33,7 +33,7 @@ spec: volumeMounts: - name: config-volume mountPath: /etc/config - readOnly: false + readOnly: false resources: requests: cpu: 2000m @@ -158,7 +158,7 @@ spec: volumeMounts: - name: config-volume mountPath: /etc/config - readOnly: false + readOnly: false resources: requests: cpu: 2000m diff --git a/util/argo/resource_tracking.go b/util/argo/resource_tracking.go index a0ec6b302a9aa..53659115e8b10 100644 --- a/util/argo/resource_tracking.go +++ b/util/argo/resource_tracking.go @@ -4,13 +4,12 @@ import ( "fmt" "strings" - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/util/kube" argokube "github.com/argoproj/argo-cd/v2/util/kube" "github.com/argoproj/argo-cd/v2/util/settings" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" ) const ( @@ -32,7 +31,7 @@ type ResourceTracking interface { Normalize(config, live *unstructured.Unstructured, labelKey, trackingMethod string) error } -// AppInstanceValue store information about resource tracking info +//AppInstanceValue store information about resource tracking info type AppInstanceValue struct { ApplicationName string Group string @@ -62,10 +61,7 @@ func IsOldTrackingMethod(trackingMethod string) bool { } func (rt *resourceTracking) getAppInstanceValue(un *unstructured.Unstructured, key string, trackingMethod v1alpha1.TrackingMethod) *AppInstanceValue { - appInstanceAnnotation, err := argokube.GetAppInstanceAnnotation(un, common.AnnotationKeyAppInstance) - if err != nil { - return nil - } + appInstanceAnnotation := argokube.GetAppInstanceAnnotation(un, common.AnnotationKeyAppInstance) value, err := rt.ParseAppInstanceValue(appInstanceAnnotation) if err != nil { return nil @@ -84,21 +80,13 @@ func (rt *resourceTracking) GetAppName(un *unstructured.Unstructured, key string } switch trackingMethod { case TrackingMethodLabel: - label, err := argokube.GetAppInstanceLabel(un, key) - if err != nil { - return "" - } - return label + return argokube.GetAppInstanceLabel(un, key) case TrackingMethodAnnotationAndLabel: return retrieveAppInstanceValue() case TrackingMethodAnnotation: return retrieveAppInstanceValue() default: - label, err := argokube.GetAppInstanceLabel(un, key) - if err != nil { - return "" - } - return label + return argokube.GetAppInstanceLabel(un, key) } } @@ -141,11 +129,7 @@ func (rt *resourceTracking) SetAppInstance(un *unstructured.Unstructured, key, v } switch trackingMethod { case TrackingMethodLabel: - err := argokube.SetAppInstanceLabel(un, key, val) - if err != nil { - return fmt.Errorf("failed to set app instance label: %w", err) - } - return nil + return argokube.SetAppInstanceLabel(un, key, val) case TrackingMethodAnnotation: return setAppInstanceAnnotation() case TrackingMethodAnnotationAndLabel: @@ -156,26 +140,18 @@ func (rt *resourceTracking) SetAppInstance(un *unstructured.Unstructured, key, v if len(val) > LabelMaxLength { val = val[:LabelMaxLength] } - err = argokube.SetAppInstanceLabel(un, key, val) - if err != nil { - return fmt.Errorf("failed to set app instance label: %w", err) - } - return nil + return argokube.SetAppInstanceLabel(un, key, val) default: - err := argokube.SetAppInstanceLabel(un, key, val) - if err != nil { - return fmt.Errorf("failed to set app instance label: %w", err) - } - return nil + return argokube.SetAppInstanceLabel(un, key, val) } } -// BuildAppInstanceValue build resource tracking id in format ;/// +//BuildAppInstanceValue build resource tracking id in format ;/// func (rt *resourceTracking) BuildAppInstanceValue(value AppInstanceValue) string { return fmt.Sprintf("%s:%s/%s:%s/%s", value.ApplicationName, value.Group, value.Kind, value.Namespace, value.Name) } -// ParseAppInstanceValue parse resource tracking id from format :/:/ to struct +//ParseAppInstanceValue parse resource tracking id from format :/:/ to struct func (rt *resourceTracking) ParseAppInstanceValue(value string) (*AppInstanceValue, error) { var appInstanceValue AppInstanceValue parts := strings.Split(value, ":") @@ -209,32 +185,19 @@ func (rt *resourceTracking) Normalize(config, live *unstructured.Unstructured, l return nil } - label, err := kube.GetAppInstanceLabel(live, labelKey) - if err != nil { - return fmt.Errorf("failed to get app instance label: %w", err) - } + label := kube.GetAppInstanceLabel(live, labelKey) if label == "" { return nil } - annotation, err := argokube.GetAppInstanceAnnotation(config, common.AnnotationKeyAppInstance) - if err != nil { - return err - } - err = argokube.SetAppInstanceAnnotation(live, common.AnnotationKeyAppInstance, annotation) + annotation := argokube.GetAppInstanceAnnotation(config, common.AnnotationKeyAppInstance) + err := argokube.SetAppInstanceAnnotation(live, common.AnnotationKeyAppInstance, annotation) if err != nil { return err } - label, err = argokube.GetAppInstanceLabel(config, labelKey) - if err != nil { - return fmt.Errorf("failed to get app instance label: %w", err) - } - if label == "" { - err = argokube.RemoveLabel(live, labelKey) - if err != nil { - return fmt.Errorf("failed to remove app instance label: %w", err) - } + if argokube.GetAppInstanceLabel(config, labelKey) == "" { + argokube.RemoveLabel(live, labelKey) } return nil diff --git a/util/argo/resource_tracking_test.go b/util/argo/resource_tracking_test.go index 36f94747ffd78..e737e831fb255 100644 --- a/util/argo/resource_tracking_test.go +++ b/util/argo/resource_tracking_test.go @@ -136,8 +136,7 @@ func TestResourceIdNormalizer_Normalize(t *testing.T) { _ = rt.Normalize(configObj, liveObj, common.LabelKeyAppInstance, string(TrackingMethodAnnotation)) // the normalization should affect add the new style annotation and drop old tracking label from live object - annotation, err := kube.GetAppInstanceAnnotation(configObj, common.AnnotationKeyAppInstance) - assert.Nil(t, err) + annotation := kube.GetAppInstanceAnnotation(configObj, common.AnnotationKeyAppInstance) assert.Equal(t, liveObj.GetAnnotations()[common.AnnotationKeyAppInstance], annotation) _, hasOldLabel := liveObj.GetLabels()[common.LabelKeyAppInstance] assert.False(t, hasOldLabel) @@ -161,8 +160,7 @@ func TestResourceIdNormalizer_Normalize_ConfigHasOldLabel(t *testing.T) { _ = rt.Normalize(configObj, liveObj, common.LabelKeyAppInstance, string(TrackingMethodAnnotation)) // the normalization should affect add the new style annotation and drop old tracking label from live object - annotation, err := kube.GetAppInstanceAnnotation(configObj, common.AnnotationKeyAppInstance) - assert.Nil(t, err) + annotation := kube.GetAppInstanceAnnotation(configObj, common.AnnotationKeyAppInstance) assert.Equal(t, liveObj.GetAnnotations()[common.AnnotationKeyAppInstance], annotation) _, hasOldLabel := liveObj.GetLabels()[common.LabelKeyAppInstance] assert.True(t, hasOldLabel) diff --git a/util/cache/cache.go b/util/cache/cache.go index fdea46cdea0d2..cdc4258ea6471 100644 --- a/util/cache/cache.go +++ b/util/cache/cache.go @@ -96,7 +96,7 @@ func AddCacheFlagsToCmd(cmd *cobra.Command, opts ...func(client *redis.Client)) cmd.Flags().StringVar(&redisClientKey, "redis-client-key", "", "Path to Redis client key (e.g. /etc/certs/redis/client.crt).") cmd.Flags().BoolVar(&insecureRedis, "redis-insecure-skip-tls-verify", false, "Skip Redis server certificate validation.") cmd.Flags().StringVar(&redisCACertificate, "redis-ca-certificate", "", "Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation.") - cmd.Flags().StringVar(&compressionStr, "redis-compress", env.StringFromEnv("REDIS_COMPRESSION", string(RedisCompressionGZip)), "Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none)") + cmd.Flags().StringVar(&compressionStr, "redis-compress", env.StringFromEnv("REDIS_COMPRESSION", string(RedisCompressionNone)), "Enable compression for data sent to Redis with the required compression algorithm. (possible values: none, gzip)") return func() (*Cache, error) { var tlsConfig *tls.Config = nil if redisUseTLS { diff --git a/util/cert/cert_test.go b/util/cert/cert_test.go index e7963f54cde56..8411bb050b5b8 100644 --- a/util/cert/cert_test.go +++ b/util/cert/cert_test.go @@ -441,29 +441,31 @@ func Test_EscapeBracketPattern(t *testing.T) { func TestGetTLSCertificateDataPath(t *testing.T) { t.Run("Get default path", func(t *testing.T) { - t.Setenv(common.EnvVarTLSDataPath, "") + os.Setenv(common.EnvVarTLSDataPath, "") path := GetTLSCertificateDataPath() assert.Equal(t, common.DefaultPathTLSConfig, path) }) t.Run("Get custom path", func(t *testing.T) { - t.Setenv(common.EnvVarTLSDataPath, "/some/where") + os.Setenv(common.EnvVarTLSDataPath, "/some/where") path := GetTLSCertificateDataPath() assert.Equal(t, "/some/where", path) + os.Setenv(common.EnvVarTLSDataPath, "") }) } func TestGetSSHKnownHostsDataPath(t *testing.T) { t.Run("Get default path", func(t *testing.T) { - t.Setenv(common.EnvVarSSHDataPath, "") + os.Setenv(common.EnvVarSSHDataPath, "") p := GetSSHKnownHostsDataPath() assert.Equal(t, path.Join(common.DefaultPathSSHConfig, "ssh_known_hosts"), p) }) t.Run("Get custom path", func(t *testing.T) { - t.Setenv(common.EnvVarSSHDataPath, "/some/where") + os.Setenv(common.EnvVarSSHDataPath, "/some/where") path := GetSSHKnownHostsDataPath() assert.Equal(t, "/some/where/ssh_known_hosts", path) + os.Setenv(common.EnvVarSSHDataPath, "") }) } @@ -478,7 +480,7 @@ func TestGetCertificateForConnect(t *testing.T) { if err != nil { panic(err) } - t.Setenv(common.EnvVarTLSDataPath, temppath) + os.Setenv(common.EnvVarTLSDataPath, temppath) certs, err := GetCertificateForConnect("127.0.0.1") assert.NoError(t, err) assert.Len(t, certs, 1) @@ -486,7 +488,7 @@ func TestGetCertificateForConnect(t *testing.T) { t.Run("No cert found", func(t *testing.T) { temppath := t.TempDir() - t.Setenv(common.EnvVarTLSDataPath, temppath) + os.Setenv(common.EnvVarTLSDataPath, temppath) certs, err := GetCertificateForConnect("127.0.0.1") assert.NoError(t, err) assert.Len(t, certs, 0) @@ -498,7 +500,7 @@ func TestGetCertificateForConnect(t *testing.T) { if err != nil { panic(err) } - t.Setenv(common.EnvVarTLSDataPath, temppath) + os.Setenv(common.EnvVarTLSDataPath, temppath) certs, err := GetCertificateForConnect("127.0.0.1") assert.Error(t, err) assert.Len(t, certs, 0) @@ -518,7 +520,7 @@ func TestGetCertBundlePathForRepository(t *testing.T) { if err != nil { panic(err) } - t.Setenv(common.EnvVarTLSDataPath, temppath) + os.Setenv(common.EnvVarTLSDataPath, temppath) certpath, err := GetCertBundlePathForRepository("127.0.0.1") assert.NoError(t, err) assert.Equal(t, certpath, path.Join(temppath, "127.0.0.1")) @@ -526,7 +528,7 @@ func TestGetCertBundlePathForRepository(t *testing.T) { t.Run("No cert found", func(t *testing.T) { temppath := t.TempDir() - t.Setenv(common.EnvVarTLSDataPath, temppath) + os.Setenv(common.EnvVarTLSDataPath, temppath) certpath, err := GetCertBundlePathForRepository("127.0.0.1") assert.NoError(t, err) assert.Empty(t, certpath) @@ -538,7 +540,7 @@ func TestGetCertBundlePathForRepository(t *testing.T) { if err != nil { panic(err) } - t.Setenv(common.EnvVarTLSDataPath, temppath) + os.Setenv(common.EnvVarTLSDataPath, temppath) certpath, err := GetCertBundlePathForRepository("127.0.0.1") assert.NoError(t, err) assert.Empty(t, certpath) diff --git a/util/cli/cli.go b/util/cli/cli.go index d6baf1395dc64..a91a6fdd7e21b 100644 --- a/util/cli/cli.go +++ b/util/cli/cli.go @@ -52,9 +52,6 @@ func NewVersionCmd(cliName string) *cobra.Command { fmt.Printf(" GoVersion: %s\n", version.GoVersion) fmt.Printf(" Compiler: %s\n", version.Compiler) fmt.Printf(" Platform: %s\n", version.Platform) - if version.ExtraBuildInfo != "" { - fmt.Printf(" ExtraBuildInfo: %s\n", version.ExtraBuildInfo) - } }, } versionCmd.Flags().BoolVar(&short, "short", false, "print just the version number") diff --git a/util/clusterauth/clusterauth_test.go b/util/clusterauth/clusterauth_test.go index 6fade94247654..390c28fb887b8 100644 --- a/util/clusterauth/clusterauth_test.go +++ b/util/clusterauth/clusterauth_test.go @@ -7,6 +7,7 @@ import ( "time" "github.com/argoproj/argo-cd/v2/util/errors" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" corev1 "k8s.io/api/core/v1" apierr "k8s.io/apimachinery/pkg/api/errors" @@ -16,7 +17,6 @@ import ( "k8s.io/apiserver/pkg/storage/names" "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" - "sigs.k8s.io/yaml" ) const ( diff --git a/util/config/env_test.go b/util/config/env_test.go index c19961813a457..2456f8b06cde4 100644 --- a/util/config/env_test.go +++ b/util/config/env_test.go @@ -1,18 +1,18 @@ package config import ( + "os" "testing" "github.com/stretchr/testify/assert" ) func loadOpts(t *testing.T, opts string) { - t.Setenv("ARGOCD_OPTS", opts) + assert.Nil(t, os.Setenv("ARGOCD_OPTS", opts)) assert.Nil(t, loadFlags()) } - func loadInvalidOpts(t *testing.T, opts string) { - t.Setenv("ARGOCD_OPTS", opts) + assert.Nil(t, os.Setenv("ARGOCD_OPTS", opts)) assert.Error(t, loadFlags()) } @@ -41,7 +41,6 @@ func TestBoolFlagAtStart(t *testing.T) { assert.True(t, GetBoolFlag("foo")) } - func TestBoolFlagInMiddle(t *testing.T) { loadOpts(t, "--bar baz --foo --qux") @@ -77,7 +76,6 @@ func TestFlagWithSingleQuotes(t *testing.T) { assert.Equal(t, "bar baz", GetFlag("foo", "")) } - func TestFlagWithDoubleQuotes(t *testing.T) { loadOpts(t, "--foo \"bar baz\"") diff --git a/util/config/reader.go b/util/config/reader.go index 61df13b0a395e..d780df90bc8af 100644 --- a/util/config/reader.go +++ b/util/config/reader.go @@ -6,7 +6,7 @@ import ( "net/http" "os" - "sigs.k8s.io/yaml" + "github.com/ghodss/yaml" ) // UnmarshalReader is used to read manifests from stdin @@ -30,7 +30,13 @@ func unmarshalObject(data []byte, obj interface{}) error { if err != nil { return err } - return json.Unmarshal(jsonData, &obj) + + err = json.Unmarshal(jsonData, &obj) + if err != nil { + return err + } + + return err } // MarshalLocalYAMLFile writes JSON or YAML to a file on disk. diff --git a/util/db/certificate.go b/util/db/certificate.go index 4a0b56540b1c5..5ca93a3da40a5 100644 --- a/util/db/certificate.go +++ b/util/db/certificate.go @@ -52,9 +52,10 @@ type CertificateListSelector struct { // the certificates, and only returns the metadata including CertInfo field. // // The CertInfo field in the returned entries will contain the following data: -// - For SSH keys, the SHA256 fingerprint of the key as string, prepended by -// the string "SHA256:" -// - For TLS certs, the Subject of the X509 cert as a string in DN notation +// - For SSH keys, the SHA256 fingerprint of the key as string, prepended by +// the string "SHA256:" +// - For TLS certs, the Subject of the X509 cert as a string in DN notation +// func (db *db) ListRepoCertificates(ctx context.Context, selector *CertificateListSelector) (*appsv1.RepositoryCertificateList, error) { // selector may be given as nil, but we need at least an empty data structure diff --git a/util/db/gpgkeys_test.go b/util/db/gpgkeys_test.go index c6377c75124ee..df33ee1aecd0e 100644 --- a/util/db/gpgkeys_test.go +++ b/util/db/gpgkeys_test.go @@ -258,8 +258,8 @@ func Test_AddGPGPublicKey(t *testing.T) { func Test_DeleteGPGPublicKey(t *testing.T) { defer os.Setenv("GNUPGHOME", "") - - t.Run("good case", func(t *testing.T) { + // Good case + { clientset := getGPGKeysClientset(gpgCMMultiGoodPubkey) settings := settings.NewSettingsManager(context.Background(), clientset, testNamespace) db := NewDB(testNamespace, settings, clientset) @@ -289,9 +289,10 @@ func Test_DeleteGPGPublicKey(t *testing.T) { n, err = db.ListConfiguredGPGPublicKeys(context.Background()) assert.NoError(t, err) assert.Len(t, n, 0) - }) - t.Run("bad case - empty ConfigMap", func(t *testing.T) { + } + // Bad case - empty ConfigMap + { clientset := getGPGKeysClientset(gpgCMEmpty) settings := settings.NewSettingsManager(context.Background(), clientset, testNamespace) db := NewDB(testNamespace, settings, clientset) @@ -299,5 +300,5 @@ func Test_DeleteGPGPublicKey(t *testing.T) { // Key should be removed err := db.DeleteGPGPublicKey(context.Background(), "F7842A5CEAA9C0B1") assert.Error(t, err) - }) + } } diff --git a/util/db/helmrepository.go b/util/db/helmrepository.go index 8659e170d48ef..f369ef3da6bc5 100644 --- a/util/db/helmrepository.go +++ b/util/db/helmrepository.go @@ -2,7 +2,6 @@ package db import ( "context" - "fmt" "strings" "google.golang.org/grpc/codes" @@ -36,32 +35,32 @@ func (db *db) getHelmRepo(repoURL string, helmRepositories []settings.HelmRepoCr Name: repoInfo.Name, } err := db.unmarshalFromSecretsStr(map[*SecretMaperValidation]*v1.SecretKeySelector{ - {Dest: &repo.Username, Transform: StripCRLFCharacter}: repoInfo.UsernameSecret, - {Dest: &repo.Password, Transform: StripCRLFCharacter}: repoInfo.PasswordSecret, - {Dest: &repo.TLSClientCertData, Transform: StripCRLFCharacter}: repoInfo.CertSecret, - {Dest: &repo.TLSClientCertKey, Transform: StripCRLFCharacter}: repoInfo.KeySecret, + &SecretMaperValidation{Dest: &repo.Username, Transform: StripCRLFCharacter}: repoInfo.UsernameSecret, + &SecretMaperValidation{Dest: &repo.Password, Transform: StripCRLFCharacter}: repoInfo.PasswordSecret, + &SecretMaperValidation{Dest: &repo.TLSClientCertData, Transform: StripCRLFCharacter}: repoInfo.CertSecret, + &SecretMaperValidation{Dest: &repo.TLSClientCertKey, Transform: StripCRLFCharacter}: repoInfo.KeySecret, }, make(map[string]*v1.Secret)) return repo, err } -// ListHelmRepositories lists configured helm repositories +// ListHelmRepoURLs lists configured helm repositories func (db *db) ListHelmRepositories(ctx context.Context) ([]*v1alpha1.Repository, error) { helmRepositories, err := db.settingsMgr.GetHelmRepositories() if err != nil { - return nil, fmt.Errorf("failed to get list of Helm repositories from settings manager: %w", err) + return nil, err } result := make([]*v1alpha1.Repository, len(helmRepositories)) for i, helmRepoInfo := range helmRepositories { repo, err := db.getHelmRepo(helmRepoInfo.URL, helmRepositories) if err != nil { - return nil, fmt.Errorf("failed to get Helm repository %q: %w", helmRepoInfo.URL, err) + return nil, err } result[i] = repo } repos, err := db.listRepositories(ctx, pointer.StringPtr("helm")) if err != nil { - return nil, fmt.Errorf("failed to list Helm repositories: %w", err) + return nil, err } result = append(result, v1alpha1.Repositories(repos).Filter(func(r *v1alpha1.Repository) bool { return r.Type == "helm" && r.Name != "" diff --git a/util/db/repository.go b/util/db/repository.go index 552baa3a7a61e..8fbff4ffbe76f 100644 --- a/util/db/repository.go +++ b/util/db/repository.go @@ -78,11 +78,11 @@ func (db *db) CreateRepository(ctx context.Context, r *appsv1.Repository) (*apps func (db *db) GetRepository(ctx context.Context, repoURL string) (*appsv1.Repository, error) { repository, err := db.getRepository(ctx, repoURL) if err != nil { - return repository, fmt.Errorf("unable to get repository %q: %v", repoURL, err) + return repository, err } if err := db.enrichCredsToRepo(ctx, repository); err != nil { - return repository, fmt.Errorf("unable to enrich repository %q info with credentials: %v", repoURL, err) + return repository, err } return repository, err @@ -123,25 +123,17 @@ func (db *db) getRepository(ctx context.Context, repoURL string) (*appsv1.Reposi secretsBackend := db.repoBackend() exists, err := secretsBackend.RepositoryExists(ctx, repoURL) if err != nil { - return nil, fmt.Errorf("unable to check if repository %q exists from secrets backend: %v", repoURL, err) + return nil, err } else if exists { - repository, err := secretsBackend.GetRepository(ctx, repoURL) - if err != nil { - return nil, fmt.Errorf("unable to get repository %q from secrets backend: %v", repoURL, err) - } - return repository, nil + return secretsBackend.GetRepository(ctx, repoURL) } legacyBackend := db.legacyRepoBackend() exists, err = legacyBackend.RepositoryExists(ctx, repoURL) if err != nil { - return nil, fmt.Errorf("unable to check if repository %q exists from legacy backend: %v", repoURL, err) + return nil, err } else if exists { - repository, err := legacyBackend.GetRepository(ctx, repoURL) - if err != nil { - return nil, fmt.Errorf("unable to get repository %q from legacy backend: %v", repoURL, err) - } - return repository, nil + return legacyBackend.GetRepository(ctx, repoURL) } return &appsv1.Repository{Repo: repoURL}, nil @@ -237,25 +229,17 @@ func (db *db) GetRepositoryCredentials(ctx context.Context, repoURL string) (*ap secretsBackend := db.repoBackend() exists, err := secretsBackend.RepoCredsExists(ctx, repoURL) if err != nil { - return nil, fmt.Errorf("unable to check if repository credentials for %q exists from secrets backend: %w", repoURL, err) + return nil, err } else if exists { - creds, err := secretsBackend.GetRepoCreds(ctx, repoURL) - if err != nil { - return nil, fmt.Errorf("unable to get repository credentials for %q from secrets backend: %w", repoURL, err) - } - return creds, nil + return secretsBackend.GetRepoCreds(ctx, repoURL) } legacyBackend := db.legacyRepoBackend() exists, err = legacyBackend.RepoCredsExists(ctx, repoURL) if err != nil { - return nil, fmt.Errorf("unable to check if repository credentials for %q exists from legacy backend: %w", repoURL, err) + return nil, err } else if exists { - creds, err := legacyBackend.GetRepoCreds(ctx, repoURL) - if err != nil { - return nil, fmt.Errorf("unable to get repository credentials for %q from legacy backend: %w", repoURL, err) - } - return creds, nil + return legacyBackend.GetRepoCreds(ctx, repoURL) } return nil, nil @@ -268,12 +252,12 @@ func (db *db) GetAllHelmRepositoryCredentials(ctx context.Context) ([]*appsv1.Re secretRepoCreds, err := db.repoBackend().GetAllHelmRepoCreds(ctx) if err != nil { - return nil, fmt.Errorf("failed to get all Helm repo creds: %w", err) + return nil, err } legacyRepoCreds, err := db.legacyRepoBackend().GetAllHelmRepoCreds(ctx) if err != nil { - return nil, fmt.Errorf("failed to get all legacy Helm repo creds: %w", err) + return nil, err } return append(secretRepoCreds, legacyRepoCreds...), nil @@ -369,7 +353,7 @@ func (db *db) enrichCredsToRepo(ctx context.Context, repository *appsv1.Reposito repository.InheritedCreds = true } } else { - return fmt.Errorf("failed to get repository credentials for %q: %w", repository.Repo, err) + return err } } else { log.Debugf("%s has credentials", repository.Repo) diff --git a/util/db/repository_legacy.go b/util/db/repository_legacy.go index e25fe873c7511..814ff77d73d55 100644 --- a/util/db/repository_legacy.go +++ b/util/db/repository_legacy.go @@ -1,10 +1,9 @@ package db import ( - "context" - "fmt" "strings" + "context" log "github.com/sirupsen/logrus" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" @@ -36,7 +35,7 @@ func (l *legacyRepositoryBackend) CreateRepository(ctx context.Context, r *appsv func (l *legacyRepositoryBackend) GetRepository(ctx context.Context, repoURL string) (*appsv1.Repository, error) { repository, err := l.tryGetRepository(repoURL) if err != nil { - return nil, fmt.Errorf("unable to get repository: %w", err) + return nil, err } return repository, nil } @@ -130,7 +129,7 @@ func (l *legacyRepositoryBackend) DeleteRepository(ctx context.Context, repoURL func (l *legacyRepositoryBackend) RepositoryExists(ctx context.Context, repoURL string) (bool, error) { repos, err := l.db.settingsMgr.GetRepositories() if err != nil { - return false, fmt.Errorf("unable to get repositories: %w", err) + return false, err } index := l.getRepositoryIndex(repos, repoURL) @@ -388,13 +387,13 @@ func (l *legacyRepositoryBackend) credentialsToRepository(repoInfo settings.Repo Proxy: repoInfo.Proxy, } err := l.db.unmarshalFromSecretsStr(map[*SecretMaperValidation]*apiv1.SecretKeySelector{ - {Dest: &repo.Username, Transform: StripCRLFCharacter}: repoInfo.UsernameSecret, - {Dest: &repo.Password, Transform: StripCRLFCharacter}: repoInfo.PasswordSecret, - {Dest: &repo.SSHPrivateKey, Transform: StripCRLFCharacter}: repoInfo.SSHPrivateKeySecret, - {Dest: &repo.TLSClientCertData, Transform: StripCRLFCharacter}: repoInfo.TLSClientCertDataSecret, - {Dest: &repo.TLSClientCertKey, Transform: StripCRLFCharacter}: repoInfo.TLSClientCertKeySecret, - {Dest: &repo.GithubAppPrivateKey, Transform: StripCRLFCharacter}: repoInfo.GithubAppPrivateKeySecret, - {Dest: &repo.GCPServiceAccountKey, Transform: StripCRLFCharacter}: repoInfo.GCPServiceAccountKey, + &SecretMaperValidation{Dest: &repo.Username, Transform: StripCRLFCharacter}: repoInfo.UsernameSecret, + &SecretMaperValidation{Dest: &repo.Password, Transform: StripCRLFCharacter}: repoInfo.PasswordSecret, + &SecretMaperValidation{Dest: &repo.SSHPrivateKey, Transform: StripCRLFCharacter}: repoInfo.SSHPrivateKeySecret, + &SecretMaperValidation{Dest: &repo.TLSClientCertData, Transform: StripCRLFCharacter}: repoInfo.TLSClientCertDataSecret, + &SecretMaperValidation{Dest: &repo.TLSClientCertKey, Transform: StripCRLFCharacter}: repoInfo.TLSClientCertKeySecret, + &SecretMaperValidation{Dest: &repo.GithubAppPrivateKey, Transform: StripCRLFCharacter}: repoInfo.GithubAppPrivateKeySecret, + &SecretMaperValidation{Dest: &repo.GCPServiceAccountKey, Transform: StripCRLFCharacter}: repoInfo.GCPServiceAccountKey, }, make(map[string]*apiv1.Secret)) return repo, err } @@ -408,13 +407,13 @@ func (l *legacyRepositoryBackend) credentialsToRepositoryCredentials(repoInfo se EnableOCI: repoInfo.EnableOCI, } err := l.db.unmarshalFromSecretsStr(map[*SecretMaperValidation]*apiv1.SecretKeySelector{ - {Dest: &creds.Username}: repoInfo.UsernameSecret, - {Dest: &creds.Password}: repoInfo.PasswordSecret, - {Dest: &creds.SSHPrivateKey}: repoInfo.SSHPrivateKeySecret, - {Dest: &creds.TLSClientCertData}: repoInfo.TLSClientCertDataSecret, - {Dest: &creds.TLSClientCertKey}: repoInfo.TLSClientCertKeySecret, - {Dest: &creds.GithubAppPrivateKey}: repoInfo.GithubAppPrivateKeySecret, - {Dest: &creds.GCPServiceAccountKey}: repoInfo.GCPServiceAccountKey, + &SecretMaperValidation{Dest: &creds.Username}: repoInfo.UsernameSecret, + &SecretMaperValidation{Dest: &creds.Password}: repoInfo.PasswordSecret, + &SecretMaperValidation{Dest: &creds.SSHPrivateKey}: repoInfo.SSHPrivateKeySecret, + &SecretMaperValidation{Dest: &creds.TLSClientCertData}: repoInfo.TLSClientCertDataSecret, + &SecretMaperValidation{Dest: &creds.TLSClientCertKey}: repoInfo.TLSClientCertKeySecret, + &SecretMaperValidation{Dest: &creds.GithubAppPrivateKey}: repoInfo.GithubAppPrivateKeySecret, + &SecretMaperValidation{Dest: &creds.GCPServiceAccountKey}: repoInfo.GCPServiceAccountKey, }, make(map[string]*apiv1.Secret)) return creds, err } diff --git a/util/db/repository_secrets.go b/util/db/repository_secrets.go index 31152300b0b8b..4bea20c7f6b3f 100644 --- a/util/db/repository_secrets.go +++ b/util/db/repository_secrets.go @@ -171,7 +171,7 @@ func (s *secretsRepositoryBackend) RepositoryExists(ctx context.Context, repoURL return false, nil } - return false, fmt.Errorf("failed to get repository secret for %q: %v", repoURL, err) + return false, err } return secret != nil, nil @@ -457,7 +457,7 @@ func repoCredsToSecret(repoCreds *appsv1.RepoCreds, secret *corev1.Secret) { func (s *secretsRepositoryBackend) getRepositorySecret(repoURL string) (*corev1.Secret, error) { secrets, err := s.db.listSecretsByType(common.LabelValueSecretTypeRepository) if err != nil { - return nil, fmt.Errorf("failed to list repository secrets: %w", err) + return nil, err } for _, secret := range secrets { diff --git a/util/dex/config.go b/util/dex/config.go index 44d853674b19b..7141229429a7b 100644 --- a/util/dex/config.go +++ b/util/dex/config.go @@ -3,26 +3,26 @@ package dex import ( "fmt" - "sigs.k8s.io/yaml" + "github.com/ghodss/yaml" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/util/settings" ) -func GenerateDexConfigYAML(argocdSettings *settings.ArgoCDSettings, disableTls bool) ([]byte, error) { - if !argocdSettings.IsDexConfigured() { +func GenerateDexConfigYAML(settings *settings.ArgoCDSettings, disableTls bool) ([]byte, error) { + if !settings.IsDexConfigured() { return nil, nil } - redirectURL, err := argocdSettings.RedirectURL() + redirectURL, err := settings.RedirectURL() if err != nil { return nil, fmt.Errorf("failed to infer redirect url from config: %v", err) } var dexCfg map[string]interface{} - err = yaml.Unmarshal([]byte(argocdSettings.DexConfig), &dexCfg) + err = yaml.Unmarshal([]byte(settings.DexConfig), &dexCfg) if err != nil { return nil, fmt.Errorf("failed to unmarshal dex.config from configmap: %v", err) } - dexCfg["issuer"] = argocdSettings.IssuerURL() + dexCfg["issuer"] = settings.IssuerURL() dexCfg["storage"] = map[string]interface{}{ "type": "memory", } @@ -58,7 +58,7 @@ func GenerateDexConfigYAML(argocdSettings *settings.ArgoCDSettings, disableTls b argoCDStaticClient := map[string]interface{}{ "id": common.ArgoCDClientAppID, "name": common.ArgoCDClientAppName, - "secret": argocdSettings.DexOAuth2ClientSecret(), + "secret": settings.DexOAuth2ClientSecret(), "redirectURIs": []string{ redirectURL, }, @@ -80,7 +80,7 @@ func GenerateDexConfigYAML(argocdSettings *settings.ArgoCDSettings, disableTls b dexCfg["staticClients"] = []interface{}{argoCDStaticClient, argoCDCLIStaticClient} } - dexRedirectURL, err := argocdSettings.DexRedirectURL() + dexRedirectURL, err := settings.DexRedirectURL() if err != nil { return nil, err } @@ -106,10 +106,46 @@ func GenerateDexConfigYAML(argocdSettings *settings.ArgoCDSettings, disableTls b connectors[i] = connector } dexCfg["connectors"] = connectors - dexCfg = settings.ReplaceMapSecrets(dexCfg, argocdSettings.Secrets) + dexCfg = replaceMapSecrets(dexCfg, settings.Secrets) return yaml.Marshal(dexCfg) } +// replaceMapSecrets takes a json object and recursively looks for any secret key references in the +// object and replaces the value with the secret value +func replaceMapSecrets(obj map[string]interface{}, secretValues map[string]string) map[string]interface{} { + newObj := make(map[string]interface{}) + for k, v := range obj { + switch val := v.(type) { + case map[string]interface{}: + newObj[k] = replaceMapSecrets(val, secretValues) + case []interface{}: + newObj[k] = replaceListSecrets(val, secretValues) + case string: + newObj[k] = settings.ReplaceStringSecret(val, secretValues) + default: + newObj[k] = val + } + } + return newObj +} + +func replaceListSecrets(obj []interface{}, secretValues map[string]string) []interface{} { + newObj := make([]interface{}, len(obj)) + for i, v := range obj { + switch val := v.(type) { + case map[string]interface{}: + newObj[i] = replaceMapSecrets(val, secretValues) + case []interface{}: + newObj[i] = replaceListSecrets(val, secretValues) + case string: + newObj[i] = settings.ReplaceStringSecret(val, secretValues) + default: + newObj[i] = val + } + } + return newObj +} + // needsRedirectURI returns whether or not the given connector type needs a redirectURI // Update this list as necessary, as new connectors are added // https://dexidp.io/docs/connectors/ diff --git a/util/dex/dex.go b/util/dex/dex.go index 3116909a32ee1..71183f5c30d21 100644 --- a/util/dex/dex.go +++ b/util/dex/dex.go @@ -123,7 +123,6 @@ type DexRewriteURLRoundTripper struct { func (s DexRewriteURLRoundTripper) RoundTrip(r *http.Request) (*http.Response, error) { r.URL.Host = s.DexURL.Host r.URL.Scheme = s.DexURL.Scheme - r.Host = s.DexURL.Host return s.T.RoundTrip(r) } diff --git a/util/dex/dex_test.go b/util/dex/dex_test.go index a993db3375cb7..5098cf7e3f5d3 100644 --- a/util/dex/dex_test.go +++ b/util/dex/dex_test.go @@ -9,8 +9,8 @@ import ( "strings" "testing" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" - "sigs.k8s.io/yaml" // "github.com/argoproj/argo-cd/common" "github.com/argoproj/argo-cd/v2/util/settings" @@ -64,7 +64,7 @@ staticClients: name: Argo Workflow redirectURIs: - https://argo/oauth2/callback - secret: $dex.acme.clientSecret + secret: $dex.acme.clientSecret ` var badDexConfig = ` connectors: @@ -429,7 +429,5 @@ func Test_DexReverseProxy(t *testing.T) { assert.NoError(t, err) _, err = rt.RoundTrip(req) assert.NoError(t, err) - target, _ := url.Parse(server.URL) - assert.Equal(t, req.Host, target.Host) }) } diff --git a/util/env/env.go b/util/env/env.go index 1b49a0c322065..dc1549082db10 100644 --- a/util/env/env.go +++ b/util/env/env.go @@ -1,7 +1,6 @@ package env import ( - "math" "os" "strconv" "strings" @@ -22,24 +21,20 @@ func ParseNumFromEnv(env string, defaultValue, min, max int) int { if str == "" { return defaultValue } - num, err := strconv.ParseInt(str, 10, 0) + num, err := strconv.Atoi(str) if err != nil { log.Warnf("Could not parse '%s' as a number from environment %s", str, env) return defaultValue } - if num > math.MaxInt || num < math.MinInt { - log.Warnf("Value in %s is %d is outside of the min and max %d allowed values. Using default %d", env, num, min, defaultValue) - return defaultValue - } - if int(num) < min { + if num < min { log.Warnf("Value in %s is %d, which is less than minimum %d allowed", env, num, min) return defaultValue } - if int(num) > max { + if num > max { log.Warnf("Value in %s is %d, which is greater than maximum %d allowed", env, num, max) return defaultValue } - return int(num) + return num } // Helper function to parse a int64 from an environment variable. Returns a diff --git a/util/exec/exec_test.go b/util/exec/exec_test.go index 0347abf0955e0..4740f6a8e2e54 100644 --- a/util/exec/exec_test.go +++ b/util/exec/exec_test.go @@ -1,6 +1,7 @@ package exec import ( + "os" "os/exec" "regexp" "syscall" @@ -12,12 +13,13 @@ import ( ) func Test_timeout(t *testing.T) { + defer func() { _ = os.Unsetenv("ARGOCD_EXEC_TIMEOUT") }() t.Run("Default", func(t *testing.T) { initTimeout() assert.Equal(t, 90*time.Second, timeout) }) t.Run("Default", func(t *testing.T) { - t.Setenv("ARGOCD_EXEC_TIMEOUT", "1s") + _ = os.Setenv("ARGOCD_EXEC_TIMEOUT", "1s") initTimeout() assert.Equal(t, 1*time.Second, timeout) }) @@ -33,7 +35,7 @@ func TestHideUsernamePassword(t *testing.T) { _, err := RunWithRedactor(exec.Command("helm registry login https://charts.bitnami.com/bitnami", "--username", "foo", "--password", "bar"), nil) assert.NotEmpty(t, err) - redactor := func(text string) string { + var redactor = func(text string) string { return regexp.MustCompile("(--username|--password) [^ ]*").ReplaceAllString(text, "$1 ******") } _, err = RunWithRedactor(exec.Command("helm registry login https://charts.bitnami.com/bitnami", "--username", "foo", "--password", "bar"), redactor) diff --git a/util/git/client.go b/util/git/client.go index 6b8587c0b3660..ebe0b676c8064 100644 --- a/util/git/client.go +++ b/util/git/client.go @@ -17,7 +17,6 @@ import ( "time" argoexec "github.com/argoproj/pkg/exec" - "github.com/bmatcuk/doublestar/v4" "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/config" "github.com/go-git/go-git/v5/plumbing" @@ -67,7 +66,7 @@ type Client interface { Checkout(revision string, submoduleEnabled bool) error LsRefs() (*Refs, error) LsRemote(revision string) (string, error) - LsFiles(path string, enableNewGitFileGlobbing bool) ([]string, error) + LsFiles(path string) ([]string, error) LsLargeFiles() ([]string, error) CommitSHA() (string, error) RevisionMetadata(revision string) (*RevisionMetadata, error) @@ -341,9 +340,9 @@ func (m *nativeGitClient) IsLFSEnabled() bool { func (m *nativeGitClient) fetch(revision string) error { var err error if revision != "" { - err = m.runCredentialedCmd("fetch", "origin", revision, "--tags", "--force", "--prune") + err = m.runCredentialedCmd("git", "fetch", "origin", revision, "--tags", "--force", "--prune") } else { - err = m.runCredentialedCmd("fetch", "origin", "--tags", "--force", "--prune") + err = m.runCredentialedCmd("git", "fetch", "origin", "--tags", "--force", "--prune") } return err } @@ -361,7 +360,7 @@ func (m *nativeGitClient) Fetch(revision string) error { if err == nil && m.IsLFSEnabled() { largeFiles, err := m.LsLargeFiles() if err == nil && len(largeFiles) > 0 { - err = m.runCredentialedCmd("lfs", "fetch", "--all") + err = m.runCredentialedCmd("git", "lfs", "fetch", "--all") if err != nil { return err } @@ -372,44 +371,14 @@ func (m *nativeGitClient) Fetch(revision string) error { } // LsFiles lists the local working tree, including only files that are under source control -func (m *nativeGitClient) LsFiles(path string, enableNewGitFileGlobbing bool) ([]string, error) { - if enableNewGitFileGlobbing { - // This is the new way with safer globbing - err := os.Chdir(m.root) - if err != nil { - return nil, err - } - all_files, err := doublestar.FilepathGlob(path) - if err != nil { - return nil, err - } - var files []string - for _, file := range all_files { - link, err := filepath.EvalSymlinks(file) - if err != nil { - return nil, err - } - absPath, err := filepath.Abs(link) - if err != nil { - return nil, err - } - if strings.HasPrefix(absPath, m.root) { - files = append(files, file) - } else { - log.Warnf("Absolute path for %s is outside of repository, removing it", file) - } - } - return files, nil - } else { - // This is the old and default way - out, err := m.runCmd("ls-files", "--full-name", "-z", "--", path) - if err != nil { - return nil, err - } - // remove last element, which is blank regardless of whether we're using nullbyte or newline - ss := strings.Split(out, "\000") - return ss[:len(ss)-1], nil +func (m *nativeGitClient) LsFiles(path string) ([]string, error) { + out, err := m.runCmd("ls-files", "--full-name", "-z", "--", path) + if err != nil { + return nil, err } + // remove last element, which is blank regardless of whether we're using nullbyte or newline + ss := strings.Split(out, "\000") + return ss[:len(ss)-1], nil } // LsLargeFiles lists all files that have references to LFS storage @@ -424,10 +393,10 @@ func (m *nativeGitClient) LsLargeFiles() ([]string, error) { // Submodule embed other repositories into this repository func (m *nativeGitClient) Submodule() error { - if err := m.runCredentialedCmd("submodule", "sync", "--recursive"); err != nil { + if err := m.runCredentialedCmd("git", "submodule", "sync", "--recursive"); err != nil { return err } - if err := m.runCredentialedCmd("submodule", "update", "--init", "--recursive"); err != nil { + if err := m.runCredentialedCmd("git", "submodule", "update", "--init", "--recursive"); err != nil { return err } return nil @@ -461,12 +430,7 @@ func (m *nativeGitClient) Checkout(revision string, submoduleEnabled bool) error } } } - // NOTE - // The double “f” in the arguments is not a typo: the first “f” tells - // `git clean` to delete untracked files and directories, and the second “f” - // tells it to clean untractked nested Git repositories (for example a - // submodule which has since been removed). - if _, err := m.runCmd("clean", "-ffdx"); err != nil { + if _, err := m.runCmd("clean", "-fdx"); err != nil { return err } return nil @@ -685,7 +649,7 @@ func (m *nativeGitClient) runCmd(args ...string) (string, error) { // runCredentialedCmd is a convenience function to run a git command with username/password credentials // nolint:unparam -func (m *nativeGitClient) runCredentialedCmd(args ...string) error { +func (m *nativeGitClient) runCredentialedCmd(command string, args ...string) error { closer, environ, err := m.creds.Environ() if err != nil { return err @@ -700,7 +664,7 @@ func (m *nativeGitClient) runCredentialedCmd(args ...string) error { } } - cmd := exec.Command("git", args...) + cmd := exec.Command(command, args...) cmd.Env = append(cmd.Env, environ...) _, err = m.runCmdOutput(cmd, runOpts{}) return err diff --git a/util/git/git.go b/util/git/git.go index d5a8652f7ce90..b925789453b20 100644 --- a/util/git/git.go +++ b/util/git/git.go @@ -14,6 +14,14 @@ func ensurePrefix(s, prefix string) string { return s } +// removeSuffix idempotently removes a given suffix +func removeSuffix(s, suffix string) string { + if strings.HasSuffix(s, suffix) { + return s[0 : len(s)-len(suffix)] + } + return s +} + var ( commitSHARegex = regexp.MustCompile("^[0-9A-Fa-f]{40}$") sshURLRegex = regexp.MustCompile("^(ssh://)?([^/:]*?)@[^@]+$") @@ -54,7 +62,7 @@ func NormalizeGitURL(repo string) string { repo = ensurePrefix(repo, "ssh://") } } - repo = strings.TrimSuffix(repo, ".git") + repo = removeSuffix(repo, ".git") repoURL, err := url.Parse(repo) if err != nil { return "" diff --git a/util/git/git_test.go b/util/git/git_test.go index 0eebe354dcb13..3dc87b718ac47 100644 --- a/util/git/git_test.go +++ b/util/git/git_test.go @@ -45,6 +45,18 @@ func TestEnsurePrefix(t *testing.T) { } } +func TestRemoveSuffix(t *testing.T) { + data := [][]string{ + {"hello.git", ".git", "hello"}, + {"hello", ".git", "hello"}, + {".git", ".git", ""}, + } + for _, table := range data { + result := removeSuffix(table[0], table[1]) + assert.Equal(t, table[2], result) + } +} + func TestIsSSHURL(t *testing.T) { data := map[string]bool{ "git://github.com/argoproj/test.git": false, @@ -160,7 +172,10 @@ func TestCustomHTTPClient(t *testing.T) { assert.Equal(t, "http://proxy:5000", proxy.String()) } - t.Setenv("http_proxy", "http://proxy-from-env:7878") + os.Setenv("http_proxy", "http://proxy-from-env:7878") + defer func() { + assert.Nil(t, os.Unsetenv("http_proxy")) + }() // Get HTTPSCreds without client cert creds, but insecure connection creds = NewHTTPSCreds("test", "test", "", "", true, "", &NoopCredsStore{}, false) @@ -196,7 +211,7 @@ func TestCustomHTTPClient(t *testing.T) { defer os.RemoveAll(temppath) err = os.WriteFile(filepath.Join(temppath, "127.0.0.1"), cert, 0666) assert.NoError(t, err) - t.Setenv(common.EnvVarTLSDataPath, temppath) + os.Setenv(common.EnvVarTLSDataPath, temppath) client = GetRepoHTTPClient("https://127.0.0.1", false, creds, "") assert.NotNil(t, client) assert.NotNil(t, client.Transport) @@ -396,54 +411,3 @@ func TestListRevisions(t *testing.T) { assert.NotContains(t, lsResult.Branches, testTag) assert.NotContains(t, lsResult.Tags, testBranch) } - -func TestLsFiles(t *testing.T) { - tmpDir1 := t.TempDir() - tmpDir2 := t.TempDir() - - client, err := NewClientExt("", tmpDir1, NopCreds{}, false, false, "") - assert.NoError(t, err) - - err = runCmd(tmpDir1, "git", "init") - assert.NoError(t, err) - - // Prepare files - a, err := os.Create(filepath.Join(tmpDir1, "a.yaml")) - assert.NoError(t, err) - a.Close() - err = os.MkdirAll(filepath.Join(tmpDir1, "subdir"), 0755) - assert.NoError(t, err) - b, err := os.Create(filepath.Join(tmpDir1, "subdir", "b.yaml")) - assert.NoError(t, err) - b.Close() - err = os.MkdirAll(filepath.Join(tmpDir2, "subdir"), 0755) - assert.NoError(t, err) - c, err := os.Create(filepath.Join(tmpDir2, "c.yaml")) - assert.NoError(t, err) - c.Close() - err = os.Symlink(filepath.Join(tmpDir2, "c.yaml"), filepath.Join(tmpDir1, "link.yaml")) - assert.NoError(t, err) - - err = runCmd(tmpDir1, "git", "add", ".") - assert.NoError(t, err) - err = runCmd(tmpDir1, "git", "commit", "-m", "Initial commit") - assert.NoError(t, err) - - // Old and default globbing - expectedResult := []string{"a.yaml", "link.yaml", "subdir/b.yaml"} - lsResult, err := client.LsFiles("*.yaml", false) - assert.NoError(t, err) - assert.Equal(t, lsResult, expectedResult) - - // New and safer globbing, do not return symlinks resolving outside of the repo - expectedResult = []string{"a.yaml"} - lsResult, err = client.LsFiles("*.yaml", true) - assert.NoError(t, err) - assert.Equal(t, lsResult, expectedResult) - - // New globbing, do not return files outside of the repo - var nilResult []string - lsResult, err = client.LsFiles(filepath.Join(tmpDir2, "*.yaml"), true) - assert.NoError(t, err) - assert.Equal(t, lsResult, nilResult) -} diff --git a/util/git/mocks/Client.go b/util/git/mocks/Client.go index 1d32c9bc9c5d2..ba1966d3a1d6f 100644 --- a/util/git/mocks/Client.go +++ b/util/git/mocks/Client.go @@ -92,25 +92,25 @@ func (_m *Client) IsAnnotatedTag(_a0 string) bool { return r0 } -// LsFiles provides a mock function with given fields: path, enableNewGitFileGlobbing -func (_m *Client) LsFiles(path string, enableNewGitFileGlobbing bool) ([]string, error) { - ret := _m.Called(path, enableNewGitFileGlobbing) +// LsFiles provides a mock function with given fields: path +func (_m *Client) LsFiles(path string) ([]string, error) { + ret := _m.Called(path) var r0 []string var r1 error - if rf, ok := ret.Get(0).(func(string, bool) ([]string, error)); ok { - return rf(path, enableNewGitFileGlobbing) + if rf, ok := ret.Get(0).(func(string) ([]string, error)); ok { + return rf(path) } - if rf, ok := ret.Get(0).(func(string, bool) []string); ok { - r0 = rf(path, enableNewGitFileGlobbing) + if rf, ok := ret.Get(0).(func(string) []string); ok { + r0 = rf(path) } else { if ret.Get(0) != nil { r0 = ret.Get(0).([]string) } } - if rf, ok := ret.Get(1).(func(string, bool) error); ok { - r1 = rf(path, enableNewGitFileGlobbing) + if rf, ok := ret.Get(1).(func(string) error); ok { + r1 = rf(path) } else { r1 = ret.Error(1) } diff --git a/util/gpg/gpg_test.go b/util/gpg/gpg_test.go index 97f4976aa0b66..2a88c22c217ae 100644 --- a/util/gpg/gpg_test.go +++ b/util/gpg/gpg_test.go @@ -35,7 +35,10 @@ func initTempDir(t *testing.T) string { panic(err) } fmt.Printf("-> Using %s as GNUPGHOME\n", p) - t.Setenv(common.EnvGnuPGHome, p) + err = os.Setenv(common.EnvGnuPGHome, p) + if err != nil { + panic(err) + } t.Cleanup(func() { err := os.RemoveAll(p) if err != nil { @@ -46,20 +49,12 @@ func initTempDir(t *testing.T) string { } func Test_IsGPGEnabled(t *testing.T) { - t.Run("true", func(t *testing.T) { - t.Setenv("ARGOCD_GPG_ENABLED", "true") - assert.True(t, IsGPGEnabled()) - }) - - t.Run("false", func(t *testing.T) { - t.Setenv("ARGOCD_GPG_ENABLED", "false") - assert.False(t, IsGPGEnabled()) - }) - - t.Run("empty", func(t *testing.T) { - t.Setenv("ARGOCD_GPG_ENABLED", "") - assert.True(t, IsGPGEnabled()) - }) + os.Setenv("ARGOCD_GPG_ENABLED", "true") + assert.True(t, IsGPGEnabled()) + os.Setenv("ARGOCD_GPG_ENABLED", "false") + assert.False(t, IsGPGEnabled()) + os.Setenv("ARGOCD_GPG_ENABLED", "") + assert.True(t, IsGPGEnabled()) } func Test_GPG_InitializeGnuPG(t *testing.T) { @@ -90,50 +85,46 @@ func Test_GPG_InitializeGnuPG(t *testing.T) { assert.Len(t, keys, 1) assert.Equal(t, keys[0].Trust, "ultimate") - t.Run("GNUPGHOME is a file", func(t *testing.T) { - f, err := os.CreateTemp("", "gpg-test") - assert.NoError(t, err) - defer os.Remove(f.Name()) + // GNUPGHOME is a file - we need to error out + f, err := os.CreateTemp("", "gpg-test") + assert.NoError(t, err) + defer os.Remove(f.Name()) - // we need to error out - t.Setenv(common.EnvGnuPGHome, f.Name()) - err = InitializeGnuPG() - assert.Error(t, err) - assert.Contains(t, err.Error(), "does not point to a directory") - }) + os.Setenv(common.EnvGnuPGHome, f.Name()) + err = InitializeGnuPG() + assert.Error(t, err) + assert.Contains(t, err.Error(), "does not point to a directory") - t.Run("Unaccessible GNUPGHOME", func(t *testing.T) { - p := initTempDir(t) - fp := fmt.Sprintf("%s/gpg", p) - err = os.Mkdir(fp, 0o000) - if err != nil { - panic(err.Error()) - } - if err != nil { - panic(err.Error()) - } - t.Setenv(common.EnvGnuPGHome, fp) - err := InitializeGnuPG() - assert.Error(t, err) - // Restore permissions so path can be deleted - err = os.Chmod(fp, 0o700) - if err != nil { - panic(err.Error()) - } - }) + // Unaccessible GNUPGHOME + p = initTempDir(t) + fp := fmt.Sprintf("%s/gpg", p) + err = os.Mkdir(fp, 0000) + if err != nil { + panic(err.Error()) + } + if err != nil { + panic(err.Error()) + } + os.Setenv(common.EnvGnuPGHome, fp) + err = InitializeGnuPG() + assert.Error(t, err) + // Restore permissions so path can be deleted + err = os.Chmod(fp, 0700) + if err != nil { + panic(err.Error()) + } - t.Run("GNUPGHOME with too wide permissions", func(t *testing.T) { - // We do not expect an error here, because of openshift's random UIDs that - // forced us to use an emptyDir mount (#4127) - p := initTempDir(t) - err := os.Chmod(p, 0o777) - if err != nil { - panic(err.Error()) - } - t.Setenv(common.EnvGnuPGHome, p) - err = InitializeGnuPG() - assert.NoError(t, err) - }) + // GNUPGHOME with too wide permissions + // We do not expect an error here, because of openshift's random UIDs that + // forced us to use an emptyDir mount (#4127) + p = initTempDir(t) + err = os.Chmod(p, 0777) + if err != nil { + panic(err.Error()) + } + os.Setenv(common.EnvGnuPGHome, p) + err = InitializeGnuPG() + assert.NoError(t, err) } func Test_GPG_KeyManagement(t *testing.T) { @@ -228,6 +219,7 @@ func Test_GPG_KeyManagement(t *testing.T) { assert.NoError(t, err) assert.Len(t, keys, 3) } + } func Test_ImportPGPKeysFromString(t *testing.T) { @@ -244,6 +236,7 @@ func Test_ImportPGPKeysFromString(t *testing.T) { assert.Contains(t, keys[0].Owner, "noreply@github.com") assert.Equal(t, "unknown", keys[0].Trust) assert.Equal(t, "unknown", keys[0].SubType) + } func Test_ValidateGPGKeysFromString(t *testing.T) { @@ -265,6 +258,7 @@ func Test_ValidateGPGKeysFromString(t *testing.T) { assert.NoError(t, err) assert.Len(t, keys, 2) } + } func Test_ValidateGPGKeys(t *testing.T) { @@ -452,17 +446,16 @@ func Test_GPG_ParseGitCommitVerification(t *testing.T) { } func Test_GetGnuPGHomePath(t *testing.T) { - t.Run("empty", func(t *testing.T) { - t.Setenv(common.EnvGnuPGHome, "") + { + os.Setenv(common.EnvGnuPGHome, "") p := common.GetGnuPGHomePath() assert.Equal(t, common.DefaultGnuPgHomePath, p) - }) - - t.Run("tempdir", func(t *testing.T) { - t.Setenv(common.EnvGnuPGHome, "/tmp/gpghome") + } + { + os.Setenv(common.EnvGnuPGHome, "/tmp/gpghome") p := common.GetGnuPGHomePath() assert.Equal(t, "/tmp/gpghome", p) - }) + } } func Test_KeyID(t *testing.T) { @@ -501,7 +494,6 @@ func Test_IsShortKeyID(t *testing.T) { assert.False(t, IsShortKeyID(longKeyID)) assert.False(t, IsShortKeyID("ab")) } - func Test_IsLongKeyID(t *testing.T) { assert.True(t, IsLongKeyID(longKeyID)) assert.False(t, IsLongKeyID(shortKeyID)) @@ -538,6 +530,7 @@ func Test_IsSecretKey(t *testing.T) { assert.NoError(t, err) assert.False(t, secret) } + } func Test_SyncKeyRingFromDirectory(t *testing.T) { diff --git a/util/grpc/trace.go b/util/grpc/trace.go deleted file mode 100644 index 484e2b61dc253..0000000000000 --- a/util/grpc/trace.go +++ /dev/null @@ -1,33 +0,0 @@ -package grpc - -import ( - "sync" - - "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" - "google.golang.org/grpc" -) - -var ( - otelUnaryInterceptor grpc.UnaryClientInterceptor - otelStreamInterceptor grpc.StreamClientInterceptor - interceptorsInitialized = sync.Once{} -) - -// otel interceptors must be created once to avoid memory leak -// see https://github.com/open-telemetry/opentelemetry-go-contrib/issues/4226 for details -func ensureInitialized() { - interceptorsInitialized.Do(func() { - otelUnaryInterceptor = otelgrpc.UnaryClientInterceptor() - otelStreamInterceptor = otelgrpc.StreamClientInterceptor() - }) -} - -func OTELUnaryClientInterceptor() grpc.UnaryClientInterceptor { - ensureInitialized() - return otelUnaryInterceptor -} - -func OTELStreamClientInterceptor() grpc.StreamClientInterceptor { - ensureInitialized() - return otelStreamInterceptor -} diff --git a/util/helm/client.go b/util/helm/client.go index fcb1e665dffb6..f3187489c9fd0 100644 --- a/util/helm/client.go +++ b/util/helm/client.go @@ -2,7 +2,6 @@ package helm import ( "bytes" - "context" "crypto/tls" "crypto/x509" "encoding/json" @@ -21,14 +20,14 @@ import ( "github.com/argoproj/pkg/sync" log "github.com/sirupsen/logrus" "gopkg.in/yaml.v2" - "oras.land/oras-go/v2/registry/remote" - "oras.land/oras-go/v2/registry/remote/auth" + "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/util/cache" executil "github.com/argoproj/argo-cd/v2/util/exec" argoio "github.com/argoproj/argo-cd/v2/util/io" "github.com/argoproj/argo-cd/v2/util/io/files" "github.com/argoproj/argo-cd/v2/util/proxy" + "github.com/argoproj/argo-cd/v2/util/text" ) var ( @@ -177,7 +176,7 @@ func (c *nativeHelmChart) ExtractChart(chart string, version string, passCredent } // 'helm pull' ensures that chart is downloaded into temp directory - _, err = helmCmd.PullOCI(c.repoURL, chart, version, tempDest, c.creds) + _, err = helmCmd.PullOCI(c.repoURL, chart, version, tempDest) if err != nil { return "", nil, err } @@ -302,8 +301,8 @@ func (c *nativeHelmChart) loadRepoIndex() ([]byte, error) { } tr := &http.Transport{ - Proxy: proxy.GetCallback(c.proxy), - TLSClientConfig: tlsConf, + Proxy: proxy.GetCallback(c.proxy), + TLSClientConfig: tlsConf, DisableKeepAlives: true, } client := http.Client{Transport: tr} @@ -387,8 +386,131 @@ func getIndexURL(rawURL string) (string, error) { return repoURL.String(), nil } +func getTagsListURL(rawURL string, chart string) (string, error) { + repoURL, err := url.Parse(strings.Trim(rawURL, "/")) + if err != nil { + return "", fmt.Errorf("unable to parse repo url: %v", err) + } + tagsPathFormat := "%s/v2/%s/tags/list" + repoURL.Scheme = "https" + repoURL.Path = fmt.Sprintf(tagsPathFormat, repoURL.Path, chart) + repoURL.RawPath = fmt.Sprintf(tagsPathFormat, repoURL.RawPath, url.PathEscape(chart)) + return repoURL.String(), nil +} + +func (c *nativeHelmChart) getTags(chart string) ([]byte, error) { + nextURL, err := getTagsListURL(c.repoURL, chart) + if err != nil { + return nil, fmt.Errorf("failed to get tag list url: %v", err) + } + + allTags := &TagsList{} + var data []byte + for nextURL != "" { + log.Debugf("fetching %s tags from %s", chart, sanitizeLog(text.Trunc(nextURL, 100))) + data, nextURL, err = c.getTagsFromUrl(nextURL) + if err != nil { + return nil, fmt.Errorf("failed tags part: %v", err) + } + + tags := &TagsList{} + err := json.Unmarshal(data, tags) + if err != nil { + return nil, fmt.Errorf("unable to decode json: %v", err) + } + allTags.Tags = append(allTags.Tags, tags.Tags...) + } + data, err = json.Marshal(allTags) + if err != nil { + return nil, fmt.Errorf("failed to marshal tag json: %w", err) + } + return data, nil +} + +func getNextUrl(resp *http.Response) (string, error) { + link := resp.Header.Get("Link") + if link == "" { + return "", nil + } + if link[0] != '<' { + return "", fmt.Errorf("invalid next link %q: missing '<'", link) + } + if i := strings.IndexByte(link, '>'); i == -1 { + return "", fmt.Errorf("invalid next link %q: missing '>'", link) + } else { + link = link[1:i] + } + linkURL, err := resp.Request.URL.Parse(link) + if err != nil { + return "", err + } + return linkURL.String(), nil +} + +func sanitizeLog(input string) string { + sanitized := strings.ReplaceAll(input, "\r", "") + sanitized = strings.ReplaceAll(sanitized, "\n", "") + return sanitized +} + +func (c *nativeHelmChart) getTagsFromUrl(tagsURL string) ([]byte, string, error) { + req, err := http.NewRequest(http.MethodGet, tagsURL, nil) + if err != nil { + return nil, "", fmt.Errorf("failed create request: %v", err) + } + req.Header.Add("Accept", `application/json`) + if c.creds.Username != "" || c.creds.Password != "" { + // only basic supported + req.SetBasicAuth(c.creds.Username, c.creds.Password) + } + + tlsConf, err := newTLSConfig(c.creds) + if err != nil { + return nil, "", fmt.Errorf("failed setup tlsConfig: %v", err) + } + + tr := &http.Transport{ + Proxy: proxy.GetCallback(c.proxy), + TLSClientConfig: tlsConf, + DisableKeepAlives: true, + } + client := http.Client{Transport: tr} + resp, err := client.Do(req) + if err != nil { + return nil, "", fmt.Errorf("request failed: %v", err) + } + defer func() { + if err = resp.Body.Close(); err != nil { + log.WithFields(log.Fields{ + common.SecurityField: common.SecurityMedium, + common.SecurityCWEField: 775, + }).Errorf("error closing response %q: %v", text.Trunc(tagsURL, 100), err) + } + }() + + if resp.StatusCode != http.StatusOK { + data, err := io.ReadAll(resp.Body) + var responseExcerpt string + if err != nil { + responseExcerpt = fmt.Sprintf("err: %v", err) + } else { + responseExcerpt = text.Trunc(string(data), 100) + } + return nil, "", fmt.Errorf("invalid response: %s %s", resp.Status, responseExcerpt) + } + data, err := io.ReadAll(resp.Body) + if err != nil { + return nil, "", fmt.Errorf("failed to read body: %v", err) + } + nextUrl, err := getNextUrl(resp) + return data, nextUrl, err +} + func (c *nativeHelmChart) GetTags(chart string, noCache bool) (*TagsList, error) { - tagsURL := strings.Replace(fmt.Sprintf("%s/%s", c.repoURL, chart), "https://", "", 1) + tagsURL, err := getTagsListURL(c.repoURL, chart) + if err != nil { + return nil, fmt.Errorf("invalid tags url: %v", err) + } indexLock.Lock(tagsURL) defer indexLock.Unlock(tagsURL) @@ -399,42 +521,10 @@ func (c *nativeHelmChart) GetTags(chart string, noCache bool) (*TagsList, error) } } - tags := &TagsList{} if len(data) == 0 { start := time.Now() - repo, err := remote.NewRepository(tagsURL) - if err != nil { - return nil, fmt.Errorf("failed to initialize repository: %v", err) - } - tlsConf, err := newTLSConfig(c.creds) - if err != nil { - return nil, fmt.Errorf("failed setup tlsConfig: %v", err) - } - client := &http.Client{Transport: &http.Transport{ - Proxy: proxy.GetCallback(c.proxy), - TLSClientConfig: tlsConf, - DisableKeepAlives: true, - }} - repo.Client = &auth.Client{ - Client: client, - Cache: nil, - Credential: auth.StaticCredential(c.repoURL, auth.Credential{ - Username: c.creds.Username, - Password: c.creds.Password, - }), - } - - ctx := context.Background() - err = repo.Tags(ctx, "", func(tagsResult []string) error { - for _, tag := range tagsResult { - // By convention: Change underscore (_) back to plus (+) to get valid SemVer - convertedTag := strings.ReplaceAll(tag, "_", "+") - tags.Tags = append(tags.Tags, convertedTag) - } - - return nil - }) - + var err error + data, err = c.getTags(chart) if err != nil { return nil, fmt.Errorf("failed to get tags: %v", err) } @@ -447,11 +537,12 @@ func (c *nativeHelmChart) GetTags(chart string, noCache bool) (*TagsList, error) log.Warnf("Failed to store tags list cache for repo: %s: %v", tagsURL, err) } } - } else { - err := json.Unmarshal(data, tags) - if err != nil { - return nil, fmt.Errorf("failed to decode tags: %v", err) - } + } + + tags := &TagsList{} + err = json.Unmarshal(data, tags) + if err != nil { + return nil, fmt.Errorf("failed to decode tags: %v", err) } return tags, nil diff --git a/util/helm/client_test.go b/util/helm/client_test.go index 63b57b7fa5180..8107a586e2772 100644 --- a/util/helm/client_test.go +++ b/util/helm/client_test.go @@ -10,6 +10,7 @@ import ( "net/http" "net/http/httptest" + "net/url" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -153,21 +154,13 @@ func TestGetIndexURL(t *testing.T) { func TestGetTagsFromUrl(t *testing.T) { server := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - t.Logf("called %s", r.URL.Path) responseTags := TagsList{} w.Header().Set("Content-Type", "application/json") if !strings.Contains(r.URL.String(), "token") { w.Header().Set("Link", fmt.Sprintf("; rel=next", r.Host, r.URL.Path)) responseTags.Tags = []string{"first"} } else { - responseTags.Tags = []string{ - "second", - "2.8.0", - "2.8.0-prerelease", - "2.8.0_build", - "2.8.0-prerelease_build", - "2.8.0-prerelease.1_build.1234", - } + responseTags.Tags = []string{"second"} } w.WriteHeader(http.StatusOK) err := json.NewEncoder(w).Encode(responseTags) @@ -180,13 +173,62 @@ func TestGetTagsFromUrl(t *testing.T) { tags, err := client.GetTags("mychart", true) assert.NoError(t, err) - assert.ElementsMatch(t, tags.Tags, []string{ - "first", - "second", - "2.8.0", - "2.8.0-prerelease", - "2.8.0+build", - "2.8.0-prerelease+build", - "2.8.0-prerelease.1+build.1234", - }) + assert.Equal(t, tags.Tags[0], "first") + assert.Equal(t, tags.Tags[1], "second") +} + +func Test_getNextUrl(t *testing.T) { + baseUrl, err := url.Parse("https://my.repo.com/v2/chart/tags/list") + if err != nil { + t.Errorf("failed to parse url in test case: %v", err) + } + resp := &http.Response{ + Request: &http.Request{ + URL: baseUrl, + }, + } + nextUrl, err := getNextUrl(resp) + assert.Equal(t, nextUrl, "") + assert.NoError(t, err) + + var nextUrlAbsolute = "https://my.repo.com/v2/chart/tags/list?n=123&orderby=" + resp.Header = http.Header{ + "Link": []string{fmt.Sprintf(`<%s>; rel="next"`, nextUrlAbsolute)}, + } + nextUrl, err = getNextUrl(resp) + assert.NoError(t, err) + assert.Equal(t, nextUrl, nextUrlAbsolute) + + var nextUrlRelative = "/v2/chart/tags/list?n=123&orderby=" + resp.Header = http.Header{ + "Link": []string{fmt.Sprintf(`<%s>; rel="next"`, nextUrlRelative)}, + } + nextUrl, err = getNextUrl(resp) + assert.NoError(t, err) + assert.Equal(t, nextUrl, "https://my.repo.com/v2/chart/tags/list?n=123&orderby=") +} + +func Test_getTagsListURL(t *testing.T) { + tagsListURL, err := getTagsListURL("account.dkr.ecr.eu-central-1.amazonaws.com", "dss") + assert.Nil(t, err) + assert.Equal(t, tagsListURL, "https://account.dkr.ecr.eu-central-1.amazonaws.com/v2/dss/tags/list") + + tagsListURL, err = getTagsListURL("http://account.dkr.ecr.eu-central-1.amazonaws.com", "dss") + assert.Nil(t, err) + assert.Equal(t, tagsListURL, "https://account.dkr.ecr.eu-central-1.amazonaws.com/v2/dss/tags/list") + + // with trailing / + tagsListURL, err = getTagsListURL("https://account.dkr.ecr.eu-central-1.amazonaws.com/", "dss") + assert.Nil(t, err) + assert.Equal(t, tagsListURL, "https://account.dkr.ecr.eu-central-1.amazonaws.com/v2/dss/tags/list") + + // with unescaped characters allowed by https://www.rfc-editor.org/rfc/rfc3986#page-50 + tagsListURL, err = getTagsListURL("https://account.dkr.ecr.eu-central-1.amazonaws.com/", "charts.-_~$&+=:@dss") + assert.Nil(t, err) + assert.Equal(t, tagsListURL, "https://account.dkr.ecr.eu-central-1.amazonaws.com/v2/charts.-_~$&+=:@dss/tags/list") + + // with escaped characters not allowed in path by https://www.rfc-editor.org/rfc/rfc3986#page-50 + tagsListURL, err = getTagsListURL("https://account.dkr.ecr.eu-central-1.amazonaws.com/", "charts%/dss") + assert.Nil(t, err) + assert.Equal(t, tagsListURL, "https://account.dkr.ecr.eu-central-1.amazonaws.com/v2/charts%25%2Fdss/tags/list") } diff --git a/util/helm/cmd.go b/util/helm/cmd.go index f8240d555217e..2be56b26d5ce8 100644 --- a/util/helm/cmd.go +++ b/util/helm/cmd.go @@ -1,14 +1,12 @@ package helm import ( - "errors" "fmt" "os" "os/exec" "path" "path/filepath" "regexp" - "strings" log "github.com/sirupsen/logrus" @@ -230,18 +228,15 @@ func (c *Cmd) Fetch(repo, chartName, version, destination string, creds Creds, p return c.run(args...) } -func (c *Cmd) PullOCI(repo string, chart string, version string, destination string, creds Creds) (string, error) { - args := []string{"pull", fmt.Sprintf("oci://%s/%s", repo, chart), "--version", +func (c *Cmd) PullOCI(repo string, chart string, version string, destination string) (string, error) { + return c.run( + "pull", + fmt.Sprintf("oci://%s/%s", repo, chart), + "--version", version, "--destination", - destination} - if creds.CAPath != "" { - args = append(args, "--ca-file", creds.CAPath) - } - if creds.InsecureSkipVerify && c.insecureSkipVerifySupported { - args = append(args, "--insecure-skip-tls-verify") - } - return c.run(args...) + destination, + ) } func (c *Cmd) dependencyBuild() (string, error) { @@ -252,10 +247,6 @@ func (c *Cmd) inspectValues(values string) (string, error) { return c.run(c.showCommand, "values", values) } -func (c *Cmd) InspectChart() (string, error) { - return c.run(c.showCommand, "chart", ".") -} - type TemplateOpts struct { Name string Namespace string @@ -269,8 +260,7 @@ type TemplateOpts struct { } var ( - re = regexp.MustCompile(`([^\\]),`) - apiVersionsRemover = regexp.MustCompile(`(--api-versions [^ ]+ )+`) + re = regexp.MustCompile(`([^\\]),`) ) func cleanSetParameters(val string) string { @@ -313,16 +303,7 @@ func (c *Cmd) template(chartPath string, opts *TemplateOpts) (string, error) { args = append(args, "--include-crds") } - out, err := c.run(args...) - if err != nil { - msg := err.Error() - if strings.Contains(msg, "--api-versions") { - log.Debug(msg) - msg = apiVersionsRemover.ReplaceAllString(msg, " ") - } - return "", errors.New(msg) - } - return out, nil + return c.run(args...) } func (c *Cmd) Freestyle(args ...string) (string, error) { diff --git a/util/helm/cmd_test.go b/util/helm/cmd_test.go index 772d32c78b8dd..d09b808908b87 100644 --- a/util/helm/cmd_test.go +++ b/util/helm/cmd_test.go @@ -23,18 +23,6 @@ func TestCmd_template_kubeVersion(t *testing.T) { assert.NotEmpty(t, s) } -func TestCmd_template_noApiVersionsInError(t *testing.T) { - cmd, err := NewCmdWithVersion(".", HelmV3, false, "") - assert.NoError(t, err) - _, err = cmd.template("testdata/chart-does-not-exist", &TemplateOpts{ - KubeVersion: "1.14", - APIVersions: []string{"foo", "bar"}, - }) - assert.Error(t, err) - assert.NotContains(t, err.Error(), "--api-version") - assert.ErrorContains(t, err, " ") -} - func TestNewCmd_helmV3(t *testing.T) { cmd, err := NewCmd(".", "v3", "") assert.NoError(t, err) diff --git a/util/helm/helm.go b/util/helm/helm.go index f586691867648..edb0f3b672b35 100644 --- a/util/helm/helm.go +++ b/util/helm/helm.go @@ -8,8 +8,8 @@ import ( "path/filepath" "strings" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/util/config" executil "github.com/argoproj/argo-cd/v2/util/exec" diff --git a/util/helm/index_test.go b/util/helm/index_test.go index 937733db20f21..152fceae02c6d 100644 --- a/util/helm/index_test.go +++ b/util/helm/index_test.go @@ -57,28 +57,4 @@ func TestEntries_MaxVersion(t *testing.T) { assert.NoError(t, err) assert.Equal(t, semver.MustParse("0.7.2"), version) }) - t.Run("Constraint", func(t *testing.T) { - constraints, _ := semver.NewConstraint("> 0.0.0") - version, err := entries.MaxVersion(constraints) - assert.NoError(t, err) - assert.Equal(t, semver.MustParse("0.7.2"), version) - }) - t.Run("Constraint", func(t *testing.T) { - constraints, _ := semver.NewConstraint(">0.5.0,<0.7.0") - version, err := entries.MaxVersion(constraints) - assert.NoError(t, err) - assert.Equal(t, semver.MustParse("0.5.4"), version) - }) - t.Run("Constraint", func(t *testing.T) { - constraints, _ := semver.NewConstraint("0.7.*") - version, err := entries.MaxVersion(constraints) - assert.NoError(t, err) - assert.Equal(t, semver.MustParse("0.7.2"), version) - }) - t.Run("Constraint", func(t *testing.T) { - constraints, _ := semver.NewConstraint("*") - version, err := entries.MaxVersion(constraints) - assert.NoError(t, err) - assert.Equal(t, semver.MustParse("0.7.2"), version) - }) } diff --git a/util/helm/testdata/minio/templates/deployment.yaml b/util/helm/testdata/minio/templates/deployment.yaml index c390a7dfc5b2d..a18ed706ce8c8 100644 --- a/util/helm/testdata/minio/templates/deployment.yaml +++ b/util/helm/testdata/minio/templates/deployment.yaml @@ -1,5 +1,5 @@ {{- if eq .Values.mode "standalone" }} -apiVersion: apps/v1 +apiVersion: apps/v1beta2 kind: Deployment metadata: name: {{ template "minio.fullname" . }} diff --git a/util/helm/testdata/redis/templates/metrics-deployment.yaml b/util/helm/testdata/redis/templates/metrics-deployment.yaml index 90151e53df156..2f6e1cc84e07c 100644 --- a/util/helm/testdata/redis/templates/metrics-deployment.yaml +++ b/util/helm/testdata/redis/templates/metrics-deployment.yaml @@ -1,5 +1,5 @@ {{- if .Values.metrics.enabled }} -apiVersion: apps/v1 +apiVersion: extensions/v1beta1 kind: Deployment metadata: name: {{ template "redis.fullname" . }}-metrics diff --git a/util/helm/testdata/redis/templates/redis-slave-deployment.yaml b/util/helm/testdata/redis/templates/redis-slave-deployment.yaml index 5160294cbfbaa..7aca36a7bf635 100644 --- a/util/helm/testdata/redis/templates/redis-slave-deployment.yaml +++ b/util/helm/testdata/redis/templates/redis-slave-deployment.yaml @@ -1,5 +1,5 @@ {{- if .Values.cluster.enabled }} -apiVersion: apps/v1 +apiVersion: extensions/v1beta1 kind: Deployment metadata: name: {{ template "redis.fullname" . }}-slave diff --git a/util/http/http.go b/util/http/http.go index 2572e739f009d..42981d62867fa 100644 --- a/util/http/http.go +++ b/util/http/http.go @@ -18,8 +18,8 @@ import ( const maxCookieLength = 4093 // max number of chunks a cookie can be broken into. To be compatible with -// widest range of browsers, you shouldn't create more than 30 cookies per domain -var maxCookieNumber = env.ParseNumFromEnv(common.EnvMaxCookieNumber, 20, 0, math.MaxInt64) +// widest range of browsers, we shouldn't create more than 30 cookies per domain +var maxCookieNumber = env.ParseNumFromEnv(common.EnvMaxCookieNumber, 10, 0, 30) // MakeCookieMetadata generates a string representing a Web cookie. Yum! func MakeCookieMetadata(key, value string, flags ...string) ([]string, error) { diff --git a/util/http/http_test.go b/util/http/http_test.go index 9655c5b42c249..cb37f74b39716 100644 --- a/util/http/http_test.go +++ b/util/http/http_test.go @@ -15,18 +15,10 @@ func TestCookieMaxLength(t *testing.T) { // keys will be of format foo, foo-1, foo-2 .. cookies, err = MakeCookieMetadata("foo", strings.Repeat("_", (maxCookieLength-5)*maxCookieNumber)) - assert.EqualError(t, err, "the authentication token is 81760 characters long and requires 21 cookies but the max number of cookies is 20. Contact your Argo CD administrator to increase the max number of cookies") + assert.EqualError(t, err, "the authentication token is 40880 characters long and requires 11 cookies but the max number of cookies is 10. Contact your Argo CD administrator to increase the max number of cookies") assert.Equal(t, 0, len(cookies)) } -func TestCookieWithAttributes(t *testing.T) { - flags := []string{"SameSite=lax", "httpOnly"} - - cookies, err := MakeCookieMetadata("foo", "bar", flags...) - assert.NoError(t, err) - assert.Equal(t, "foo=bar; SameSite=lax; httpOnly", cookies[0]) -} - func TestSplitCookie(t *testing.T) { cookieValue := strings.Repeat("_", (maxCookieLength-6)*4) cookies, err := MakeCookieMetadata("foo", cookieValue) diff --git a/util/io/files/tar.go b/util/io/files/tar.go index 13973f732fe72..91b743e0c4704 100644 --- a/util/io/files/tar.go +++ b/util/io/files/tar.go @@ -90,12 +90,13 @@ func Untgz(dstPath string, r io.Reader, maxSize int64, preserveFileMode bool) er return fmt.Errorf("illegal filepath in archive: %s", target) } + var mode os.FileMode = 0755 + if preserveFileMode { + mode = os.FileMode(header.Mode) + } + switch header.Typeflag { case tar.TypeDir: - var mode os.FileMode = 0755 - if preserveFileMode { - mode = os.FileMode(header.Mode) - } err := os.MkdirAll(target, mode) if err != nil { return fmt.Errorf("error creating nested folders: %w", err) @@ -117,11 +118,6 @@ func Untgz(dstPath string, r io.Reader, maxSize int64, preserveFileMode bool) er return fmt.Errorf("error creating symlink: %s", err) } case tar.TypeReg: - var mode os.FileMode = 0644 - if preserveFileMode { - mode = os.FileMode(header.Mode) - } - err := os.MkdirAll(filepath.Dir(target), 0755) if err != nil { return fmt.Errorf("error creating nested folders: %w", err) diff --git a/util/io/files/tar_test.go b/util/io/files/tar_test.go index 1817fa5ce9353..7c08246c72962 100644 --- a/util/io/files/tar_test.go +++ b/util/io/files/tar_test.go @@ -216,7 +216,7 @@ func TestUntgz(t *testing.T) { scriptFileInfo, err := os.Stat(path.Join(destDir, "script.sh")) require.NoError(t, err) - assert.Equal(t, os.FileMode(0644), scriptFileInfo.Mode()) + assert.Equal(t, os.FileMode(0755), scriptFileInfo.Mode()) }) } diff --git a/util/io/files/util.go b/util/io/files/util.go index 741f224c3c839..6bbcaa751d395 100644 --- a/util/io/files/util.go +++ b/util/io/files/util.go @@ -20,22 +20,19 @@ var RelativeOutOfBoundErr = errors.New("full path does not contain base path") // does not match (example 2). // // Example 1: -// -// fullPath: /home/test/app/readme.md -// basePath: /home/test -// return: app/readme.md +// fullPath: /home/test/app/readme.md +// basePath: /home/test +// return: app/readme.md // // Example 2: -// -// fullPath: /home/test/app/readme.md -// basePath: /somewhere/else -// return: "", RelativeOutOfBoundErr +// fullPath: /home/test/app/readme.md +// basePath: /somewhere/else +// return: "", RelativeOutOfBoundErr // // Example 3: -// -// fullPath: /home/test/app/readme.md -// basePath: /home/test/app/readme.md -// return: . +// fullPath: /home/test/app/readme.md +// basePath: /home/test/app/readme.md +// return: . func RelativePath(fullPath, basePath string) (string, error) { fp := filepath.Clean(fullPath) if !strings.HasPrefix(fp, filepath.Clean(basePath)) { diff --git a/util/kube/kube.go b/util/kube/kube.go index 5ea4394b726f0..0df9a36d813ca 100644 --- a/util/kube/kube.go +++ b/util/kube/kube.go @@ -1,7 +1,6 @@ package kube import ( - "fmt" "regexp" "github.com/argoproj/gitops-engine/pkg/utils/kube" @@ -21,10 +20,7 @@ func IsValidResourceName(name string) bool { // SetAppInstanceLabel the recommended app.kubernetes.io/instance label against an unstructured object // Uses the legacy labeling if environment variable is set func SetAppInstanceLabel(target *unstructured.Unstructured, key, val string) error { - labels, _, err := nestedNullableStringMap(target.Object, "metadata", "labels") - if err != nil { - return fmt.Errorf("failed to get labels from target object %s %s/%s: %w", target.GroupVersionKind().String(), target.GetNamespace(), target.GetName(), err) - } + labels := target.GetLabels() if labels == nil { labels = make(map[string]string) } @@ -100,11 +96,7 @@ func SetAppInstanceLabel(target *unstructured.Unstructured, key, val string) err // SetAppInstanceAnnotation the recommended app.kubernetes.io/instance annotation against an unstructured object // Uses the legacy labeling if environment variable is set func SetAppInstanceAnnotation(target *unstructured.Unstructured, key, val string) error { - annotations, _, err := nestedNullableStringMap(target.Object, "metadata", "annotations") - if err != nil { - return fmt.Errorf("failed to get annotations from target object %s %s/%s: %w", target.GroupVersionKind().String(), target.GetNamespace(), target.GetName(), err) - } - + annotations := target.GetAnnotations() if annotations == nil { annotations = make(map[string]string) } @@ -114,37 +106,26 @@ func SetAppInstanceAnnotation(target *unstructured.Unstructured, key, val string } // GetAppInstanceAnnotation returns the application instance name from annotation -func GetAppInstanceAnnotation(un *unstructured.Unstructured, key string) (string, error) { - annotations, _, err := nestedNullableStringMap(un.Object, "metadata", "annotations") - if err != nil { - return "", fmt.Errorf("failed to get annotations from target object %s %s/%s: %w", un.GroupVersionKind().String(), un.GetNamespace(), un.GetName(), err) +func GetAppInstanceAnnotation(un *unstructured.Unstructured, key string) string { + if annotations := un.GetAnnotations(); annotations != nil { + return annotations[key] } - if annotations != nil { - return annotations[key], nil - } - return "", nil + return "" } // GetAppInstanceLabel returns the application instance name from labels -func GetAppInstanceLabel(un *unstructured.Unstructured, key string) (string, error) { - labels, _, err := nestedNullableStringMap(un.Object, "metadata", "labels") - if err != nil { - return "", fmt.Errorf("failed to get labels for %s %s/%s: %w", un.GroupVersionKind().String(), un.GetNamespace(), un.GetName(), err) - } - if labels != nil { - return labels[key], nil +func GetAppInstanceLabel(un *unstructured.Unstructured, key string) string { + if labels := un.GetLabels(); labels != nil { + return labels[key] } - return "", nil + return "" } // RemoveLabel removes label with the specified name -func RemoveLabel(un *unstructured.Unstructured, key string) error { - labels, _, err := nestedNullableStringMap(un.Object, "metadata", "labels") - if err != nil { - return fmt.Errorf("failed to get labels for %s %s/%s: %w", un.GroupVersionKind().String(), un.GetNamespace(), un.GetName(), err) - } +func RemoveLabel(un *unstructured.Unstructured, key string) { + labels := un.GetLabels() if labels == nil { - return nil + return } for k := range labels { @@ -158,19 +139,4 @@ func RemoveLabel(un *unstructured.Unstructured, key string) error { break } } - return nil -} - -// nestedNullableStringMap returns a copy of map[string]string value of a nested field. -// Returns false if value is not found and an error if not one of map[string]interface{} or nil, or contains non-string values in the map. -func nestedNullableStringMap(obj map[string]interface{}, fields ...string) (map[string]string, bool, error) { - var m map[string]string - val, found, err := unstructured.NestedFieldNoCopy(obj, fields...) - if err != nil { - return nil, found, err - } - if found && val != nil { - return unstructured.NestedStringMap(obj, fields...) - } - return m, found, err } diff --git a/util/kube/kube_test.go b/util/kube/kube_test.go index 1bd00380d0b05..fb7ebe08d4486 100644 --- a/util/kube/kube_test.go +++ b/util/kube/kube_test.go @@ -6,11 +6,11 @@ import ( "os" "testing" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" apiv1 "k8s.io/api/core/v1" extv1beta1 "k8s.io/api/extensions/v1beta1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/common" ) @@ -184,17 +184,6 @@ func TestSetAppInstanceAnnotation(t *testing.T) { assert.Equal(t, "my-app", s.ObjectMeta.Annotations[common.LabelKeyAppInstance]) } -func TestSetAppInstanceAnnotationWithInvalidData(t *testing.T) { - yamlBytes, err := os.ReadFile("testdata/svc-with-invalid-data.yaml") - assert.Nil(t, err) - var obj unstructured.Unstructured - err = yaml.Unmarshal(yamlBytes, &obj) - assert.Nil(t, err) - err = SetAppInstanceAnnotation(&obj, common.LabelKeyAppInstance, "my-app") - assert.Error(t, err) - assert.Equal(t, "failed to get annotations from target object /v1, Kind=Service /my-service: .metadata.annotations accessor error: contains non-string key in the map: is of the type , expected string", err.Error()) -} - func TestGetAppInstanceAnnotation(t *testing.T) { yamlBytes, err := os.ReadFile("testdata/svc.yaml") assert.Nil(t, err) @@ -204,21 +193,7 @@ func TestGetAppInstanceAnnotation(t *testing.T) { err = SetAppInstanceAnnotation(&obj, common.LabelKeyAppInstance, "my-app") assert.Nil(t, err) - annotation, err := GetAppInstanceAnnotation(&obj, common.LabelKeyAppInstance) - assert.Nil(t, err) - assert.Equal(t, "my-app", annotation) -} - -func TestGetAppInstanceAnnotationWithInvalidData(t *testing.T) { - yamlBytes, err := os.ReadFile("testdata/svc-with-invalid-data.yaml") - assert.Nil(t, err) - var obj unstructured.Unstructured - err = yaml.Unmarshal(yamlBytes, &obj) - assert.Nil(t, err) - - _, err = GetAppInstanceAnnotation(&obj, "valid-annotation") - assert.Error(t, err) - assert.Equal(t, "failed to get annotations from target object /v1, Kind=Service /my-service: .metadata.annotations accessor error: contains non-string key in the map: is of the type , expected string", err.Error()) + assert.Equal(t, "my-app", GetAppInstanceAnnotation(&obj, common.LabelKeyAppInstance)) } func TestGetAppInstanceLabel(t *testing.T) { @@ -229,20 +204,7 @@ func TestGetAppInstanceLabel(t *testing.T) { assert.Nil(t, err) err = SetAppInstanceLabel(&obj, common.LabelKeyAppInstance, "my-app") assert.Nil(t, err) - label, err := GetAppInstanceLabel(&obj, common.LabelKeyAppInstance) - assert.Nil(t, err) - assert.Equal(t, "my-app", label) -} - -func TestGetAppInstanceLabelWithInvalidData(t *testing.T) { - yamlBytes, err := os.ReadFile("testdata/svc-with-invalid-data.yaml") - assert.Nil(t, err) - var obj unstructured.Unstructured - err = yaml.Unmarshal(yamlBytes, &obj) - assert.Nil(t, err) - _, err = GetAppInstanceLabel(&obj, "valid-label") - assert.Error(t, err) - assert.Equal(t, "failed to get labels for /v1, Kind=Service /my-service: .metadata.labels accessor error: contains non-string key in the map: is of the type , expected string", err.Error()) + assert.Equal(t, "my-app", GetAppInstanceLabel(&obj, common.LabelKeyAppInstance)) } func TestRemoveLabel(t *testing.T) { @@ -253,20 +215,7 @@ func TestRemoveLabel(t *testing.T) { assert.Nil(t, err) obj.SetLabels(map[string]string{"test": "value"}) - err = RemoveLabel(&obj, "test") - assert.Nil(t, err) + RemoveLabel(&obj, "test") assert.Nil(t, obj.GetLabels()) } - -func TestRemoveLabelWithInvalidData(t *testing.T) { - yamlBytes, err := os.ReadFile("testdata/svc-with-invalid-data.yaml") - assert.Nil(t, err) - var obj unstructured.Unstructured - err = yaml.Unmarshal(yamlBytes, &obj) - assert.Nil(t, err) - - err = RemoveLabel(&obj, "valid-label") - assert.Error(t, err) - assert.Equal(t, "failed to get labels for /v1, Kind=Service /my-service: .metadata.labels accessor error: contains non-string key in the map: is of the type , expected string", err.Error()) -} diff --git a/util/kube/portforwarder.go b/util/kube/portforwarder.go index f08f783208289..1ea6e0fdadbef 100644 --- a/util/kube/portforwarder.go +++ b/util/kube/portforwarder.go @@ -56,7 +56,7 @@ func PortForward(targetPort int, namespace string, overrides *clientcmd.ConfigOv } if pod == nil { - return -1, fmt.Errorf("cannot find pod with selector: %v - use the --{component}-name flag in this command or set the environmental variable (Refer to https://argo-cd.readthedocs.io/en/stable/user-guide/environment-variables), to change the Argo CD component name in the CLI", podSelectors) + return -1, fmt.Errorf("cannot find pod with selector: %v", podSelectors) } url := clientSet.CoreV1().RESTClient().Post(). diff --git a/util/kube/testdata/svc-with-invalid-data.yaml b/util/kube/testdata/svc-with-invalid-data.yaml deleted file mode 100644 index bdae0d671131a..0000000000000 --- a/util/kube/testdata/svc-with-invalid-data.yaml +++ /dev/null @@ -1,17 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: - name: my-service - annotations: - valid-annotation: existing-value - invalid-annotation: null - labels: - valid-label: existing-value - invalid-label: null -spec: - selector: - app: MyApp - ports: - - protocol: TCP - port: 80 - targetPort: 9376 diff --git a/util/localconfig/localconfig.go b/util/localconfig/localconfig.go index 7f91ebbb05454..1a3828e240702 100644 --- a/util/localconfig/localconfig.go +++ b/util/localconfig/localconfig.go @@ -2,12 +2,12 @@ package localconfig import ( "fmt" + "github.com/golang-jwt/jwt/v4" "os" + "os/user" "path" "strings" - "github.com/golang-jwt/jwt/v4" - configUtil "github.com/argoproj/argo-cd/v2/util/config" ) @@ -281,10 +281,14 @@ func DefaultConfigDir() (string, error) { } func getHomeDir() (string, error) { - homeDir, err := os.UserHomeDir() + homeDir := os.Getenv("HOME") + if homeDir == "" { + usr, err := user.Current() + if err != nil { + return "", err + } - if err != nil { - return "", err + homeDir = usr.HomeDir } return homeDir, nil diff --git a/util/log/logrus_test.go b/util/log/logrus_test.go index 06cf71fd952b0..109473fff3c30 100644 --- a/util/log/logrus_test.go +++ b/util/log/logrus_test.go @@ -1,6 +1,7 @@ package log import ( + "os" "testing" "github.com/sirupsen/logrus" @@ -14,12 +15,12 @@ func TestCreateFormatter(t *testing.T) { }) t.Run("log format is text", func(t *testing.T) { t.Run("FORCE_LOG_COLORS == 1", func(t *testing.T) { - t.Setenv("FORCE_LOG_COLORS", "1") + os.Setenv("FORCE_LOG_COLORS", "1") result := CreateFormatter("text") assert.Equal(t, &logrus.TextFormatter{ForceColors: true}, result) }) t.Run("FORCE_LOG_COLORS != 1", func(t *testing.T) { - t.Setenv("FORCE_LOG_COLORS", "0") + os.Setenv("FORCE_LOG_COLORS", "0") result := CreateFormatter("text") assert.Equal(t, &logrus.TextFormatter{}, result) }) diff --git a/util/lua/custom_actions_test.go b/util/lua/custom_actions_test.go index 8f7d0e7495513..dbcfbde8c993e 100644 --- a/util/lua/custom_actions_test.go +++ b/util/lua/custom_actions_test.go @@ -1,22 +1,19 @@ package lua import ( - "bytes" "fmt" "os" "path/filepath" "strings" "testing" + "github.com/argoproj/gitops-engine/pkg/diff" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "sigs.k8s.io/yaml" - - "github.com/argoproj/gitops-engine/pkg/diff" appsv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/util/cli" - "github.com/argoproj/argo-cd/v2/util/errors" ) type testNormalizer struct{} @@ -26,53 +23,28 @@ func (t testNormalizer) Normalize(un *unstructured.Unstructured) error { return nil } switch un.GetKind() { - case "Job": - err := unstructured.SetNestedField(un.Object, map[string]interface{}{"name": "not sure why this works"}, "metadata") - if err != nil { - return fmt.Errorf("failed to normalize Job: %w", err) - } - } - switch un.GetKind() { case "DaemonSet", "Deployment", "StatefulSet": err := unstructured.SetNestedStringMap(un.Object, map[string]string{"kubectl.kubernetes.io/restartedAt": "0001-01-01T00:00:00Z"}, "spec", "template", "metadata", "annotations") if err != nil { - return fmt.Errorf("failed to normalize %s: %w", un.GetKind(), err) + return fmt.Errorf("failed to normalize DaemonSet: %w", err) } } switch un.GetKind() { case "Deployment": err := unstructured.SetNestedField(un.Object, nil, "status") if err != nil { - return fmt.Errorf("failed to normalize %s: %w", un.GetKind(), err) + return fmt.Errorf("failed to normalize DaemonSet: %w", err) } err = unstructured.SetNestedField(un.Object, nil, "metadata", "creationTimestamp") if err != nil { - return fmt.Errorf("failed to normalize %s: %w", un.GetKind(), err) + return fmt.Errorf("failed to normalize DaemonSet: %w", err) } err = unstructured.SetNestedField(un.Object, nil, "metadata", "generation") if err != nil { - return fmt.Errorf("failed to normalize %s: %w", un.GetKind(), err) + return fmt.Errorf("failed to normalize DaemonSet: %w", err) } case "Rollout": err := unstructured.SetNestedField(un.Object, nil, "spec", "restartAt") - if err != nil { - return fmt.Errorf("failed to normalize %s: %w", un.GetKind(), err) - } - case "ExternalSecret": - err := unstructured.SetNestedStringMap(un.Object, map[string]string{"force-sync": "0001-01-01T00:00:00Z"}, "metadata", "annotations") - if err != nil { - return fmt.Errorf("failed to normalize %s: %w", un.GetKind(), err) - } - case "Workflow": - err := unstructured.SetNestedField(un.Object, nil, "metadata", "resourceVersion") - if err != nil { - return fmt.Errorf("failed to normalize Rollout: %w", err) - } - err = unstructured.SetNestedField(un.Object, nil, "metadata", "uid") - if err != nil { - return fmt.Errorf("failed to normalize Rollout: %w", err) - } - err = unstructured.SetNestedField(un.Object, nil, "metadata", "annotations", "workflows.argoproj.io/scheduled-time") if err != nil { return fmt.Errorf("failed to normalize Rollout: %w", err) } @@ -130,7 +102,6 @@ func TestLuaResourceActionsScript(t *testing.T) { for i := range resourceTest.ActionTests { test := resourceTest.ActionTests[i] testName := fmt.Sprintf("actions/%s/%s", test.Action, test.InputPath) - t.Run(testName, func(t *testing.T) { vm := VM{ // Uncomment the following line if you need to use lua libraries debugging @@ -138,59 +109,22 @@ func TestLuaResourceActionsScript(t *testing.T) { // privileges that API server has. //UseOpenLibs: true, } - sourceObj := getObj(filepath.Join(dir, test.InputPath)) - action, err := vm.GetResourceAction(sourceObj, test.Action) - + obj := getObj(filepath.Join(dir, test.InputPath)) + action, err := vm.GetResourceAction(obj, test.Action) assert.NoError(t, err) assert.NoError(t, err) - impactedResources, err := vm.ExecuteResourceAction(sourceObj, action.ActionLua) + result, err := vm.ExecuteResourceAction(obj, action.ActionLua) assert.NoError(t, err) - // Treat the Lua expected output as a list - expectedObjects := getExpectedObjectList(t, filepath.Join(dir, test.ExpectedOutputPath)) - - for _, impactedResource := range impactedResources { - result := impactedResource.UnstructuredObj - - // The expected output is a list of objects - // Find the actual impacted resource in the expected output - expectedObj := findFirstMatchingItem(expectedObjects.Items, func(u unstructured.Unstructured) bool { - // Some resources' name is derived from the source object name, so the returned name is not actually equal to the testdata output name - // Considering the resource found in the testdata output if its name starts with source object name - // TODO: maybe this should use a normalizer function instead of hard-coding the resource specifics here - if (result.GetKind() == "Job" && sourceObj.GetKind() == "CronJob") || (result.GetKind() == "Workflow" && (sourceObj.GetKind() == "CronWorkflow" || sourceObj.GetKind() == "WorkflowTemplate")) { - return u.GroupVersionKind() == result.GroupVersionKind() && strings.HasPrefix(u.GetName(), sourceObj.GetName()) && u.GetNamespace() == result.GetNamespace() - } else { - return u.GroupVersionKind() == result.GroupVersionKind() && u.GetName() == result.GetName() && u.GetNamespace() == result.GetNamespace() - } - }) - - assert.NotNil(t, expectedObj) - - switch impactedResource.K8SOperation { - // No default case since a not supported operation would have failed upon unmarshaling earlier - case PatchOperation: - // Patching is only allowed for the source resource, so the GVK + name + ns must be the same as the impacted resource - assert.EqualValues(t, sourceObj.GroupVersionKind(), result.GroupVersionKind()) - assert.EqualValues(t, sourceObj.GetName(), result.GetName()) - assert.EqualValues(t, sourceObj.GetNamespace(), result.GetNamespace()) - case CreateOperation: - switch result.GetKind() { - case "Job": - case "Workflow": - // The name of the created resource is derived from the source object name, so the returned name is not actually equal to the testdata output name - result.SetName(expectedObj.GetName()) - } - } - // Ideally, we would use a assert.Equal to detect the difference, but the Lua VM returns a object with float64 instead of the original int32. As a result, the assert.Equal is never true despite that the change has been applied. - diffResult, err := diff.Diff(expectedObj, result, diff.WithNormalizer(testNormalizer{})) + expectedObj := getObj(filepath.Join(dir, test.ExpectedOutputPath)) + // Ideally, we would use a assert.Equal to detect the difference, but the Lua VM returns a object with float64 instead of the original int32. As a result, the assert.Equal is never true despite that the change has been applied. + diffResult, err := diff.Diff(expectedObj, result, diff.WithNormalizer(testNormalizer{})) + assert.NoError(t, err) + if diffResult.Modified { + t.Error("Output does not match input:") + err = cli.PrintDiff(test.Action, expectedObj, result) assert.NoError(t, err) - if diffResult.Modified { - t.Error("Output does not match input:") - err = cli.PrintDiff(test.Action, expectedObj, result) - assert.NoError(t, err) - } } }) } @@ -199,46 +133,3 @@ func TestLuaResourceActionsScript(t *testing.T) { }) assert.Nil(t, err) } - -// Handling backward compatibility. -// The old-style actions return a single object in the expected output from testdata, so will wrap them in a list -func getExpectedObjectList(t *testing.T, path string) *unstructured.UnstructuredList { - yamlBytes, err := os.ReadFile(path) - errors.CheckError(err) - unstructuredList := &unstructured.UnstructuredList{} - yamlString := bytes.NewBuffer(yamlBytes).String() - if yamlString[0] == '-' { - // The string represents a new-style action array output, where each member is a wrapper around a k8s unstructured resource - objList := make([]map[string]interface{}, 5) - err = yaml.Unmarshal(yamlBytes, &objList) - errors.CheckError(err) - unstructuredList.Items = make([]unstructured.Unstructured, len(objList)) - // Append each map in objList to the Items field of the new object - for i, obj := range objList { - unstructuredObj, ok := obj["unstructuredObj"].(map[string]interface{}) - if !ok { - t.Error("Wrong type of unstructuredObj") - } - unstructuredList.Items[i] = unstructured.Unstructured{Object: unstructuredObj} - } - } else { - // The string represents an old-style action object output, which is a k8s unstructured resource - obj := make(map[string]interface{}) - err = yaml.Unmarshal(yamlBytes, &obj) - errors.CheckError(err) - unstructuredList.Items = make([]unstructured.Unstructured, 1) - unstructuredList.Items[0] = unstructured.Unstructured{Object: obj} - } - return unstructuredList -} - -func findFirstMatchingItem(items []unstructured.Unstructured, f func(unstructured.Unstructured) bool) *unstructured.Unstructured { - var matching *unstructured.Unstructured = nil - for _, item := range items { - if f(item) { - matching = &item - break - } - } - return matching -} diff --git a/util/lua/health_test.go b/util/lua/health_test.go index d4fa537bc2964..1052f5c8fa95a 100644 --- a/util/lua/health_test.go +++ b/util/lua/health_test.go @@ -7,9 +7,9 @@ import ( "testing" "github.com/argoproj/gitops-engine/pkg/health" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/util/errors" ) @@ -29,7 +29,6 @@ func getObj(path string) *unstructured.Unstructured { obj := make(map[string]interface{}) err = yaml.Unmarshal(yamlBytes, &obj) errors.CheckError(err) - return &unstructured.Unstructured{Object: obj} } diff --git a/util/lua/impacted_resource.go b/util/lua/impacted_resource.go deleted file mode 100644 index de6ab5933372d..0000000000000 --- a/util/lua/impacted_resource.go +++ /dev/null @@ -1,50 +0,0 @@ -package lua - -import ( - "fmt" - - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" -) - -// This struct represents a wrapper, that is returned from Lua custom action script, around the unstructured k8s resource + a k8s operation -// that will need to be performed on this returned resource. -// Currently only "create" and "patch" operations are supported for custom actions. -// This replaces the traditional architecture of "Lua action returns the source resource for ArgoCD to patch". -// This enables ArgoCD to create NEW resources upon custom action. -// Note that the Lua code in the custom action is coupled to this type, since Lua json output is then unmarshalled to this struct. -// Avoided using iota, since need the mapping of the string value the end users will write in Lua code ("create" and "patch"). -// TODO: maybe there is a nicer general way to marshal and unmarshal, instead of explicit iteration over the enum values. -type K8SOperation string - -const ( - CreateOperation K8SOperation = "create" - PatchOperation K8SOperation = "patch" -) - -type ImpactedResource struct { - UnstructuredObj *unstructured.Unstructured `json:"resource"` - K8SOperation K8SOperation `json:"operation"` -} - -func (op *K8SOperation) UnmarshalJSON(data []byte) error { - switch string(data) { - case `"create"`: - *op = CreateOperation - case `"patch"`: - *op = PatchOperation - default: - return fmt.Errorf("unsupported operation: %s", data) - } - return nil -} - -func (op K8SOperation) MarshalJSON() ([]byte, error) { - switch op { - case CreateOperation: - return []byte(`"create"`), nil - case PatchOperation: - return []byte(`"patch"`), nil - default: - return nil, fmt.Errorf("unsupported operation: %s", op) - } -} diff --git a/util/lua/lua.go b/util/lua/lua.go index d9849708e8c95..8f1daba22406c 100644 --- a/util/lua/lua.go +++ b/util/lua/lua.go @@ -1,7 +1,6 @@ package lua import ( - "bytes" "context" "encoding/json" "fmt" @@ -22,7 +21,6 @@ import ( const ( incorrectReturnType = "expect %s output from Lua script, not %s" - incorrectInnerType = "expect %s inner type from Lua script, not %s" invalidHealthStatus = "Lua returned an invalid health status" healthScriptFile = "health.lua" actionScriptFile = "action.lua" @@ -102,7 +100,6 @@ func (vm VM) ExecuteHealthLua(obj *unstructured.Unstructured, script string) (*h } returnValue := l.Get(-1) if returnValue.Type() == lua.LTTable { - jsonBytes, err := luajson.Encode(returnValue) if err != nil { return nil, err @@ -149,7 +146,7 @@ func (vm VM) GetHealthScript(obj *unstructured.Unstructured) (string, bool, erro return builtInScript, true, err } -func (vm VM) ExecuteResourceAction(obj *unstructured.Unstructured, script string) ([]ImpactedResource, error) { +func (vm VM) ExecuteResourceAction(obj *unstructured.Unstructured, script string) (*unstructured.Unstructured, error) { l, err := vm.runLua(obj, script) if err != nil { return nil, err @@ -157,63 +154,20 @@ func (vm VM) ExecuteResourceAction(obj *unstructured.Unstructured, script string returnValue := l.Get(-1) if returnValue.Type() == lua.LTTable { jsonBytes, err := luajson.Encode(returnValue) - if err != nil { return nil, err } - - var impactedResources []ImpactedResource - - jsonString := bytes.NewBuffer(jsonBytes).String() - if len(jsonString) < 2 { - return nil, fmt.Errorf("Lua output was not a valid json object or array") - } - // The output from Lua is either an object (old-style action output) or an array (new-style action output). - // Check whether the string starts with an opening square bracket and ends with a closing square bracket, - // avoiding programming by exception. - if jsonString[0] == '[' && jsonString[len(jsonString)-1] == ']' { - // The string represents a new-style action array output - impactedResources, err = UnmarshalToImpactedResources(string(jsonBytes)) - if err != nil { - return nil, err - } - } else { - // The string represents an old-style action object output - newObj, err := appv1.UnmarshalToUnstructured(string(jsonBytes)) - if err != nil { - return nil, err - } - // Wrap the old-style action output with a single-member array. - // The default definition of the old-style action is a "patch" one. - impactedResources = append(impactedResources, ImpactedResource{newObj, PatchOperation}) - } - - for _, impactedResource := range impactedResources { - // Cleaning the resource is only relevant to "patch" - if impactedResource.K8SOperation == PatchOperation { - impactedResource.UnstructuredObj.Object = cleanReturnedObj(impactedResource.UnstructuredObj.Object, obj.Object) - } - + newObj, err := appv1.UnmarshalToUnstructured(string(jsonBytes)) + if err != nil { + return nil, err } - return impactedResources, nil + cleanedNewObj := cleanReturnedObj(newObj.Object, obj.Object) + newObj.Object = cleanedNewObj + return newObj, nil } return nil, fmt.Errorf(incorrectReturnType, "table", returnValue.Type().String()) } -// UnmarshalToImpactedResources unmarshals an ImpactedResource array representation in JSON to ImpactedResource array -func UnmarshalToImpactedResources(resources string) ([]ImpactedResource, error) { - if resources == "" || resources == "null" { - return nil, nil - } - - var impactedResources []ImpactedResource - err := json.Unmarshal([]byte(resources), &impactedResources) - if err != nil { - return nil, err - } - return impactedResources, nil -} - // cleanReturnedObj Lua cannot distinguish an empty table as an array or map, and the library we are using choose to // decoded an empty table into an empty array. This function prevents the lua scripts from unintentionally changing an // empty struct into empty arrays diff --git a/util/lua/lua_test.go b/util/lua/lua_test.go index 1beb3d261e617..49e0a8a933d06 100644 --- a/util/lua/lua_test.go +++ b/util/lua/lua_test.go @@ -1,15 +1,14 @@ package lua import ( - "bytes" "fmt" "testing" "github.com/argoproj/gitops-engine/pkg/health" + "github.com/ghodss/yaml" "github.com/stretchr/testify/assert" lua "github.com/yuin/gopher-lua" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "sigs.k8s.io/yaml" appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" "github.com/argoproj/argo-cd/v2/util/grpc" @@ -25,7 +24,6 @@ metadata: namespace: default resourceVersion: "123" ` - const objWithNoScriptJSON = ` apiVersion: not-an-endpoint.io/v1alpha1 kind: Test @@ -372,7 +370,7 @@ obj.metadata.labels["test"] = "test" return obj ` -const expectedLuaUpdatedResult = ` +const expectedUpdatedObj = ` apiVersion: argoproj.io/v1alpha1 kind: Rollout metadata: @@ -384,220 +382,13 @@ metadata: resourceVersion: "123" ` -// Test an action that returns a single k8s resource json -func TestExecuteOldStyleResourceAction(t *testing.T) { +func TestExecuteResourceAction(t *testing.T) { testObj := StrToUnstructured(objJSON) - expectedLuaUpdatedObj := StrToUnstructured(expectedLuaUpdatedResult) - vm := VM{} - newObjects, err := vm.ExecuteResourceAction(testObj, validActionLua) - assert.Nil(t, err) - assert.Equal(t, len(newObjects), 1) - assert.Equal(t, newObjects[0].K8SOperation, K8SOperation("patch")) - assert.Equal(t, expectedLuaUpdatedObj, newObjects[0].UnstructuredObj) -} - -const cronJobObjYaml = ` -apiVersion: batch/v1 -kind: CronJob -metadata: - name: hello - namespace: test-ns -` - -const expectedCreatedJobObjList = ` -- operation: create - resource: - apiVersion: batch/v1 - kind: Job - metadata: - name: hello-1 - namespace: test-ns -` - -const expectedCreatedMultipleJobsObjList = ` -- operation: create - resource: - apiVersion: batch/v1 - kind: Job - metadata: - name: hello-1 - namespace: test-ns -- operation: create - resource: - apiVersion: batch/v1 - kind: Job - metadata: - name: hello-2 - namespace: test-ns -` - -const expectedActionMixedOperationObjList = ` -- operation: create - resource: - apiVersion: batch/v1 - kind: Job - metadata: - name: hello-1 - namespace: test-ns -- operation: patch - resource: - apiVersion: batch/v1 - kind: CronJob - metadata: - name: hello - namespace: test-ns - labels: - test: test -` - -const createJobActionLua = ` -job = {} -job.apiVersion = "batch/v1" -job.kind = "Job" - -job.metadata = {} -job.metadata.name = "hello-1" -job.metadata.namespace = "test-ns" - -impactedResource = {} -impactedResource.operation = "create" -impactedResource.resource = job -result = {} -result[1] = impactedResource - -return result -` - -const createMultipleJobsActionLua = ` -job1 = {} -job1.apiVersion = "batch/v1" -job1.kind = "Job" - -job1.metadata = {} -job1.metadata.name = "hello-1" -job1.metadata.namespace = "test-ns" - -impactedResource1 = {} -impactedResource1.operation = "create" -impactedResource1.resource = job1 -result = {} -result[1] = impactedResource1 - -job2 = {} -job2.apiVersion = "batch/v1" -job2.kind = "Job" - -job2.metadata = {} -job2.metadata.name = "hello-2" -job2.metadata.namespace = "test-ns" - -impactedResource2 = {} -impactedResource2.operation = "create" -impactedResource2.resource = job2 - -result[2] = impactedResource2 - -return result -` -const mixedOperationActionLuaOk = ` -job1 = {} -job1.apiVersion = "batch/v1" -job1.kind = "Job" - -job1.metadata = {} -job1.metadata.name = "hello-1" -job1.metadata.namespace = obj.metadata.namespace - -impactedResource1 = {} -impactedResource1.operation = "create" -impactedResource1.resource = job1 -result = {} -result[1] = impactedResource1 - -obj.metadata.labels = {} -obj.metadata.labels["test"] = "test" - -impactedResource2 = {} -impactedResource2.operation = "patch" -impactedResource2.resource = obj - -result[2] = impactedResource2 - -return result -` - -const createMixedOperationActionLuaFailing = ` -job1 = {} -job1.apiVersion = "batch/v1" -job1.kind = "Job" - -job1.metadata = {} -job1.metadata.name = "hello-1" -job1.metadata.namespace = obj.metadata.namespace - -impactedResource1 = {} -impactedResource1.operation = "create" -impactedResource1.resource = job1 -result = {} -result[1] = impactedResource1 - -obj.metadata.labels = {} -obj.metadata.labels["test"] = "test" - -impactedResource2 = {} -impactedResource2.operation = "thisShouldFail" -impactedResource2.resource = obj - -result[2] = impactedResource2 - -return result -` - -func TestExecuteNewStyleCreateActionSingleResource(t *testing.T) { - testObj := StrToUnstructured(cronJobObjYaml) - jsonBytes, err := yaml.YAMLToJSON([]byte(expectedCreatedJobObjList)) - assert.Nil(t, err) - t.Log(bytes.NewBuffer(jsonBytes).String()) - expectedObjects, err := UnmarshalToImpactedResources(bytes.NewBuffer(jsonBytes).String()) - assert.Nil(t, err) - vm := VM{} - newObjects, err := vm.ExecuteResourceAction(testObj, createJobActionLua) - assert.Nil(t, err) - assert.Equal(t, expectedObjects, newObjects) -} - -func TestExecuteNewStyleCreateActionMultipleResources(t *testing.T) { - testObj := StrToUnstructured(cronJobObjYaml) - jsonBytes, err := yaml.YAMLToJSON([]byte(expectedCreatedMultipleJobsObjList)) - assert.Nil(t, err) - // t.Log(bytes.NewBuffer(jsonBytes).String()) - expectedObjects, err := UnmarshalToImpactedResources(bytes.NewBuffer(jsonBytes).String()) - assert.Nil(t, err) + expectedObj := StrToUnstructured(expectedUpdatedObj) vm := VM{} - newObjects, err := vm.ExecuteResourceAction(testObj, createMultipleJobsActionLua) + newObj, err := vm.ExecuteResourceAction(testObj, validActionLua) assert.Nil(t, err) - assert.Equal(t, expectedObjects, newObjects) -} - -func TestExecuteNewStyleActionMixedOperationsOk(t *testing.T) { - testObj := StrToUnstructured(cronJobObjYaml) - jsonBytes, err := yaml.YAMLToJSON([]byte(expectedActionMixedOperationObjList)) - assert.Nil(t, err) - // t.Log(bytes.NewBuffer(jsonBytes).String()) - expectedObjects, err := UnmarshalToImpactedResources(bytes.NewBuffer(jsonBytes).String()) - assert.Nil(t, err) - vm := VM{} - newObjects, err := vm.ExecuteResourceAction(testObj, mixedOperationActionLuaOk) - assert.Nil(t, err) - assert.Equal(t, expectedObjects, newObjects) -} - -func TestExecuteNewStyleActionMixedOperationsFailure(t *testing.T) { - testObj := StrToUnstructured(cronJobObjYaml) - vm := VM{} - _, err := vm.ExecuteResourceAction(testObj, createMixedOperationActionLuaFailing) - assert.NotNil(t, err) - assert.Contains(t, err.Error(), "unsupported operation") + assert.Equal(t, expectedObj, newObj) } func TestExecuteResourceActionNonTableReturn(t *testing.T) { @@ -670,11 +461,10 @@ func TestCleanPatch(t *testing.T) { testObj := StrToUnstructured(objWithEmptyStruct) expectedObj := StrToUnstructured(expectedUpdatedObjWithEmptyStruct) vm := VM{} - newObjects, err := vm.ExecuteResourceAction(testObj, pausedToFalseLua) + newObj, err := vm.ExecuteResourceAction(testObj, pausedToFalseLua) assert.Nil(t, err) - assert.Equal(t, len(newObjects), 1) - assert.Equal(t, newObjects[0].K8SOperation, K8SOperation("patch")) - assert.Equal(t, expectedObj, newObjects[0].UnstructuredObj) + assert.Equal(t, expectedObj, newObj) + } func TestGetResourceHealth(t *testing.T) { @@ -697,7 +487,7 @@ hs.status = "Healthy" return hs` const healthWildcardOverrideScript = ` - hs = {} + hs = {} hs.status = "Healthy" return hs` diff --git a/util/notification/settings/legacy.go b/util/notification/settings/legacy.go index 027d33f90eba5..02e8652f8bc3f 100644 --- a/util/notification/settings/legacy.go +++ b/util/notification/settings/legacy.go @@ -11,9 +11,9 @@ import ( "github.com/argoproj/notifications-engine/pkg/triggers" "github.com/argoproj/notifications-engine/pkg/util/text" jsonpatch "github.com/evanphx/json-patch" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" v1 "k8s.io/api/core/v1" - "sigs.k8s.io/yaml" ) type legacyTemplate struct { diff --git a/util/notification/settings/settings.go b/util/notification/settings/settings.go index 865a627747d31..f471b650c9a60 100644 --- a/util/notification/settings/settings.go +++ b/util/notification/settings/settings.go @@ -3,9 +3,9 @@ package settings import ( "github.com/argoproj/notifications-engine/pkg/api" "github.com/argoproj/notifications-engine/pkg/services" + "github.com/ghodss/yaml" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/util/notification/expression" diff --git a/util/proxy/proxy_test.go b/util/proxy/proxy_test.go index e2bee322250bd..8f50203a8d4a4 100644 --- a/util/proxy/proxy_test.go +++ b/util/proxy/proxy_test.go @@ -3,6 +3,7 @@ package proxy import ( "net/http" "net/http/httptest" + "os" "os/exec" "testing" @@ -35,7 +36,8 @@ func TestGetCallBack(t *testing.T) { }) t.Run("custom proxy absent", func(t *testing.T) { proxyEnv := "http://proxy:8888" - t.Setenv("http_proxy", "http://proxy:8888") + os.Setenv("http_proxy", "http://proxy:8888") + defer os.Unsetenv("http_proxy") url, err := GetCallback("")(httptest.NewRequest(http.MethodGet, proxyEnv, nil)) assert.Nil(t, err) assert.Equal(t, proxyEnv, url.String()) diff --git a/util/rbac/rbac.go b/util/rbac/rbac.go index d0c4ca65630cf..b6a7080ba6a25 100644 --- a/util/rbac/rbac.go +++ b/util/rbac/rbac.go @@ -5,7 +5,6 @@ import ( "encoding/csv" "errors" "fmt" - "sort" "strings" "sync" "time" @@ -395,43 +394,14 @@ func (e *Enforcer) runInformer(ctx context.Context, onUpdated func(cm *apiv1.Con log.Info("rbac configmap informer cancelled") } -// PolicyCSV will generate the final policy csv to be used -// by Argo CD RBAC. It will find entries in the given data -// that matches the policy key name convention: -// -// policy[.overlay].csv -func PolicyCSV(data map[string]string) string { - var strBuilder strings.Builder - // add the main policy first - if p, ok := data[ConfigMapPolicyCSVKey]; ok { - strBuilder.WriteString(p) - } - - keys := make([]string, 0, len(data)) - for k := range data { - keys = append(keys, k) - } - sort.Strings(keys) - - // append additional policies at the end of the csv - for _, key := range keys { - value := data[key] - if strings.HasPrefix(key, "policy.") && - strings.HasSuffix(key, ".csv") && - key != ConfigMapPolicyCSVKey { - - strBuilder.WriteString("\n") - strBuilder.WriteString(value) - } - } - return strBuilder.String() -} - // syncUpdate updates the enforcer func (e *Enforcer) syncUpdate(cm *apiv1.ConfigMap, onUpdated func(cm *apiv1.ConfigMap) error) error { e.SetDefaultRole(cm.Data[ConfigMapPolicyDefaultKey]) e.SetMatchMode(cm.Data[ConfigMapMatchModeKey]) - policyCSV := PolicyCSV(cm.Data) + policyCSV, ok := cm.Data[ConfigMapPolicyCSVKey] + if !ok { + policyCSV = "" + } if err := onUpdated(cm); err != nil { return err } @@ -498,12 +468,7 @@ func loadPolicyLine(line string, model model.Model) error { return err } - tokenLen := len(tokens) - - if tokenLen < 1 || - tokens[0] == "" || - (tokens[0] == "g" && tokenLen != 3) || - (tokens[0] == "p" && tokenLen != 6) { + if len(tokens) < 2 || len(tokens[0]) < 1 { return fmt.Errorf("invalid RBAC policy: %s", line) } diff --git a/util/rbac/rbac_test.go b/util/rbac/rbac_test.go index 04d833ce85871..cdad170857202 100644 --- a/util/rbac/rbac_test.go +++ b/util/rbac/rbac_test.go @@ -3,7 +3,6 @@ package rbac import ( "context" "fmt" - "strings" "testing" "time" @@ -44,69 +43,6 @@ func fakeConfigMap() *apiv1.ConfigMap { return &cm } -func TestPolicyCSV(t *testing.T) { - t.Run("will return empty string if data has no csv entries", func(t *testing.T) { - // given - data := make(map[string]string) - - // when - policy := PolicyCSV(data) - - // then - assert.Equal(t, "", policy) - }) - t.Run("will return just policy defined with default key", func(t *testing.T) { - // given - data := make(map[string]string) - expectedPolicy := "policy1\npolicy2" - data[ConfigMapPolicyCSVKey] = expectedPolicy - data["UnrelatedKey"] = "unrelated value" - - // when - policy := PolicyCSV(data) - - // then - assert.Equal(t, expectedPolicy, policy) - }) - t.Run("will return composed policy provided by multiple policy keys", func(t *testing.T) { - // given - data := make(map[string]string) - data[ConfigMapPolicyCSVKey] = "policy1" - data["UnrelatedKey"] = "unrelated value" - data["policy.overlay1.csv"] = "policy2" - data["policy.overlay2.csv"] = "policy3" - - // when - policy := PolicyCSV(data) - - // then - assert.Regexp(t, "^policy1", policy) - assert.Contains(t, policy, "policy2") - assert.Contains(t, policy, "policy3") - }) - t.Run("will return composed policy in a deterministic order", func(t *testing.T) { - // given - data := make(map[string]string) - data["UnrelatedKey"] = "unrelated value" - data["policy.B.csv"] = "policyb" - data["policy.A.csv"] = "policya" - data["policy.C.csv"] = "policyc" - data[ConfigMapPolicyCSVKey] = "policy1" - - // when - policy := PolicyCSV(data) - - // then - result := strings.Split(policy, "\n") - assert.Len(t, result, 4) - assert.Equal(t, "policy1", result[0]) - assert.Equal(t, "policya", result[1]) - assert.Equal(t, "policyb", result[2]) - assert.Equal(t, "policyc", result[3]) - }) - -} - // TestBuiltinPolicyEnforcer tests the builtin policy rules func TestBuiltinPolicyEnforcer(t *testing.T) { kubeclientset := fake.NewSimpleClientset() @@ -466,14 +402,8 @@ func TestGlobMatchFunc(t *testing.T) { } func TestLoadPolicyLine(t *testing.T) { - t.Run("Valid permission line", func(t *testing.T) { - policy := `p, role:Myrole, applications, *, myproj/*, allow` - model := newBuiltInModel() - err := loadPolicyLine(policy, model) - require.NoError(t, err) - }) - t.Run("Valid grant line", func(t *testing.T) { - policy := `g, your-github-org:your-team, role:org-admin` + t.Run("Valid policy line", func(t *testing.T) { + policy := `p, foo, bar, baz` model := newBuiltInModel() err := loadPolicyLine(policy, model) require.NoError(t, err) @@ -508,16 +438,4 @@ func TestLoadPolicyLine(t *testing.T) { err := loadPolicyLine(policy, model) require.Error(t, err) }) - t.Run("Invalid policy line missing comma", func(t *testing.T) { - policy := "p, role:Myrole, applications, *, myproj/* allow" - model := newBuiltInModel() - err := loadPolicyLine(policy, model) - require.Error(t, err) - }) - t.Run("Invalid policy line missing policy type", func(t *testing.T) { - policy := ", role:Myrole, applications, *, myproj/*, allow" - model := newBuiltInModel() - err := loadPolicyLine(policy, model) - require.Error(t, err) - }) } diff --git a/util/security/rbac.go b/util/security/rbac.go index d80cbbadb3817..ebfdde01c399e 100644 --- a/util/security/rbac.go +++ b/util/security/rbac.go @@ -4,8 +4,8 @@ import ( "fmt" ) -// RBACName constructs name of the app for use in RBAC checks. -func RBACName(defaultNS string, project string, namespace string, name string) string { +// AppRBACName constructs name of the app for use in RBAC checks. +func AppRBACName(defaultNS string, project string, namespace string, name string) string { if defaultNS != "" && namespace != defaultNS && namespace != "" { return fmt.Sprintf("%s/%s/%s", project, namespace, name) } else { diff --git a/util/security/rbac_test.go b/util/security/rbac_test.go index ca8e6dec77020..a3a447d4d5096 100644 --- a/util/security/rbac_test.go +++ b/util/security/rbac_test.go @@ -45,7 +45,7 @@ func Test_AppRBACName(t *testing.T) { tcc := tc t.Run(tcc.name, func(t *testing.T) { t.Parallel() - result := RBACName(tcc.defaultNS, tcc.project, tcc.namespace, tcc.appName) + result := AppRBACName(tcc.defaultNS, tcc.project, tcc.namespace, tcc.appName) assert.Equal(t, tcc.expectedResult, result) }) } diff --git a/util/session/sessionmanager_test.go b/util/session/sessionmanager_test.go index d01ba3ef5f32d..52b7c76aa755d 100644 --- a/util/session/sessionmanager_test.go +++ b/util/session/sessionmanager_test.go @@ -9,6 +9,7 @@ import ( "math" "net/http" "net/http/httptest" + "os" "strconv" "strings" "testing" @@ -448,47 +449,59 @@ func TestCacheValueGetters(t *testing.T) { }) t.Run("Valid environment overrides", func(t *testing.T) { - t.Setenv(envLoginMaxFailCount, "5") - t.Setenv(envLoginMaxCacheSize, "5") + os.Setenv(envLoginMaxFailCount, "5") + os.Setenv(envLoginMaxCacheSize, "5") mlf := getMaxLoginFailures() assert.Equal(t, 5, mlf) mcs := getMaximumCacheSize() assert.Equal(t, 5, mcs) + + os.Setenv(envLoginMaxFailCount, "") + os.Setenv(envLoginMaxCacheSize, "") }) t.Run("Invalid environment overrides", func(t *testing.T) { - t.Setenv(envLoginMaxFailCount, "invalid") - t.Setenv(envLoginMaxCacheSize, "invalid") + os.Setenv(envLoginMaxFailCount, "invalid") + os.Setenv(envLoginMaxCacheSize, "invalid") mlf := getMaxLoginFailures() assert.Equal(t, defaultMaxLoginFailures, mlf) mcs := getMaximumCacheSize() assert.Equal(t, defaultMaxCacheSize, mcs) + + os.Setenv(envLoginMaxFailCount, "") + os.Setenv(envLoginMaxCacheSize, "") }) t.Run("Less than allowed in environment overrides", func(t *testing.T) { - t.Setenv(envLoginMaxFailCount, "-1") - t.Setenv(envLoginMaxCacheSize, "-1") + os.Setenv(envLoginMaxFailCount, "-1") + os.Setenv(envLoginMaxCacheSize, "-1") mlf := getMaxLoginFailures() assert.Equal(t, defaultMaxLoginFailures, mlf) mcs := getMaximumCacheSize() assert.Equal(t, defaultMaxCacheSize, mcs) + + os.Setenv(envLoginMaxFailCount, "") + os.Setenv(envLoginMaxCacheSize, "") }) t.Run("Greater than allowed in environment overrides", func(t *testing.T) { - t.Setenv(envLoginMaxFailCount, fmt.Sprintf("%d", math.MaxInt32+1)) - t.Setenv(envLoginMaxCacheSize, fmt.Sprintf("%d", math.MaxInt32+1)) + os.Setenv(envLoginMaxFailCount, fmt.Sprintf("%d", math.MaxInt32+1)) + os.Setenv(envLoginMaxCacheSize, fmt.Sprintf("%d", math.MaxInt32+1)) mlf := getMaxLoginFailures() assert.Equal(t, defaultMaxLoginFailures, mlf) mcs := getMaximumCacheSize() assert.Equal(t, defaultMaxCacheSize, mcs) + + os.Setenv(envLoginMaxFailCount, "") + os.Setenv(envLoginMaxCacheSize, "") }) } @@ -548,7 +561,7 @@ func TestMaxCacheSize(t *testing.T) { invalidUsers := []string{"invalid1", "invalid2", "invalid3", "invalid4", "invalid5", "invalid6", "invalid7"} // Temporarily decrease max cache size - t.Setenv(envLoginMaxCacheSize, "5") + os.Setenv(envLoginMaxCacheSize, "5") for _, user := range invalidUsers { err := mgr.VerifyUsernamePassword(user, "password") @@ -564,7 +577,7 @@ func TestFailedAttemptsExpiry(t *testing.T) { invalidUsers := []string{"invalid1", "invalid2", "invalid3", "invalid4", "invalid5", "invalid6", "invalid7"} - t.Setenv(envLoginFailureWindowSeconds, "1") + os.Setenv(envLoginFailureWindowSeconds, "1") for _, user := range invalidUsers { err := mgr.VerifyUsernamePassword(user, "password") @@ -576,6 +589,8 @@ func TestFailedAttemptsExpiry(t *testing.T) { err := mgr.VerifyUsernamePassword("invalid8", "password") assert.Error(t, err) assert.Len(t, mgr.GetLoginFailures(), 1) + + os.Setenv(envLoginFailureWindowSeconds, "") } func getKubeClientWithConfig(config map[string]string, secretConfig map[string][]byte) *fake.Clientset { diff --git a/util/settings/resources_filter.go b/util/settings/resources_filter.go index 7e656eabba8aa..86f95cbfc7d63 100644 --- a/util/settings/resources_filter.go +++ b/util/settings/resources_filter.go @@ -62,6 +62,7 @@ func (rf *ResourcesFilter) isExcludedResource(apiGroup, kind, cluster string) bo // +-------------+-------------+-------------+ // | Present | Present | Not Allowed | // +-------------+-------------+-------------+ +// func (rf *ResourcesFilter) IsExcludedResource(apiGroup, kind, cluster string) bool { // if excluded, do not allow if rf.isExcludedResource(apiGroup, kind, cluster) { diff --git a/util/settings/settings.go b/util/settings/settings.go index 9cd38417e081e..8637c46fea72c 100644 --- a/util/settings/settings.go +++ b/util/settings/settings.go @@ -18,6 +18,7 @@ import ( "time" timeutil "github.com/argoproj/pkg/time" + "github.com/ghodss/yaml" log "github.com/sirupsen/logrus" apiv1 "k8s.io/api/core/v1" apierr "k8s.io/apimachinery/pkg/api/errors" @@ -29,7 +30,6 @@ import ( "k8s.io/client-go/kubernetes" v1listers "k8s.io/client-go/listers/core/v1" "k8s.io/client-go/tools/cache" - "sigs.k8s.io/yaml" "github.com/argoproj/argo-cd/v2/common" "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" @@ -71,10 +71,6 @@ type ArgoCDSettings struct { WebhookBitbucketServerSecret string `json:"webhookBitbucketServerSecret,omitempty"` // WebhookGogsSecret holds the shared secret for authenticating Gogs webhook events WebhookGogsSecret string `json:"webhookGogsSecret,omitempty"` - // WebhookAzureDevOpsUsername holds the username for authenticating Azure DevOps webhook events - WebhookAzureDevOpsUsername string `json:"webhookAzureDevOpsUsername,omitempty"` - // WebhookAzureDevOpsPassword holds the password for authenticating Azure DevOps webhook events - WebhookAzureDevOpsPassword string `json:"webhookAzureDevOpsPassword,omitempty"` // Secrets holds all secrets in argocd-secret as a map[string]string Secrets map[string]string `json:"secrets,omitempty"` // KustomizeBuildOptions is a string of kustomize build parameters @@ -415,10 +411,6 @@ const ( settingsWebhookBitbucketServerSecretKey = "webhook.bitbucketserver.secret" // settingsWebhookGogsSecret is the key for Gogs webhook secret settingsWebhookGogsSecretKey = "webhook.gogs.secret" - // settingsWebhookAzureDevOpsUsernameKey is the key for Azure DevOps webhook username - settingsWebhookAzureDevOpsUsernameKey = "webhook.azuredevops.username" - // settingsWebhookAzureDevOpsPasswordKey is the key for Azure DevOps webhook password - settingsWebhookAzureDevOpsPasswordKey = "webhook.azuredevops.password" // settingsApplicationInstanceLabelKey is the key to configure injected app instance label key settingsApplicationInstanceLabelKey = "application.instanceLabelKey" // settingsResourceTrackingMethodKey is the key to configure tracking method for application resources @@ -429,10 +421,10 @@ const ( resourceExclusionsKey = "resource.exclusions" // resourceInclusions is the key to the list of explicitly watched resources resourceInclusionsKey = "resource.inclusions" - // resourceIgnoreResourceUpdatesEnabledKey is the key to a boolean determining whether the resourceIgnoreUpdates feature is enabled - resourceIgnoreResourceUpdatesEnabledKey = "resource.ignoreResourceUpdatesEnabled" // resourceCustomLabelKey is the key to a custom label to show in node info, if present resourceCustomLabelsKey = "resource.customLabels" + // configManagementPluginsKey is the key to the list of config management plugins + configManagementPluginsKey = "configManagementPlugins" // kustomizeBuildOptionsKey is a string of kustomize build parameters kustomizeBuildOptionsKey = "kustomize.buildOptions" // kustomizeVersionKeyPrefix is a kustomize version key prefix @@ -538,9 +530,6 @@ type ArgoCDDiffOptions struct { // If set to true then differences caused by status are ignored. IgnoreResourceStatusField IgnoreStatus `json:"ignoreResourceStatusField,omitempty"` - - // If set to true then ignoreDifferences are applied to ignore application refresh on resource updates. - IgnoreDifferencesOnResourceUpdates bool `json:"ignoreDifferencesOnResourceUpdates,omitempty"` } func (e *incompleteSettingsError) Error() string { @@ -564,7 +553,7 @@ func (mgr *SettingsManager) GetSecretsLister() (v1listers.SecretLister, error) { func (mgr *SettingsManager) GetSecretsInformer() (cache.SharedIndexInformer, error) { err := mgr.ensureSynced(false) if err != nil { - return nil, fmt.Errorf("error ensuring that the secrets manager is synced: %w", err) + return nil, err } return mgr.secretsInformer, nil } @@ -688,14 +677,14 @@ func (mgr *SettingsManager) GetConfigMapByName(configMapName string) (*apiv1.Con func (mgr *SettingsManager) GetResourcesFilter() (*ResourcesFilter, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving argocd-cm: %w", err) + return nil, err } rf := &ResourcesFilter{} if value, ok := argoCDCM.Data[resourceInclusionsKey]; ok { includedResources := make([]FilteredResource, 0) err := yaml.Unmarshal([]byte(value), &includedResources) if err != nil { - return nil, fmt.Errorf("error unmarshalling included resources %w", err) + return nil, err } rf.ResourceInclusions = includedResources } @@ -704,7 +693,7 @@ func (mgr *SettingsManager) GetResourcesFilter() (*ResourcesFilter, error) { excludedResources := make([]FilteredResource, 0) err := yaml.Unmarshal([]byte(value), &excludedResources) if err != nil { - return nil, fmt.Errorf("error unmarshalling excluded resources %w", err) + return nil, err } rf.ResourceExclusions = excludedResources } @@ -756,16 +745,31 @@ func (mgr *SettingsManager) GetServerRBACLogEnforceEnable() (bool, error) { return strconv.ParseBool(argoCDCM.Data[settingsServerRBACLogEnforceEnableKey]) } +func (mgr *SettingsManager) GetConfigManagementPlugins() ([]v1alpha1.ConfigManagementPlugin, error) { + argoCDCM, err := mgr.getConfigMap() + if err != nil { + return nil, err + } + plugins := make([]v1alpha1.ConfigManagementPlugin, 0) + if value, ok := argoCDCM.Data[configManagementPluginsKey]; ok { + err := yaml.Unmarshal([]byte(value), &plugins) + if err != nil { + return nil, err + } + } + return plugins, nil +} + func (mgr *SettingsManager) GetDeepLinks(deeplinkType string) ([]DeepLink, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving argocd-cm: %w", err) + return nil, err } deepLinks := make([]DeepLink, 0) if value, ok := argoCDCM.Data[deeplinkType]; ok { err := yaml.Unmarshal([]byte(value), &deepLinks) if err != nil { - return nil, fmt.Errorf("error unmarshalling deep links %w", err) + return nil, err } } return deepLinks, nil @@ -774,7 +778,7 @@ func (mgr *SettingsManager) GetDeepLinks(deeplinkType string) ([]DeepLink, error func (mgr *SettingsManager) GetEnabledSourceTypes() (map[string]bool, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("failed to get argo-cd config map: %w", err) + return nil, err } res := map[string]bool{} for sourceType := range sourceTypeToEnableGenerationKey { @@ -790,59 +794,11 @@ func (mgr *SettingsManager) GetEnabledSourceTypes() (map[string]bool, error) { return res, nil } -func (mgr *SettingsManager) GetIgnoreResourceUpdatesOverrides() (map[string]v1alpha1.ResourceOverride, error) { - compareOptions, err := mgr.GetResourceCompareOptions() - if err != nil { - return nil, fmt.Errorf("failed to get compare options: %w", err) - } - - resourceOverrides, err := mgr.GetResourceOverrides() - if err != nil { - return nil, fmt.Errorf("failed to get resource overrides: %w", err) - } - - for k, v := range resourceOverrides { - resourceUpdates := v.IgnoreResourceUpdates - if compareOptions.IgnoreDifferencesOnResourceUpdates { - resourceUpdates.JQPathExpressions = append(resourceUpdates.JQPathExpressions, v.IgnoreDifferences.JQPathExpressions...) - resourceUpdates.JSONPointers = append(resourceUpdates.JSONPointers, v.IgnoreDifferences.JSONPointers...) - resourceUpdates.ManagedFieldsManagers = append(resourceUpdates.ManagedFieldsManagers, v.IgnoreDifferences.ManagedFieldsManagers...) - } - // Set the IgnoreDifferences because these are the overrides used by Normalizers - v.IgnoreDifferences = resourceUpdates - v.IgnoreResourceUpdates = v1alpha1.OverrideIgnoreDiff{} - resourceOverrides[k] = v - } - - if compareOptions.IgnoreDifferencesOnResourceUpdates { - log.Info("Using diffing customizations to ignore resource updates") - } - - addIgnoreDiffItemOverrideToGK(resourceOverrides, "*/*", "/metadata/resourceVersion") - addIgnoreDiffItemOverrideToGK(resourceOverrides, "*/*", "/metadata/generation") - addIgnoreDiffItemOverrideToGK(resourceOverrides, "*/*", "/metadata/managedFields") - - return resourceOverrides, nil -} - -func (mgr *SettingsManager) GetIsIgnoreResourceUpdatesEnabled() (bool, error) { - argoCDCM, err := mgr.getConfigMap() - if err != nil { - return false, fmt.Errorf("error retrieving config map: %w", err) - } - - if argoCDCM.Data[resourceIgnoreResourceUpdatesEnabledKey] == "" { - return false, nil - } - - return strconv.ParseBool(argoCDCM.Data[resourceIgnoreResourceUpdatesEnabledKey]) -} - // GetResourceOverrides loads Resource Overrides from argocd-cm ConfigMap func (mgr *SettingsManager) GetResourceOverrides() (map[string]v1alpha1.ResourceOverride, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving config map: %w", err) + return nil, err } resourceOverrides := map[string]v1alpha1.ResourceOverride{} if value, ok := argoCDCM.Data[resourceCustomizationsKey]; ok && value != "" { @@ -954,13 +910,6 @@ func (mgr *SettingsManager) appendResourceOverridesFromSplitKeys(cmData map[stri return err } overrideVal.IgnoreDifferences = overrideIgnoreDiff - case "ignoreResourceUpdates": - overrideIgnoreUpdate := v1alpha1.OverrideIgnoreDiff{} - err := yaml.Unmarshal([]byte(v), &overrideIgnoreUpdate) - if err != nil { - return err - } - overrideVal.IgnoreResourceUpdates = overrideIgnoreUpdate case "knownTypeFields": var knownTypeFields []v1alpha1.KnownTypeField err := yaml.Unmarshal([]byte(v), &knownTypeFields) @@ -990,7 +939,7 @@ func convertToOverrideKey(groupKind string) (string, error) { } func GetDefaultDiffOptions() ArgoCDDiffOptions { - return ArgoCDDiffOptions{IgnoreAggregatedRoles: false, IgnoreDifferencesOnResourceUpdates: false} + return ArgoCDDiffOptions{IgnoreAggregatedRoles: false} } // GetResourceCompareOptions loads the resource compare options settings from the ConfigMap @@ -1017,7 +966,7 @@ func (mgr *SettingsManager) GetResourceCompareOptions() (ArgoCDDiffOptions, erro func (mgr *SettingsManager) GetHelmSettings() (*v1alpha1.HelmOptions, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("failed to get argo-cd config map: %v", err) + return nil, err } helmOptions := &v1alpha1.HelmOptions{} if value, ok := argoCDCM.Data[helmValuesFileSchemesKey]; ok { @@ -1036,7 +985,7 @@ func (mgr *SettingsManager) GetHelmSettings() (*v1alpha1.HelmOptions, error) { func (mgr *SettingsManager) GetKustomizeSettings() (*KustomizeSettings, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving argocd-cm: %w", err) + return nil, err } kustomizeVersionsMap := map[string]KustomizeVersion{} buildOptions := map[string]string{} @@ -1053,7 +1002,7 @@ func (mgr *SettingsManager) GetKustomizeSettings() (*KustomizeSettings, error) { if strings.HasPrefix(k, kustomizeVersionKeyPrefix) { err = addKustomizeVersion(kustomizeVersionKeyPrefix, k, v, kustomizeVersionsMap) if err != nil { - return nil, fmt.Errorf("failed to add kustomize version from %q: %w", k, err) + return nil, err } } @@ -1061,7 +1010,7 @@ func (mgr *SettingsManager) GetKustomizeSettings() (*KustomizeSettings, error) { if strings.HasPrefix(k, kustomizePathPrefixKey) { err = addKustomizeVersion(kustomizePathPrefixKey, k, v, kustomizeVersionsMap) if err != nil { - return nil, fmt.Errorf("failed to add kustomize version from %q: %w", k, err) + return nil, err } } @@ -1096,14 +1045,14 @@ func addKustomizeVersion(prefix, name, path string, kvMap map[string]KustomizeVe func (mgr *SettingsManager) GetHelmRepositories() ([]HelmRepoCredentials, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving config map: %w", err) + return nil, err } helmRepositories := make([]HelmRepoCredentials, 0) helmRepositoriesStr := argoCDCM.Data[helmRepositoriesKey] if helmRepositoriesStr != "" { err := yaml.Unmarshal([]byte(helmRepositoriesStr), &helmRepositories) if err != nil { - return nil, fmt.Errorf("error unmarshalling helm repositories: %w", err) + return nil, err } } return helmRepositories, nil @@ -1121,7 +1070,7 @@ func (mgr *SettingsManager) GetRepositories() ([]Repository, error) { // Get the config map outside of the lock argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("failed to get argo-cd config map: %w", err) + return nil, err } mgr.mutex.Lock() @@ -1131,7 +1080,7 @@ func (mgr *SettingsManager) GetRepositories() ([]Repository, error) { if repositoriesStr != "" { err := yaml.Unmarshal([]byte(repositoriesStr), &repositories) if err != nil { - return nil, fmt.Errorf("failed to unmarshal repositories from config map key %q: %w", repositoriesKey, err) + return nil, err } } mgr.reposCache = repositories @@ -1181,7 +1130,7 @@ func (mgr *SettingsManager) GetRepositoryCredentials() ([]RepositoryCredentials, // Get the config map outside of the lock argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving config map: %w", err) + return nil, err } mgr.mutex.Lock() @@ -1202,7 +1151,7 @@ func (mgr *SettingsManager) GetRepositoryCredentials() ([]RepositoryCredentials, func (mgr *SettingsManager) GetGoogleAnalytics() (*GoogleAnalytics, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving config map: %w", err) + return nil, err } return &GoogleAnalytics{ TrackingID: argoCDCM.Data[gaTrackingID], @@ -1213,7 +1162,7 @@ func (mgr *SettingsManager) GetGoogleAnalytics() (*GoogleAnalytics, error) { func (mgr *SettingsManager) GetHelp() (*Help, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving config map: %w", err) + return nil, err } chatText, ok := argoCDCM.Data[helpChatText] if !ok { @@ -1238,15 +1187,15 @@ func (mgr *SettingsManager) GetSettings() (*ArgoCDSettings, error) { } argoCDCM, err := mgr.configmaps.ConfigMaps(mgr.namespace).Get(common.ArgoCDConfigMapName) if err != nil { - return nil, fmt.Errorf("error retrieving argocd-cm: %w", err) + return nil, err } argoCDSecret, err := mgr.secrets.Secrets(mgr.namespace).Get(common.ArgoCDSecretName) if err != nil { - return nil, fmt.Errorf("error retrieving argocd-secret: %w", err) + return nil, err } selector, err := labels.Parse(partOfArgoCDSelector) if err != nil { - return nil, fmt.Errorf("error parsing Argo CD selector %w", err) + return nil, err } secrets, err := mgr.secrets.Secrets(mgr.namespace).List(selector) if err != nil { @@ -1465,12 +1414,6 @@ func (mgr *SettingsManager) updateSettingsFromSecret(settings *ArgoCDSettings, a if gogsWebhookSecret := argoCDSecret.Data[settingsWebhookGogsSecretKey]; len(gogsWebhookSecret) > 0 { settings.WebhookGogsSecret = string(gogsWebhookSecret) } - if azureDevOpsUsername := argoCDSecret.Data[settingsWebhookAzureDevOpsUsernameKey]; len(azureDevOpsUsername) > 0 { - settings.WebhookAzureDevOpsUsername = string(azureDevOpsUsername) - } - if azureDevOpsPassword := argoCDSecret.Data[settingsWebhookAzureDevOpsPasswordKey]; len(azureDevOpsPassword) > 0 { - settings.WebhookAzureDevOpsPassword = string(azureDevOpsPassword) - } // The TLS certificate may be externally managed. We try to load it from an // external secret first. If the external secret doesn't exist, we either @@ -1590,12 +1533,6 @@ func (mgr *SettingsManager) SaveSettings(settings *ArgoCDSettings) error { if settings.WebhookGogsSecret != "" { argoCDSecret.Data[settingsWebhookGogsSecretKey] = []byte(settings.WebhookGogsSecret) } - if settings.WebhookAzureDevOpsUsername != "" { - argoCDSecret.Data[settingsWebhookAzureDevOpsUsernameKey] = []byte(settings.WebhookAzureDevOpsUsername) - } - if settings.WebhookAzureDevOpsPassword != "" { - argoCDSecret.Data[settingsWebhookAzureDevOpsPasswordKey] = []byte(settings.WebhookAzureDevOpsPassword) - } // we only write the certificate to the secret if it's not externally // managed. if settings.Certificate != nil && !settings.CertificateIsExternal { @@ -1743,26 +1680,13 @@ func (a *ArgoCDSettings) oidcConfig() *oidcConfig { if a.OIDCConfigRAW == "" { return nil } - configMap := map[string]interface{}{} - err := yaml.Unmarshal([]byte(a.OIDCConfigRAW), &configMap) - if err != nil { - log.Warnf("invalid oidc config: %v", err) - return nil - } - - configMap = ReplaceMapSecrets(configMap, a.Secrets) - data, err := yaml.Marshal(configMap) + config, err := unmarshalOIDCConfig(a.OIDCConfigRAW) if err != nil { log.Warnf("invalid oidc config: %v", err) return nil } - - config, err := unmarshalOIDCConfig(string(data)) - if err != nil { - log.Warnf("invalid oidc config: %v", err) - return nil - } - + config.ClientSecret = ReplaceStringSecret(config.ClientSecret, a.Secrets) + config.ClientID = ReplaceStringSecret(config.ClientID, a.Secrets) return &config } @@ -1977,7 +1901,7 @@ func (mgr *SettingsManager) InitializeSettings(insecureModeEnabled bool) (*ArgoC // set JWT signature signature, err := util.MakeSignature(32) if err != nil { - return nil, fmt.Errorf("error setting JWT signature: %w", err) + return nil, err } cdSettings.ServerSignature = signature log.Info("Initialized server signature") @@ -2053,42 +1977,6 @@ func (mgr *SettingsManager) InitializeSettings(insecureModeEnabled bool) (*ArgoC return cdSettings, nil } -// ReplaceMapSecrets takes a json object and recursively looks for any secret key references in the -// object and replaces the value with the secret value -func ReplaceMapSecrets(obj map[string]interface{}, secretValues map[string]string) map[string]interface{} { - newObj := make(map[string]interface{}) - for k, v := range obj { - switch val := v.(type) { - case map[string]interface{}: - newObj[k] = ReplaceMapSecrets(val, secretValues) - case []interface{}: - newObj[k] = replaceListSecrets(val, secretValues) - case string: - newObj[k] = ReplaceStringSecret(val, secretValues) - default: - newObj[k] = val - } - } - return newObj -} - -func replaceListSecrets(obj []interface{}, secretValues map[string]string) []interface{} { - newObj := make([]interface{}, len(obj)) - for i, v := range obj { - switch val := v.(type) { - case map[string]interface{}: - newObj[i] = ReplaceMapSecrets(val, secretValues) - case []interface{}: - newObj[i] = replaceListSecrets(val, secretValues) - case string: - newObj[i] = ReplaceStringSecret(val, secretValues) - default: - newObj[i] = val - } - } - return newObj -} - // ReplaceStringSecret checks if given string is a secret key reference ( starts with $ ) and returns corresponding value from provided map func ReplaceStringSecret(val string, secretValues map[string]string) string { if val == "" || !strings.HasPrefix(val, "$") { @@ -2107,14 +1995,14 @@ func ReplaceStringSecret(val string, secretValues map[string]string) string { func (mgr *SettingsManager) GetGlobalProjectsSettings() ([]GlobalProjectSettings, error) { argoCDCM, err := mgr.getConfigMap() if err != nil { - return nil, fmt.Errorf("error retrieving argocd-cm: %w", err) + return nil, err } globalProjectSettings := make([]GlobalProjectSettings, 0) if value, ok := argoCDCM.Data[globalProjectsKey]; ok { if value != "" { err := yaml.Unmarshal([]byte(value), &globalProjectSettings) if err != nil { - return nil, fmt.Errorf("error unmarshalling global project settings: %w", err) + return nil, err } } } diff --git a/util/settings/settings_test.go b/util/settings/settings_test.go index 07a2c268a6bd7..5326dca25c2ff 100644 --- a/util/settings/settings_test.go +++ b/util/settings/settings_test.go @@ -121,6 +121,25 @@ func TestGetResourceFilter(t *testing.T) { }, filter) } +func TestGetConfigManagementPlugins(t *testing.T) { + data := map[string]string{ + "configManagementPlugins": ` + - name: kasane + init: + command: [kasane, update] + generate: + command: [kasane, show]`, + } + _, settingsManager := fixtures(data) + plugins, err := settingsManager.GetConfigManagementPlugins() + assert.NoError(t, err) + assert.ElementsMatch(t, []v1alpha1.ConfigManagementPlugin{{ + Name: "kasane", + Init: &v1alpha1.Command{Command: []string{"kasane", "update"}}, + Generate: v1alpha1.Command{Command: []string{"kasane", "show"}}, + }}, plugins) +} + func TestInClusterServerAddressEnabled(t *testing.T) { _, settingsManager := fixtures(map[string]string{ "cluster.inClusterEnabled": "true", @@ -185,22 +204,6 @@ func TestGetServerRBACLogEnforceEnableKeyDefaultFalse(t *testing.T) { assert.Equal(t, false, serverRBACLogEnforceEnable) } -func TestGetIsIgnoreResourceUpdatesEnabled(t *testing.T) { - _, settingsManager := fixtures(map[string]string{ - "resource.ignoreResourceUpdatesEnabled": "true", - }) - ignoreResourceUpdatesEnabled, err := settingsManager.GetIsIgnoreResourceUpdatesEnabled() - assert.NoError(t, err) - assert.True(t, ignoreResourceUpdatesEnabled) -} - -func TestGetIsIgnoreResourceUpdatesEnabledDefaultFalse(t *testing.T) { - _, settingsManager := fixtures(nil) - ignoreResourceUpdatesEnabled, err := settingsManager.GetIsIgnoreResourceUpdatesEnabled() - assert.NoError(t, err) - assert.False(t, ignoreResourceUpdatesEnabled) -} - func TestGetServerRBACLogEnforceEnableKey(t *testing.T) { _, settingsManager := fixtures(map[string]string{ "server.rbac.log.enforce.enable": "true", @@ -226,12 +229,7 @@ func TestGetResourceOverrides(t *testing.T) { jsonPointers: - /webhooks/0/clientConfig/caBundle jqPathExpressions: - - .webhooks[0].clientConfig.caBundle - ignoreResourceUpdates: | - jsonPointers: - - /webhooks/1/clientConfig/caBundle - jqPathExpressions: - - .webhooks[1].clientConfig.caBundle`, + - .webhooks[0].clientConfig.caBundle`, }) overrides, err := settingsManager.GetResourceOverrides() assert.NoError(t, err) @@ -244,10 +242,6 @@ func TestGetResourceOverrides(t *testing.T) { JSONPointers: []string{"/webhooks/0/clientConfig/caBundle"}, JQPathExpressions: []string{".webhooks[0].clientConfig.caBundle"}, }, - IgnoreResourceUpdates: v1alpha1.OverrideIgnoreDiff{ - JSONPointers: []string{"/webhooks/1/clientConfig/caBundle"}, - JQPathExpressions: []string{".webhooks[1].clientConfig.caBundle"}, - }, }, webHookOverrides) // by default, crd status should be ignored @@ -349,9 +343,6 @@ func TestGetResourceOverrides_with_splitted_keys(t *testing.T) { ignoreDifferences: | jsonPointers: - foo - ignoreResourceUpdates: | - jsonPointers: - - foo certmanager.k8s.io/Certificate: health.lua.useOpenLibs: true health.lua: | @@ -374,8 +365,6 @@ func TestGetResourceOverrides_with_splitted_keys(t *testing.T) { assert.Equal(t, 2, len(overrides[crdGK].IgnoreDifferences.JSONPointers)) assert.Equal(t, 1, len(overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].IgnoreDifferences.JSONPointers)) assert.Equal(t, "foo", overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].IgnoreDifferences.JSONPointers[0]) - assert.Equal(t, 1, len(overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].IgnoreResourceUpdates.JSONPointers)) - assert.Equal(t, "foo", overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].IgnoreResourceUpdates.JSONPointers[0]) assert.Equal(t, "foo\n", overrides["certmanager.k8s.io/Certificate"].HealthLua) assert.Equal(t, true, overrides["certmanager.k8s.io/Certificate"].UseOpenLibs) assert.Equal(t, "foo\n", overrides["cert-manager.io/Certificate"].HealthLua) @@ -387,8 +376,6 @@ func TestGetResourceOverrides_with_splitted_keys(t *testing.T) { newData := map[string]string{ "resource.customizations.health.admissionregistration.k8s.io_MutatingWebhookConfiguration": "bar", "resource.customizations.ignoreDifferences.admissionregistration.k8s.io_MutatingWebhookConfiguration": `jsonPointers: - - bar`, - "resource.customizations.ignoreResourceUpdates.admissionregistration.k8s.io_MutatingWebhookConfiguration": `jsonPointers: - bar`, "resource.customizations.knownTypeFields.admissionregistration.k8s.io_MutatingWebhookConfiguration": ` - field: foo @@ -405,13 +392,9 @@ func TestGetResourceOverrides_with_splitted_keys(t *testing.T) { - bar`, "resource.customizations.ignoreDifferences.apps_Deployment": `jqPathExpressions: - bar`, - "resource.customizations.ignoreDifferences.all": `managedFieldsManagers: + "resource.customizations.ignoreDifferences.all": `managedFieldsManagers: - kube-controller-manager - argo-rollouts`, - "resource.customizations.ignoreResourceUpdates.iam-manager.k8s.io_Iamrole": `jsonPointers: - - bar`, - "resource.customizations.ignoreResourceUpdates.apps_Deployment": `jqPathExpressions: - - bar`, } crdGK := "apiextensions.k8s.io/CustomResourceDefinition" @@ -425,8 +408,6 @@ func TestGetResourceOverrides_with_splitted_keys(t *testing.T) { assert.Equal(t, "/spec/preserveUnknownFields", overrides[crdGK].IgnoreDifferences.JSONPointers[1]) assert.Equal(t, 1, len(overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].IgnoreDifferences.JSONPointers)) assert.Equal(t, "bar", overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].IgnoreDifferences.JSONPointers[0]) - assert.Equal(t, 1, len(overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].IgnoreResourceUpdates.JSONPointers)) - assert.Equal(t, "bar", overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].IgnoreResourceUpdates.JSONPointers[0]) assert.Equal(t, 1, len(overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].KnownTypeFields)) assert.Equal(t, "bar", overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].KnownTypeFields[0].Type) assert.Equal(t, "bar", overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"].HealthLua) @@ -444,9 +425,6 @@ func TestGetResourceOverrides_with_splitted_keys(t *testing.T) { assert.Equal(t, 2, len(overrides["*/*"].IgnoreDifferences.ManagedFieldsManagers)) assert.Equal(t, "kube-controller-manager", overrides["*/*"].IgnoreDifferences.ManagedFieldsManagers[0]) assert.Equal(t, "argo-rollouts", overrides["*/*"].IgnoreDifferences.ManagedFieldsManagers[1]) - assert.Equal(t, 1, len(overrides["iam-manager.k8s.io/Iamrole"].IgnoreResourceUpdates.JSONPointers)) - assert.Equal(t, 1, len(overrides["apps/Deployment"].IgnoreResourceUpdates.JQPathExpressions)) - assert.Equal(t, "bar", overrides["apps/Deployment"].IgnoreResourceUpdates.JQPathExpressions[0]) }) t.Run("SplitKeysCompareOptionsAll", func(t *testing.T) { @@ -492,64 +470,6 @@ func mergemaps(mapA map[string]string, mapB map[string]string) map[string]string return mapB } -func TestGetIgnoreResourceUpdatesOverrides(t *testing.T) { - allDefault := v1alpha1.ResourceOverride{IgnoreDifferences: v1alpha1.OverrideIgnoreDiff{ - JSONPointers: []string{"/metadata/resourceVersion", "/metadata/generation", "/metadata/managedFields"}, - }} - allGK := "*/*" - - testCustomizations := map[string]string{ - "resource.customizations": ` - admissionregistration.k8s.io/MutatingWebhookConfiguration: - ignoreDifferences: | - jsonPointers: - - /webhooks/0/clientConfig/caBundle - jqPathExpressions: - - .webhooks[0].clientConfig.caBundle - ignoreResourceUpdates: | - jsonPointers: - - /webhooks/1/clientConfig/caBundle - jqPathExpressions: - - .webhooks[1].clientConfig.caBundle`, - } - - _, settingsManager := fixtures(testCustomizations) - overrides, err := settingsManager.GetIgnoreResourceUpdatesOverrides() - assert.NoError(t, err) - - // default overrides should always be present - allOverrides := overrides[allGK] - assert.NotNil(t, allOverrides) - assert.Equal(t, allDefault, allOverrides) - - // without ignoreDifferencesOnResourceUpdates, only ignoreResourceUpdates should be added - assert.NotNil(t, overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"]) - assert.Equal(t, v1alpha1.ResourceOverride{ - IgnoreDifferences: v1alpha1.OverrideIgnoreDiff{ - JSONPointers: []string{"/webhooks/1/clientConfig/caBundle"}, - JQPathExpressions: []string{".webhooks[1].clientConfig.caBundle"}, - }, - IgnoreResourceUpdates: v1alpha1.OverrideIgnoreDiff{}, - }, overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"]) - - // with ignoreDifferencesOnResourceUpdates, ignoreDifferences should be added - _, settingsManager = fixtures(mergemaps(testCustomizations, map[string]string{ - "resource.compareoptions": ` - ignoreDifferencesOnResourceUpdates: true`, - })) - overrides, err = settingsManager.GetIgnoreResourceUpdatesOverrides() - assert.NoError(t, err) - - assert.NotNil(t, overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"]) - assert.Equal(t, v1alpha1.ResourceOverride{ - IgnoreDifferences: v1alpha1.OverrideIgnoreDiff{ - JSONPointers: []string{"/webhooks/1/clientConfig/caBundle", "/webhooks/0/clientConfig/caBundle"}, - JQPathExpressions: []string{".webhooks[1].clientConfig.caBundle", ".webhooks[0].clientConfig.caBundle"}, - }, - IgnoreResourceUpdates: v1alpha1.OverrideIgnoreDiff{}, - }, overrides["admissionregistration.k8s.io/MutatingWebhookConfiguration"]) -} - func TestConvertToOverrideKey(t *testing.T) { key, err := convertToOverrideKey("cert-manager.io_Certificate") assert.NoError(t, err) @@ -587,26 +507,6 @@ func TestGetResourceCompareOptions(t *testing.T) { assert.False(t, compareOptions.IgnoreAggregatedRoles) } - // ignoreDifferencesOnResourceUpdates is true - { - _, settingsManager := fixtures(map[string]string{ - "resource.compareoptions": "ignoreDifferencesOnResourceUpdates: true", - }) - compareOptions, err := settingsManager.GetResourceCompareOptions() - assert.NoError(t, err) - assert.True(t, compareOptions.IgnoreDifferencesOnResourceUpdates) - } - - // ignoreDifferencesOnResourceUpdates is false - { - _, settingsManager := fixtures(map[string]string{ - "resource.compareoptions": "ignoreDifferencesOnResourceUpdates: false", - }) - compareOptions, err := settingsManager.GetResourceCompareOptions() - assert.NoError(t, err) - assert.False(t, compareOptions.IgnoreDifferencesOnResourceUpdates) - } - // The empty resource.compareoptions should result in default being returned { _, settingsManager := fixtures(map[string]string{ @@ -616,7 +516,6 @@ func TestGetResourceCompareOptions(t *testing.T) { defaultOptions := GetDefaultDiffOptions() assert.NoError(t, err) assert.Equal(t, defaultOptions.IgnoreAggregatedRoles, compareOptions.IgnoreAggregatedRoles) - assert.Equal(t, defaultOptions.IgnoreDifferencesOnResourceUpdates, compareOptions.IgnoreDifferencesOnResourceUpdates) } // resource.compareoptions not defined - should result in default being returned @@ -626,7 +525,6 @@ func TestGetResourceCompareOptions(t *testing.T) { defaultOptions := GetDefaultDiffOptions() assert.NoError(t, err) assert.Equal(t, defaultOptions.IgnoreAggregatedRoles, compareOptions.IgnoreAggregatedRoles) - assert.Equal(t, defaultOptions.IgnoreDifferencesOnResourceUpdates, compareOptions.IgnoreDifferencesOnResourceUpdates) } } @@ -696,7 +594,7 @@ func TestSettingsManager_GetKustomizeBuildOptions(t *testing.T) { }) got, err := settingsManager.GetKustomizeSettings() - assert.ErrorContains(t, err, "found duplicate kustomize version: v3.2.1") + assert.EqualError(t, err, "found duplicate kustomize version: v3.2.1") assert.Empty(t, got) }) @@ -1241,7 +1139,7 @@ func TestDownloadArgoCDBinaryUrls(t *testing.T) { func TestSecretKeyRef(t *testing.T) { data := map[string]string{ "oidc.config": `name: Okta -issuer: $acme:issuerSecret +issuer: https://dev-123456.oktapreview.com clientID: aaaabbbbccccddddeee clientSecret: $acme:clientSecret # Optional set of OIDC scopes to request. If omitted, defaults to: ["openid", "profile", "email", "groups"] @@ -1278,7 +1176,6 @@ requestedIDTokenClaims: {"groups": {"essential": true}}`, }, }, Data: map[string][]byte{ - "issuerSecret": []byte("https://dev-123456.oktapreview.com"), "clientSecret": []byte("deadbeef"), }, } @@ -1289,7 +1186,6 @@ requestedIDTokenClaims: {"groups": {"essential": true}}`, assert.NoError(t, err) oidcConfig := settings.OIDCConfig() - assert.Equal(t, oidcConfig.Issuer, "https://dev-123456.oktapreview.com") assert.Equal(t, oidcConfig.ClientSecret, "deadbeef") } @@ -1548,18 +1444,3 @@ allowedAudiences: ["aud1", "aud2"]`}, }) } } - -func TestReplaceStringSecret(t *testing.T) { - secretValues := map[string]string{"my-secret-key": "my-secret-value"} - result := ReplaceStringSecret("$my-secret-key", secretValues) - assert.Equal(t, "my-secret-value", result) - - result = ReplaceStringSecret("$invalid-secret-key", secretValues) - assert.Equal(t, "$invalid-secret-key", result) - - result = ReplaceStringSecret("", secretValues) - assert.Equal(t, "", result) - - result = ReplaceStringSecret("my-value", secretValues) - assert.Equal(t, "my-value", result) -} diff --git a/util/tls/tls.go b/util/tls/tls.go index 5e18c8eb75cda..d963eed55cee7 100644 --- a/util/tls/tls.go +++ b/util/tls/tls.go @@ -123,11 +123,11 @@ func tlsVersionsToStr(versions []uint16) []string { func getTLSConfigCustomizer(minVersionStr, maxVersionStr, tlsCiphersStr string) (ConfigCustomizer, error) { minVersion, err := getTLSVersionByString(minVersionStr) if err != nil { - return nil, fmt.Errorf("error retrieving TLS version by min version %q: %w", minVersionStr, err) + return nil, err } maxVersion, err := getTLSVersionByString(maxVersionStr) if err != nil { - return nil, fmt.Errorf("error retrieving TLS version by max version %q: %w", maxVersionStr, err) + return nil, err } if minVersion > maxVersion { return nil, fmt.Errorf("Minimum TLS version %s must not be higher than maximum TLS version %s", minVersionStr, maxVersionStr) @@ -153,7 +153,7 @@ func getTLSConfigCustomizer(minVersionStr, maxVersionStr, tlsCiphersStr string) if tlsCiphersStr != "" { cipherSuites, err = getTLSCipherSuitesByString(tlsCiphersStr) if err != nil { - return nil, fmt.Errorf("error retrieving TLS cipher suites: %w", err) + return nil, err } } else { cipherSuites = make([]uint16, 0) @@ -309,7 +309,7 @@ func generatePEM(opts CertOptions) ([]byte, []byte, error) { func GenerateX509KeyPair(opts CertOptions) (*tls.Certificate, error) { certpem, keypem, err := generatePEM(opts) if err != nil { - return nil, fmt.Errorf("error generating X509 key pair: %w", err) + return nil, err } cert, err := tls.X509KeyPair(certpem, keypem) if err != nil { @@ -420,7 +420,7 @@ func CreateServerTLSConfig(tlsCertPath, tlsKeyPath string, hosts []string) (*tls IsCA: false, }) if err != nil { - return nil, fmt.Errorf("error generating X509 key pair: %w", err) + return nil, err } cert = c } else { diff --git a/util/tls/tls_test.go b/util/tls/tls_test.go index f103d035a964d..69d8dc2e2e757 100644 --- a/util/tls/tls_test.go +++ b/util/tls/tls_test.go @@ -405,7 +405,7 @@ func getCert(pemCerts []byte) (*x509.Certificate, error) { certBytes := block.Bytes cert, err := x509.ParseCertificate(certBytes) if err != nil { - return nil, fmt.Errorf("error parsing certificate: %w", err) + return nil, err } return cert, nil } @@ -413,7 +413,7 @@ func getCert(pemCerts []byte) (*x509.Certificate, error) { func getCertFromFile(path string) (*x509.Certificate, error) { certBytes, err := os.ReadFile(path) if err != nil { - return nil, fmt.Errorf("error reading file: %w", err) + return nil, err } return getCert(certBytes) } diff --git a/util/webhook/testdata/azuredevops-git-push-event.json b/util/webhook/testdata/azuredevops-git-push-event.json deleted file mode 100644 index 102e7f08aab3d..0000000000000 --- a/util/webhook/testdata/azuredevops-git-push-event.json +++ /dev/null @@ -1,107 +0,0 @@ -{ - "subscriptionId": "8fd412f1-9873-4b45-8854-655b1b8a2eff", - "notificationId": 2, - "id": "09b0b950-47fa-4f45-8b65-5a22686314f8", - "eventType": "git.push", - "publisherId": "tfs", - "message": { - "text": "Alexander Matyushentsev pushed updates to alex-test:master\r\n(https://dev.azure.com/alexander0053/alex-test/_git/alex-test/#version=GBmaster)", - "html": "Alexander Matyushentsev pushed updates to alex-test:master", - "markdown": "Alexander Matyushentsev pushed updates to [alex-test](https://dev.azure.com/alexander0053/alex-test/_git/alex-test/):[master](https://dev.azure.com/alexander0053/alex-test/_git/alex-test/#version=GBmaster)" - }, - "detailedMessage": { - "text": "Alexander Matyushentsev pushed a commit to alex-test:master\r\n - draft 298a79aa (https://dev.azure.com/alexander0053/alex-test/_git/alex-test/commit/298a79aa1552799a70718a0ee914d153d5a1a76b)", - "html": "Alexander Matyushentsev pushed a commit to alex-test:master\r\n", - "markdown": "Alexander Matyushentsev pushed a commit to [alex-test](https://dev.azure.com/alexander0053/alex-test/_git/alex-test/):[master](https://dev.azure.com/alexander0053/alex-test/_git/alex-test/#version=GBmaster)\r\n* draft [298a79aa](https://dev.azure.com/alexander0053/alex-test/_git/alex-test/commit/298a79aa1552799a70718a0ee914d153d5a1a76b)" - }, - "resource": { - "commits": [ - { - "commitId": "298a79aa1552799a70718a0ee914d153d5a1a76b", - "author": { - "name": "Alexander Matyushentsev", - "email": "AMatyushentsev@gmail.com", - "date": "2023-08-09T00:45:39Z" - }, - "committer": { - "name": "Alexander Matyushentsev", - "email": "AMatyushentsev@gmail.com", - "date": "2023-08-09T00:45:39Z" - }, - "comment": "draft\n\nSigned-off-by: Alexander Matyushentsev ", - "url": "https://dev.azure.com/alexander0053/_apis/git/repositories/ba2967cc-02c2-414c-8d10-1b99197cbaa6/commits/298a79aa1552799a70718a0ee914d153d5a1a76b" - } - ], - "refUpdates": [ - { - "name": "refs/heads/master", - "oldObjectId": "fa51eeb1e50b98293ce281e6d5492b9decae613b", - "newObjectId": "298a79aa1552799a70718a0ee914d153d5a1a76b" - } - ], - "repository": { - "id": "ba2967cc-02c2-414c-8d10-1b99197cbaa6", - "name": "alex-test", - "url": "https://dev.azure.com/alexander0053/_apis/git/repositories/ba2967cc-02c2-414c-8d10-1b99197cbaa6", - "project": { - "id": "ab1c194f-94fa-4d1a-87ff-e9458637d060", - "name": "alex-test", - "url": "https://dev.azure.com/alexander0053/_apis/projects/ab1c194f-94fa-4d1a-87ff-e9458637d060", - "state": "wellFormed", - "visibility": "unchanged", - "lastUpdateTime": "0001-01-01T00:00:00" - }, - "defaultBranch": "refs/heads/master", - "remoteUrl": "https://dev.azure.com/alexander0053/alex-test/_git/alex-test" - }, - "pushedBy": { - "displayName": "Alexander Matyushentsev", - "url": "https://spsprodcus4.vssps.visualstudio.com/A7a73fd0c-d080-434d-a8b4-0b4c0217e290/_apis/Identities/07220d5e-521c-683d-982c-726e80086d08", - "_links": { - "avatar": { - "href": "https://dev.azure.com/alexander0053/_apis/GraphProfile/MemberAvatars/aad.MDcyMjBkNWUtNTIxYy03ODNkLTk4MmMtNzI2ZTgwMDg2ZDA4" - } - }, - "id": "07220d5e-521c-683d-982c-726e80086d08", - "uniqueName": "alexander@akuity.onmicrosoft.com", - "imageUrl": "https://dev.azure.com/alexander0053/_api/_common/identityImage?id=07220d5e-521c-683d-982c-726e80086d08", - "descriptor": "aad.MDcyMjBkNWUtNTIxYy03ODNkLTk4MmMtNzI2ZTgwMDg2ZDA4" - }, - "pushId": 4, - "date": "2023-08-09T00:45:42.8315767Z", - "url": "https://dev.azure.com/alexander0053/_apis/git/repositories/ba2967cc-02c2-414c-8d10-1b99197cbaa6/pushes/4", - "_links": { - "self": { - "href": "https://dev.azure.com/alexander0053/_apis/git/repositories/ba2967cc-02c2-414c-8d10-1b99197cbaa6/pushes/4" - }, - "repository": { - "href": "https://dev.azure.com/alexander0053/ab1c194f-94fa-4d1a-87ff-e9458637d060/_apis/git/repositories/ba2967cc-02c2-414c-8d10-1b99197cbaa6" - }, - "commits": { - "href": "https://dev.azure.com/alexander0053/_apis/git/repositories/ba2967cc-02c2-414c-8d10-1b99197cbaa6/pushes/4/commits" - }, - "pusher": { - "href": "https://spsprodcus4.vssps.visualstudio.com/A7a73fd0c-d080-434d-a8b4-0b4c0217e290/_apis/Identities/07220d5e-521c-683d-982c-726e80086d08" - }, - "refs": { - "href": "https://dev.azure.com/alexander0053/ab1c194f-94fa-4d1a-87ff-e9458637d060/_apis/git/repositories/ba2967cc-02c2-414c-8d10-1b99197cbaa6/refs/heads/master" - } - } - }, - "resourceVersion": "1.0", - "resourceContainers": { - "collection": { - "id": "d54a3f95-82a0-47c4-8444-00da7391d976", - "baseUrl": "https://dev.azure.com/alexander0053/" - }, - "account": { - "id": "7a73fd0c-d080-434d-a8b4-0b4c0217e290", - "baseUrl": "https://dev.azure.com/alexander0053/" - }, - "project": { - "id": "ab1c194f-94fa-4d1a-87ff-e9458637d060", - "baseUrl": "https://dev.azure.com/alexander0053/" - } - }, - "createdDate": "2023-08-09T00:45:49.3448928Z" -} \ No newline at end of file diff --git a/util/webhook/webhook.go b/util/webhook/webhook.go index 9955540ea04a9..16b6b0b511f3b 100644 --- a/util/webhook/webhook.go +++ b/util/webhook/webhook.go @@ -4,6 +4,7 @@ import ( "context" "errors" "fmt" + "github.com/argoproj/argo-cd/v2/util/glob" "html" "net/http" "net/url" @@ -11,14 +12,13 @@ import ( "regexp" "strings" - "github.com/go-playground/webhooks/v6/azuredevops" - "github.com/go-playground/webhooks/v6/bitbucket" - bitbucketserver "github.com/go-playground/webhooks/v6/bitbucket-server" - "github.com/go-playground/webhooks/v6/github" - "github.com/go-playground/webhooks/v6/gitlab" - "github.com/go-playground/webhooks/v6/gogs" gogsclient "github.com/gogits/go-gogs-client" log "github.com/sirupsen/logrus" + "gopkg.in/go-playground/webhooks.v5/bitbucket" + bitbucketserver "gopkg.in/go-playground/webhooks.v5/bitbucket-server" + "gopkg.in/go-playground/webhooks.v5/github" + "gopkg.in/go-playground/webhooks.v5/gitlab" + "gopkg.in/go-playground/webhooks.v5/gogs" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/argoproj/argo-cd/v2/common" @@ -28,7 +28,6 @@ import ( servercache "github.com/argoproj/argo-cd/v2/server/cache" "github.com/argoproj/argo-cd/v2/util/argo" "github.com/argoproj/argo-cd/v2/util/db" - "github.com/argoproj/argo-cd/v2/util/glob" "github.com/argoproj/argo-cd/v2/util/security" "github.com/argoproj/argo-cd/v2/util/settings" ) @@ -42,26 +41,21 @@ type settingsSource interface { // https://github.com/shadow-maint/shadow/blob/master/libmisc/chkname.c#L36 const usernameRegex = `[a-zA-Z0-9_\.][a-zA-Z0-9_\.-]{0,30}[a-zA-Z0-9_\.\$-]?` -var ( - _ settingsSource = &settings.SettingsManager{} - errBasicAuthVerificationFailed = errors.New("basic auth verification failed") -) +var _ settingsSource = &settings.SettingsManager{} type ArgoCDWebhookHandler struct { - repoCache *cache.Cache - serverCache *servercache.Cache - db db.ArgoDB - ns string - appNs []string - appClientset appclientset.Interface - github *github.Webhook - gitlab *gitlab.Webhook - bitbucket *bitbucket.Webhook - bitbucketserver *bitbucketserver.Webhook - azuredevops *azuredevops.Webhook - azuredevopsAuthHandler func(r *http.Request) error - gogs *gogs.Webhook - settingsSrc settingsSource + repoCache *cache.Cache + serverCache *servercache.Cache + db db.ArgoDB + ns string + appNs []string + appClientset appclientset.Interface + github *github.Webhook + gitlab *gitlab.Webhook + bitbucket *bitbucket.Webhook + bitbucketserver *bitbucketserver.Webhook + gogs *gogs.Webhook + settingsSrc settingsSource } func NewHandler(namespace string, applicationNamespaces []string, appClientset appclientset.Interface, set *settings.ArgoCDSettings, settingsSrc settingsSource, repoCache *cache.Cache, serverCache *servercache.Cache, argoDB db.ArgoDB) *ArgoCDWebhookHandler { @@ -85,35 +79,20 @@ func NewHandler(namespace string, applicationNamespaces []string, appClientset a if err != nil { log.Warnf("Unable to init the Gogs webhook") } - azuredevopsWebhook, err := azuredevops.New() - if err != nil { - log.Warnf("Unable to init the Azure DevOps webhook") - } - azuredevopsAuthHandler := func(r *http.Request) error { - if set.WebhookAzureDevOpsUsername != "" && set.WebhookAzureDevOpsPassword != "" { - username, password, ok := r.BasicAuth() - if !ok || username != set.WebhookAzureDevOpsUsername || password != set.WebhookAzureDevOpsPassword { - return errBasicAuthVerificationFailed - } - } - return nil - } acdWebhook := ArgoCDWebhookHandler{ - ns: namespace, - appNs: applicationNamespaces, - appClientset: appClientset, - github: githubWebhook, - gitlab: gitlabWebhook, - bitbucket: bitbucketWebhook, - bitbucketserver: bitbucketserverWebhook, - azuredevops: azuredevopsWebhook, - azuredevopsAuthHandler: azuredevopsAuthHandler, - gogs: gogsWebhook, - settingsSrc: settingsSrc, - repoCache: repoCache, - serverCache: serverCache, - db: argoDB, + ns: namespace, + appNs: applicationNamespaces, + appClientset: appClientset, + github: githubWebhook, + gitlab: gitlabWebhook, + bitbucket: bitbucketWebhook, + bitbucketserver: bitbucketserverWebhook, + gogs: gogsWebhook, + settingsSrc: settingsSrc, + repoCache: repoCache, + serverCache: serverCache, + db: argoDB, } return &acdWebhook @@ -128,14 +107,6 @@ func parseRevision(ref string) string { // the revision, and whether or not this affected origin/HEAD (the default branch of the repository) func affectedRevisionInfo(payloadIf interface{}) (webURLs []string, revision string, change changeInfo, touchedHead bool, changedFiles []string) { switch payload := payloadIf.(type) { - case azuredevops.GitPushEvent: - // See: https://learn.microsoft.com/en-us/azure/devops/service-hooks/events?view=azure-devops#git.push - webURLs = append(webURLs, payload.Resource.Repository.RemoteURL) - revision = parseRevision(payload.Resource.RefUpdates[0].Name) - change.shaAfter = parseRevision(payload.Resource.RefUpdates[0].NewObjectID) - change.shaBefore = parseRevision(payload.Resource.RefUpdates[0].OldObjectID) - touchedHead = payload.Resource.RefUpdates[0].Name == payload.Resource.Repository.DefaultBranch - // unfortunately, Azure DevOps doesn't provide a list of changed files case github.PushPayload: // See: https://developer.github.com/v3/activity/events/types/#pushevent webURLs = append(webURLs, payload.Repository.HTMLURL) @@ -459,14 +430,6 @@ func (a *ArgoCDWebhookHandler) Handler(w http.ResponseWriter, r *http.Request) { var err error switch { - case r.Header.Get("X-Vss-Activityid") != "": - if err = a.azuredevopsAuthHandler(r); err != nil { - if errors.Is(err, errBasicAuthVerificationFailed) { - log.WithField(common.SecurityField, common.SecurityHigh).Infof("Azure DevOps webhook basic auth verification failed") - } - } else { - payload, err = a.azuredevops.Parse(r, azuredevops.GitPushEventType) - } //Gogs needs to be checked before GitHub since it carries both Gogs and (incompatible) GitHub headers case r.Header.Get("X-Gogs-Event") != "": payload, err = a.gogs.Parse(r, gogs.PushEvent) @@ -479,7 +442,7 @@ func (a *ArgoCDWebhookHandler) Handler(w http.ResponseWriter, r *http.Request) { log.WithField(common.SecurityField, common.SecurityHigh).Infof("GitHub webhook HMAC verification failed") } case r.Header.Get("X-Gitlab-Event") != "": - payload, err = a.gitlab.Parse(r, gitlab.PushEvents, gitlab.TagEvents, gitlab.SystemHookEvents) + payload, err = a.gitlab.Parse(r, gitlab.PushEvents, gitlab.TagEvents) if errors.Is(err, gitlab.ErrGitLabTokenVerificationFailed) { log.WithField(common.SecurityField, common.SecurityHigh).Infof("GitLab webhook token verification failed") } diff --git a/util/webhook/webhook_test.go b/util/webhook/webhook_test.go index b241d7c671841..a690f45f99ac0 100644 --- a/util/webhook/webhook_test.go +++ b/util/webhook/webhook_test.go @@ -5,19 +5,18 @@ import ( "encoding/json" "fmt" "io" + "k8s.io/apimachinery/pkg/types" "net/http" "net/http/httptest" "os" "testing" "time" - "k8s.io/apimachinery/pkg/types" - - "github.com/go-playground/webhooks/v6/bitbucket" - bitbucketserver "github.com/go-playground/webhooks/v6/bitbucket-server" - "github.com/go-playground/webhooks/v6/github" - "github.com/go-playground/webhooks/v6/gitlab" gogsclient "github.com/gogits/go-gogs-client" + "gopkg.in/go-playground/webhooks.v5/bitbucket" + bitbucketserver "gopkg.in/go-playground/webhooks.v5/bitbucket-server" + "gopkg.in/go-playground/webhooks.v5/github" + "gopkg.in/go-playground/webhooks.v5/gitlab" "k8s.io/apimachinery/pkg/runtime" kubetesting "k8s.io/client-go/testing" @@ -90,22 +89,6 @@ func TestGitHubCommitEvent(t *testing.T) { hook.Reset() } -func TestAzureDevOpsCommitEvent(t *testing.T) { - hook := test.NewGlobal() - h := NewMockHandler(nil, []string{}) - req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil) - req.Header.Set("X-Vss-Activityid", "abc") - eventJSON, err := os.ReadFile("testdata/azuredevops-git-push-event.json") - assert.NoError(t, err) - req.Body = io.NopCloser(bytes.NewReader(eventJSON)) - w := httptest.NewRecorder() - h.Handler(w, req) - assert.Equal(t, w.Code, http.StatusOK) - expectedLogResult := "Received push event repo: https://dev.azure.com/alexander0053/alex-test/_git/alex-test, revision: master, touchedHead: true" - assert.Equal(t, expectedLogResult, hook.LastEntry().Message) - hook.Reset() -} - // TestGitHubCommitEvent_MultiSource_Refresh makes sure that a webhook will refresh a multi-source app when at least // one source matches. func TestGitHubCommitEvent_MultiSource_Refresh(t *testing.T) { @@ -354,22 +337,6 @@ func TestGitLabPushEvent(t *testing.T) { hook.Reset() } -func TestGitLabSystemEvent(t *testing.T) { - hook := test.NewGlobal() - h := NewMockHandler(nil, []string{}) - req := httptest.NewRequest(http.MethodPost, "/api/webhook", nil) - req.Header.Set("X-Gitlab-Event", "System Hook") - eventJSON, err := os.ReadFile("testdata/gitlab-event.json") - assert.NoError(t, err) - req.Body = io.NopCloser(bytes.NewReader(eventJSON)) - w := httptest.NewRecorder() - h.Handler(w, req) - assert.Equal(t, w.Code, http.StatusOK) - expectedLogResult := "Received push event repo: https://gitlab/group/name, revision: master, touchedHead: true" - assert.Equal(t, expectedLogResult, hook.LastEntry().Message) - hook.Reset() -} - func TestInvalidMethod(t *testing.T) { hook := test.NewGlobal() h := NewMockHandler(nil, []string{})